{ "metadata": { "generated_at": "2026-04-19T03:09:17.580873Z", "total_modules": 1083, "total_historical_modules": 4150, "total_modules_in_process": 331, "total_certificates_with_algorithms": 1610, "total_certificate_details": 5233, "source": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/validated-modules/search", "modules_in_process_source": "https://csrc.nist.gov/Projects/cryptographic-module-validation-program/modules-in-process/modules-in-process-list", "algorithm_source": "firecrawl", "algorithm_cache_version": "2026-04-15-legacy-v1", "version": "3.0" }, "modules": [ { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/5059", "Certificate Number": "5059", "Vendor Name": "Proofpoint Inc.", "Module Name": "Proofpoint Cryptographic Module", "Module Type": "Software", "Validation Date": "09/16/2025", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp5059.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/5059", "detail_available": true, "module_name": "Proofpoint Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security-relevant modification to Cert. #2038", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The module is a cryptographic component to be used by the various Proofpoint security products. The module is designed to meet Level 1 requirements of FIPS 140-2 standard. The module is a cryptographic library that provides a variety of cryptographic services including SSH, HTTPS, etc.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4958", "Certificate Number": "4958", "Vendor Name": "Tellabs Enterprise, Inc.", "Module Name": "Tellabs Panorama PON Manager Cryptographic Module", "Module Type": "Software", "Validation Date": "02/06/2025", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4958.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4958", "detail_available": true, "module_name": "Tellabs Panorama PON Manager Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Tellabs Panorama PON Manager Cryptographic Module is a standards-based cryptographic engine for the PanoramaPON management application. The module delivers core cryptographic functions for securing communication to Tellabs Optical LAN networking equipment.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4932", "Certificate Number": "4932", "Vendor Name": "DIGISTOR", "Module Name": "DIGISTOR® C SERIES ADVANCED SSD", "Module Type": "Hardware", "Validation Date": "12/23/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4932.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4932", "detail_available": true, "module_name": "DIGISTOR® C SERIES ADVANCED SSD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in the Security Rules Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "DIGISTOR® C Series Advanced SSDs provide endpoint security for Data at Rest. These are FIPS 140-2 L2-certified with AES 256-bit encryption. Firmware renders secured portions of the drive unreadable at the sector level. Authentication keys from user-supplied credentials use the maximum length allowed; keys are not stored in their final form. Zero-trust access prevents data breaches and ransomware attacks. Keep Alive heartbeat automatically hides secured data. Unerasable data access logs provide audit trails. Data destruction verification ensures that data was erased." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4803", "Certificate Number": "4803", "Vendor Name": "Intelligent Memory EMEA GmbH", "Module Name": "IM TCG Opal SSC SSD Series", "Module Type": "Hardware", "Validation Date": "09/18/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4803.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4803", "detail_available": true, "module_name": "IM TCG Opal SSC SSD Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in the Security Rules Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "IM TCG Opal SSC SSD Series are high-performance, self-encrypting solid state (Flash) drives that support either the SATA or NVMe interface. User data is protected by an AES-256XTS on-the-fly hardware encryption algorithm that does not compromise data transfer rates. This SS series implements several FIPS approved cryptographic algorithms. The FIPS approved services are provided via the TCG Opal protocol.", "algorithms": [ "AES", "DRBG", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4781", "Certificate Number": "4781", "Vendor Name": "SafeLogic Inc.", "Module Name": "CryptoComply 140-3 FIPS Provider", "Module Type": "Software", "Validation Date": "08/27/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4781.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4781", "detail_available": true, "module_name": "CryptoComply 140-3 FIPS Provider", "standard": "FIPS 140-3", "status": "Historical", "overall_level": 1, "caveat": "Interim validation. When installed, initialized and configured as specified in Section 11.1 of the Security Policy. No assurance of the minimum strength of generated SSPs (e.g., keys) and random strings. No assurance of minimum security of SSPs (e.g., keys, bit strings) that are externally loaded, or of SSPs established with externally loaded SSPs", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "CryptoComply 140-3 FIPS Provider is a standards-based “Drop-in Compliance™” cryptographic engine. The module delivers core cryptographic functions to applications such as servers, personal computers, mobile devices, and appliances. The module features robust algorithm support, including CNSA algorithms. The module delivers cryptographic services to host applications through a C language Application Programming Interface (API)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4769", "Certificate Number": "4769", "Vendor Name": "Gigamon Inc.", "Module Name": "Gigamon's SL-FJA (SafeLogic FIPS Java API)", "Module Type": "Software", "Validation Date": "08/20/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4769.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4769", "detail_available": true, "module_name": "Gigamon's SL-FJA (SafeLogic FIPS Java API)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Gigamon's SL-FJA (SafeLogic FIPS Java API) is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4767", "Certificate Number": "4767", "Vendor Name": "Zebra Technologies Corporation", "Module Name": "Zebra 8887 Cryptographic Module", "Module Type": "Firmware-hybrid", "Validation Date": "08/19/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4767.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4767", "module_name": "Zebra 8887 Cryptographic Module", "standard": "FIPS 140-3", "status": "Historical", "overall_level": 1, "caveat": "Interim Validation", "module_type": "Firmware-hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The Zebra 8887 Cryptographic Module implements cryptographic support for Zebra wireless devices.", "detail_available": true }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4714", "Certificate Number": "4714", "Vendor Name": "Informatica", "Module Name": "Informatica Crypto Platform (ICP) Library", "Module Type": "Software", "Validation Date": "06/28/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4714.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4714", "detail_available": true, "module_name": "Informatica Crypto Platform (ICP) Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Informatica Crypto Platform (ICP) Library is a software library providing a C-language application program interface (API) for use by applications that require cryptographic functionality.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4697", "Certificate Number": "4697", "Vendor Name": "Dell Australia Pty Limited, BSAFE Product Team", "Module Name": "BSAFE™ Java Crypto Module 6.3", "Module Type": "Software", "Validation Date": "04/30/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4697.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4697", "detail_available": true, "module_name": "BSAFE™ Java Crypto Module 6.3", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Crypto-J software library is designed for developers to incorporate FIPS 140-2 approved cryptography into Java-based products. Crypto-J security software helps protect sensitive data as it is stored, using strong encryption techniques that ease integration with existing data models. Using the capabilities of Crypto-J software in applications helps provide a persistent level of protection for data, lessening the risk of internal, as well as external, compromise." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4696", "Certificate Number": "4696", "Vendor Name": "Dell Australia Pty Limited, BSAFE Product Team", "Module Name": "BSAFE™ Java Crypto Module 6.3", "Module Type": "Software", "Validation Date": "04/30/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4696.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4696", "detail_available": true, "module_name": "BSAFE™ Java Crypto Module 6.3", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Crypto-J software library is designed for developers to incorporate FIPS 140-2 approved cryptography into Java-based products. Crypto-J security software helps protect sensitive data as it is stored, using strong encryption techniques that ease integration with existing data models. Using the capabilities of Crypto-J software in applications helps provide a persistent level of protection for data, lessening the risk of internal, as well as external, compromise." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4693", "Certificate Number": "4693", "Vendor Name": "CyberArk Software Ltd", "Module Name": "CyberArk Cryptographic Module for Java", "Module Type": "Software", "Validation Date": "04/16/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4693.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4693", "detail_available": true, "module_name": "CyberArk Cryptographic Module for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "CyberArk Cryptographic Module for Java is a comprehensive cryptographic library designed to provide robust security solutions for Java and Android applications. It offers a wide range of cryptographic functions and features, including encryption, decryption, hashing, digital signatures, and key management. With CyberArk Cryptographic Module for Java, developers can easily integrate strong cryptographic capabilities into their Java applications to ensure data confidentiality, integrity, and authenticity.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4692", "Certificate Number": "4692", "Vendor Name": "BlueCat Networks", "Module Name": "BlueCat Catcrypt for Java", "Module Type": "Software", "Validation Date": "04/15/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4692.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4692", "detail_available": true, "module_name": "BlueCat Catcrypt for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Java cryptographic library for BlueCat appliances", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4682", "Certificate Number": "4682", "Vendor Name": "NOKIA SOLUTIONS AND NETWORKS OY", "Module Name": "Nokia BC-FJA (Bouncy Castle FIPS Java API)", "Module Type": "Software", "Validation Date": "03/27/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4682.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4682", "detail_available": true, "module_name": "Nokia BC-FJA (Bouncy Castle FIPS Java API)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Nokia BC-FJA (Bouncy Castle FIPS Java API) is a software cryptographic module that provides cryptographic functions and services to various Nokia applications via a well-defined Java-language application programming interface (API).", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4664", "Certificate Number": "4664", "Vendor Name": "Juniper Networks, Inc", "Module Name": "Juniper Networks SRX1500, SRX4100, SRX4200 and SRX4600 Services Gateways", "Module Type": "Hardware", "Validation Date": "11/28/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4664.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4664", "detail_available": true, "module_name": "Juniper Networks SRX1500, SRX4100, SRX4200 and SRX4600 Services Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 1.2 and 6 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The SRX1500, SRX4100, SRX4200 and SRX4600 Service Gateways offer outstanding protection, performance, scalability, availability, and integrated security services. Designed for high-performance security services architecture, and seamless integration of networking and security in a single platform, the SRX1500, SRX4100, SRX4200 and SRX 4600 are best suited for campuses, regional headquarters and enterprise data centers with a focus on application visibility and control, intrusion prevention, advanced threat protection, authentication, confidentiality of information, and integrated cloud-based security.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4663", "Certificate Number": "4663", "Vendor Name": "Juniper Networks, Inc", "Module Name": "Juniper Networks SRX300, SRX320, SRX340, SRX345, SRX345-DUAL-AC, SRX550M, SRX5400, SRX5600 and SRX5800 Services Gateways", "Module Type": "Hardware", "Validation Date": "11/28/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4663.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4663", "detail_available": true, "module_name": "Juniper Networks SRX300, SRX320, SRX340, SRX345, SRX345-DUAL-AC, SRX550M, SRX5400, SRX5600 and SRX5800 Services Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 1.2 and 5 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Juniper Networks SRX Series Services Gateways are a series of secure routers that provide essential capabilities to connect, secure, and manage work force locations sized from handfuls to hundreds of users. By consolidating fast, highly available switching, routing, security, and applications capabilities in a single device, enterprises can economically deliver new services, safe connectivity, and a satisfying end user experience.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4662", "Certificate Number": "4662", "Vendor Name": "Juniper Networks, Inc", "Module Name": "Juniper Networks EX4650, QFX5120 and QFX5210 Ethernet Switches", "Module Type": "Hardware", "Validation Date": "11/28/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4662.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4662", "detail_available": true, "module_name": "Juniper Networks EX4650, QFX5120 and QFX5210 Ethernet Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 1.2 and 5 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Juniper Networks QFX series switches are high performance, high density data center switches. The QFX switches provide high performance, wire speed switching with low latency and jitter. The QFX series switches provide the universal building blocks for multiple data center fabric architectures.", "algorithms": [ "KDF", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4660", "Certificate Number": "4660", "Vendor Name": "SafeLogic, Inc.", "Module Name": "CryptoComply for Java", "Module Type": "Software", "Validation Date": "11/28/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4660.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4660", "detail_available": true, "module_name": "CryptoComply for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SafeLogic's CryptoComply for Java is designed to provide FIPS 140 validated cryptographic functionality and is available for licensing.", "algorithms": [ "AES", "CVL", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4658", "Certificate Number": "4658", "Vendor Name": "Fujitsu Limited", "Module Name": "Fujitsu Enterprise Postgres Cryptographic Module", "Module Type": "Software", "Validation Date": "11/27/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4658.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4658", "detail_available": true, "module_name": "Fujitsu Enterprise Postgres Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Fujitsu Enterprise Postgres Cryptographic Module is the FIPS validated cryptographic library for Fujitsu Enterprise Postgres. This cryptographic library is used for communication data encryption, Transparent Data Encryption (TDE), etc. to provide data protection through robust cryptographic algorithms. Fujitsu Enterprise Postgres is based on the world-renowned open-source system - PostgreSQL, with additional enterprisegrade features for enhanced security and better performance.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4655", "Certificate Number": "4655", "Vendor Name": "Qualcomm Technologies, Inc.", "Module Name": "Qualcomm® Pseudo Random Number Generator", "Module Type": "Hardware", "Validation Date": "11/22/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4655.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4655", "detail_available": true, "module_name": "Qualcomm® Pseudo Random Number Generator", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Qualcomm Pseudo Random Number Generator is a hardware random number generator that provides cryptographic functions through on-chip entropy sources and hash based DRBG." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4651", "Certificate Number": "4651", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ISR 4000 Series Routers with MACSEC", "Module Type": "Hardware", "Validation Date": "11/02/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4651.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4651", "detail_available": true, "module_name": "Cisco ISR 4000 Series Routers with MACSEC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 9 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Integrated Services Router (ISR) 4000 Series provide comprehensive security services including VPN for small businesses, enterprise small branch and teleworkers. The platforms are architected to enable the next phase of branch-office evolution, providing rich media collaboration and virtualization to the branch while offering a wide-range of connectivity options.", "algorithms": [ "AES", "CVL", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4646", "Certificate Number": "4646", "Vendor Name": "Dell Australia Pty Limited, BSAFE Product Team", "Module Name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module 6.2.5", "Module Type": "Software", "Validation Date": "10/25/202312/21/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4646.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4646", "detail_available": true, "module_name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module 6.2.5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4645", "Certificate Number": "4645", "Vendor Name": "Dell Australia Pty Limited, BSAFE Product Team", "Module Name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module 6.2.5", "Module Type": "Software", "Validation Date": "10/25/202312/21/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4645.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4645", "detail_available": true, "module_name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module 6.2.5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4644", "Certificate Number": "4644", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ASR 1000 Series Routers with MACSEC", "Module Type": "Hardware", "Validation Date": "10/25/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4644.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4644", "detail_available": true, "module_name": "Cisco ASR 1000 Series Routers with MACSEC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 9 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The ASR 1000 Routers accelerate services by offering performance and resiliency with optimized, intelligent services; establishing a benchmark for price-to-performance offerings in the enterprise routing, service provider edge, and broadband aggregation segments; facilitating significant network innovations in areas such as secure WAN aggregation, managed customer-premises-equipment services, and service provider edge services, and reducing operating expenses and capital expenditures by facilitating managed or hosted services over identical architectures and operating environments.", "algorithms": [ "AES", "CVL", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4639", "Certificate Number": "4639", "Vendor Name": "Progress Software Corporation", "Module Name": "Kemp LoadMaster FIPS Object Module", "Module Type": "Software", "Validation Date": "10/23/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4639.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4639", "detail_available": true, "module_name": "Kemp LoadMaster FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The LoadMaster is a family of load balancing appliances running a custom operating system developed by Kemp Technologies Inc.", "algorithms": [ "DRBG", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4637", "Certificate Number": "4637", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba Virtual and Hardware Mobility Master Appliances with ArubaOS FIPS Firmware", "Module Type": "Firmware", "Validation Date": "10/12/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4637.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4637", "detail_available": true, "module_name": "Aruba Virtual and Hardware Mobility Master Appliances with ArubaOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 9 of the Security Policy", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's family of Mobility Masters simplify the management of multiple Aruba controllers running ArubaOS. Key features include a centralized dashboard to easily see and manage controllers, configuration hierarchy to customize deployments for various sites, and live firmware and feature upgrades to improve network reliability during active user sessions. The addition of licensing pools simplifies the transfer of licenses between different controllers to quickly address expanded deployment needs.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4634", "Certificate Number": "4634", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba 7XXX Series Controllers with ArubaOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "10/11/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4634.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4634", "detail_available": true, "module_name": "Aruba 7XXX Series Controllers with ArubaOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's family of Mobility Controllers are network infrastructure devices providing secure, scalable solutions for enterprise Wi-Fi, network security policy enforcement, VPN services, and wireless intrusion detection and prevention. Mobility controllers serve as central points of authentication, encryption, access control, and network coordination for all mobile network services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4633", "Certificate Number": "4633", "Vendor Name": "KRYPTUS S.A.", "Module Name": "ASI-HSM AHX5 KNET Cryptographic Module", "Module Type": "Hardware", "Validation Date": "10/11/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4633.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4633", "detail_available": true, "module_name": "ASI-HSM AHX5 KNET Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The module exists to provide cryptographic services to applications running on behalf of its users which communicate with it via a standard Ethernet interface using IP protocols. In order to provide these services, the module also requires a power supply. The module is usually sold embedded within a stand-alone network appliance. That appliance is typically used in large-scale cloud infrastructures, where ease of remote configuration and operation is required." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4632", "Certificate Number": "4632", "Vendor Name": "DataStax, Inc.", "Module Name": "Datastax BC-FJA (Bouncy Castle FIPS Java API)", "Module Type": "Software", "Validation Date": "10/09/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4632.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4632", "detail_available": true, "module_name": "Datastax BC-FJA (Bouncy Castle FIPS Java API)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Datastax BC-FJA (Bouncy Castle FIPS Java API) is a software cryptographic module that provides cryptographic functions and services to various Datastax applications via a Java-language API", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4630", "Certificate Number": "4630", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba Mobility Controller Virtual Appliances with ArubaOS FIPS Firmware", "Module Type": "Firmware", "Validation Date": "10/05/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4630.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4630", "detail_available": true, "module_name": "Aruba Mobility Controller Virtual Appliances with ArubaOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 8 of the Security Policy", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's family of Mobility Controllers are network infrastructure devices providing secure, scalable solutions for enterprise Wi-Fi, network security policy enforcement, VPN services, and wireless intrusion detection and prevention. Mobility controllers serve as central points of authentication, encryption, access control, and network coordination for all mobile network services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4629", "Certificate Number": "4629", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba AP-504, AP-505, AP-514, AP-515, AP-534, AP-535 and AP-555 Wireless Access Points with ArubaOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "10/05/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4629.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4629", "detail_available": true, "module_name": "Aruba AP-504, AP-505, AP-514, AP-515, AP-534, AP-535 and AP-555 Wireless Access Points with ArubaOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 13 of the Security Policy. The tamper evident labels installed as indicated in the security policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4628", "Certificate Number": "4628", "Vendor Name": "Citrix Systems, Inc.", "Module Name": "Citrix FIPS Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "10/05/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4628.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4628", "detail_available": true, "module_name": "Citrix FIPS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode. No assurance of the minimum strength of generated keys", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The Citrix FIPS Cryptographic Module is a software toolkit which provides various cryptographic functions to support the Citrix product portfolio.", "algorithms": [ "DES", "DRBG", "ECDH", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4627", "Certificate Number": "4627", "Vendor Name": "Allegro Software Development Corporation", "Module Name": "Allegro Cryptographic Engine", "Module Type": "Software", "Validation Date": "10/04/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4627.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4627", "detail_available": true, "module_name": "Allegro Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Allegro’s suite of Embedded Device Security toolkits makes embedding standards-based security protocols into resource sensitive embedded systems and consumer electronics fast, easy and reliable. The Allegro Cryptographic Engine (ACE) is a cryptographic library module specifically engineered for embedded devices. The module provides embedded systems developers with an easily understood software interface to enable bulk encryption and decryption, message digests, digital signature creation and validation and key generation and exchange. For full details see www.allegrosoft.com/ace.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4624", "Certificate Number": "4624", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba AP-304, AP-305, AP-314, AP-315, AP-334, AP-335, AP-365, and AP-367 Wireless Access Points", "Module Type": "Hardware", "Validation Date": "10/03/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4624.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4624", "detail_available": true, "module_name": "Aruba AP-304, AP-305, AP-314, AP-315, AP-334, AP-335, AP-365, and AP-367 Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 13 of the Security Policy. The tamper evident labels installed as indicated in the security policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's 802.11ac Wi-Fi access points operate at gigabit speeds, offering extreme performance for mobile devices. In FIPS 140-2 mode, Aruba APs in conjunction with a Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also support wireless intrusion detection/prevention services and wireless mesh topologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4623", "Certificate Number": "4623", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba AP-203R, AP-203RP, and AP-303H Wireless Access Points", "Module Type": "Hardware", "Validation Date": "10/03/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4623.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4623", "detail_available": true, "module_name": "Aruba AP-203R, AP-203RP, and AP-303H Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 13 of the Security Policy. The tamper evident labels installed as indicated in the security policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's 802.11ac Wi-Fi access points operate at gigabit speeds, offering extreme performance for mobile devices. In FIPS 140-2 mode, Aruba APs in conjunction with a Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also support wireless intrusion detection/prevention services and wireless mesh topologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4616", "Certificate Number": "4616", "Vendor Name": "Legion of the Bouncy Castle Inc.", "Module Name": "BC-FJA (Bouncy Castle FIPS Java API)", "Module Type": "Software", "Validation Date": "09/27/202310/10/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4616.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4616", "detail_available": true, "module_name": "BC-FJA (Bouncy Castle FIPS Java API)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4615", "Certificate Number": "4615", "Vendor Name": "Acronis SCS", "Module Name": "Acronis SCS Cryptographic Module", "Module Type": "Software", "Validation Date": "09/27/202304/05/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4615.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4615", "detail_available": true, "module_name": "Acronis SCS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Acronis SCS Cryptographic Module is a component of the Acronis Backup software solution (version 12.5 and later). It provides the underlying cryptographic functionality necessary to support the use of secure communications protocols, encrypted backups, and secure file sharing." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4614", "Certificate Number": "4614", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiOS 6.2", "Module Type": "Firmware", "Validation Date": "09/27/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4614.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4614", "detail_available": true, "module_name": "FortiOS 6.2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy. Authentication at level 3 is only applicable when identity-based authentication is enforced for the User role.", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiOS is a firmware based operating system that runs exclusively on Fortinet's FortiGate/FortiWiFi product family. The FortiOS provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering and traffic shaping and HA capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4606", "Certificate Number": "4606", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 9800 (40/80/L) Wireless Controllers running IOS-XE 16.12", "Module Type": "Hardware", "Validation Date": "09/26/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4606.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4606", "detail_available": true, "module_name": "Cisco Catalyst 9800 (40/80/L) Wireless Controllers running IOS-XE 16.12", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 11 of the Security Policy and operated in FIPS mode. This module contains the embedded module ACT2Lite validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Series Wireless Controllers, are a highly scalable and flexible platform that enables system-wide services for mission-critical wireless networking in medium-sized to large enterprises and campus environments.", "algorithms": [ "AES", "CVL", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4604", "Certificate Number": "4604", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu 16.04 Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "09/25/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4604.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4604", "detail_available": true, "module_name": "Ubuntu 16.04 Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Sections 9.1 of the Security Policy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Ubuntu 16.04 Kernel Crypto API module is a software module running as part of the operating system kernel that provides general purpose cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4601", "Certificate Number": "4601", "Vendor Name": "L3Harris Technologies, Inc.", "Module Name": "RF-7800W Broadband Ethernet Radio", "Module Type": "Hardware", "Validation Date": "09/18/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4601.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4601", "detail_available": true, "module_name": "RF-7800W Broadband Ethernet Radio", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 3.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The RF-7800W (-OUxxx and -RPxxx) Broadband Ethernet Radio (BER) is designed for High Capacity Line of Sight (HCLOS) networks with broadband Ethernet requirements. The radio can be mounted on a mast for quick deployment or on a tower system and is designed for long haul backbone systems. The BER operates in the 4.4-5.8 GHz frequency band. The BER is an ideal wireless networking solution for public safety, first responders, training and simulation networks and long haul / short haul battlefield communications. The RF-7800W operates in Point-to-Point and Point-to-Multipoint in the same platform.", "algorithms": [ "AES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4600", "Certificate Number": "4600", "Vendor Name": "HYCU, Inc.", "Module Name": "HYCU Cryptographic Library Module", "Module Type": "Software", "Validation Date": "09/14/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4600.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4600", "detail_available": true, "module_name": "HYCU Cryptographic Library Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security-relevant modification to Cert. #3514", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The HYCU Cryptographic Library Module is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4599", "Certificate Number": "4599", "Vendor Name": "Intel Corporation", "Module Name": "Cryptographic Module for Intel® Platforms' Security Engine Chipset", "Module Type": "Firmware-Hybrid", "Validation Date": "09/13/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4599.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4599", "detail_available": true, "module_name": "Cryptographic Module for Intel® Platforms' Security Engine Chipset", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Sections 2.3 and 9.1 of the Security Policy. When entropy is externally loaded, no assurance of the minimum strength of generated keys.", "module_type": "Firmware-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The Cryptographic Module for Intel® CSME is a hardware-firmware hybrid module present on Intel® PCH platforms. The module performs crypto functions for CSME applications, including but are not limited to: PTT (Platform Trust Technology), AMT (Active Management Technology), and DAL (Dynamic Application Loader)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4598", "Certificate Number": "4598", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu 18.04 Google Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "09/13/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4598.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4598", "detail_available": true, "module_name": "Ubuntu 18.04 Google Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Ubuntu 18.04 Google Kernel Crypto API module is a software module running as part of the operating system kernel that provides general purpose cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4597", "Certificate Number": "4597", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu 18.04 AWS Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "09/13/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4597.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4597", "detail_available": true, "module_name": "Ubuntu 18.04 AWS Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Ubuntu 18.04 AWS Kernel Crypto API module is a software module running as part of the operating system kernel that provides general purpose cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4596", "Certificate Number": "4596", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu 18.04 Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "09/13/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4596.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4596", "detail_available": true, "module_name": "Ubuntu 18.04 Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Ubuntu 18.04 Kernel Crypto API module is a software module running as part of the operating system kernel that provides general purpose cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4595", "Certificate Number": "4595", "Vendor Name": "VMware, Inc.", "Module Name": "VMware's IKE Crypto Module", "Module Type": "Software", "Validation Date": "09/12/202305/03/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4595.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4595", "detail_available": true, "module_name": "VMware's IKE Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When entropy is externally loaded, no assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The VMware's IKE Crypto Module v1.1.0 is a general-purpose cryptographic module that provides FIPS-Approved cryptographic functions and services to various VMware's products and components.", "algorithms": [ "AES", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4594", "Certificate Number": "4594", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu 18.04 IBM-GT Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "09/12/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4594.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4594", "detail_available": true, "module_name": "Ubuntu 18.04 IBM-GT Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Ubuntu 18.04 IBM-GT Kernel Crypto API module is a software module running as part of the operating system kernel that provides general purpose cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4593", "Certificate Number": "4593", "Vendor Name": "Amazon Web Services, Inc.", "Module Name": "Amazon Linux 2 Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "09/12/202311/13/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4593.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4593", "detail_available": true, "module_name": "Amazon Linux 2 Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Amazon Linux 2 NSS Cryptographic Module validated to FIPS 140-2 under Cert. #4565 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Linux kernel Crypto API implemented in the Amazon Linux 2 provides services operating inside the Linux kernel with various ciphers, message digests and an approved random number generator." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4590", "Certificate Number": "4590", "Vendor Name": "Trend Micro Inc.", "Module Name": "TippingPoint Crypto Core OpenSSL", "Module Type": "Software", "Validation Date": "09/08/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4590.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4590", "detail_available": true, "module_name": "TippingPoint Crypto Core OpenSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Trend Micro, TippingPoint Crypto Core OpenSSL is a software library which provides FIPS 140-2 approved cryptographic algorithms and services for Trend Micro TippingPoint security products.", "algorithms": [ "AES", "CVL", "DES", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4589", "Certificate Number": "4589", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu 16.04 OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "09/08/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4589.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4589", "detail_available": true, "module_name": "Ubuntu 16.04 OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Sections 9.1 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "OpenSSL is an open-source library of various cryptographic algorithms written mainly in C." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4588", "Certificate Number": "4588", "Vendor Name": "Rambus Inc.", "Module Name": "SafeZone FIPS Cryptographic Module", "Module Type": "Software", "Validation Date": "09/07/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4588.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4588", "detail_available": true, "module_name": "SafeZone FIPS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SafeZone FIPS Cryptographic Module is a FIPS 140-2 Security Level 1 validated software cryptographic module from Rambus. The module is a toolkit which provides the most commonly needed cryptographic primitives for a large variety of applications, including but not limited to, primitives needed for DAR, DRM, TLS, and VPN on mobile devices.", "algorithms": [ "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4586", "Certificate Number": "4586", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux 7 NSS Cryptographic Module", "Module Type": "Software", "Validation Date": "09/06/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4586.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4586", "detail_available": true, "module_name": "Oracle Linux 7 NSS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Oracle Linux is a set of cryptographic libraries, services, and user level cryptographic applications that are validated at FIPS 140-2 level 1, providing a secure foundation for vendor use in developing dependent services, applications, and even purpose built appliances that may be FIPS 140-2 validated." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4585", "Certificate Number": "4585", "Vendor Name": "Hewlett Packard Enterprise Development LP", "Module Name": "Hewlett Packard Enterprise BouncyCastle Module", "Module Type": "Software", "Validation Date": "09/06/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4585.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4585", "detail_available": true, "module_name": "Hewlett Packard Enterprise BouncyCastle Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Hewlett Packard Enterprise BouncyCastle module is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4584", "Certificate Number": "4584", "Vendor Name": "Nutanix, Inc.", "Module Name": "Nutanix Cryptographic Module for BoringSSL", "Module Type": "Software", "Validation Date": "09/06/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4584.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4584", "detail_available": true, "module_name": "Nutanix Cryptographic Module for BoringSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 12.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Nutanix Cryptographic Module for BoringSSL is a suite of FIPS Approved algorithms used for TLS and other cryptographic functions.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4583", "Certificate Number": "4583", "Vendor Name": "Securosys SA", "Module Name": "Primus HSM", "Module Type": "Hardware", "Validation Date": "09/05/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4583.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4583", "detail_available": true, "module_name": "Primus HSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode as specified in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Securosys' Primus series of hardware security modules (HSM) provide high performance cryptographic operations, creation, storage, and controlled access to encryption keys and certificates in an always active tamper protected appliance. Applications include digital signatures for financial transactions, secure messaging and email, blockchain, crypto currency and crypto asset storage, PKI, elDAS, database and cloud encryption, GDPR, SSL / TLS, and e-government.", "algorithms": [ "AES", "DES", "DRBG", "ECDH", "ECDSA", "HMAC", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4582", "Certificate Number": "4582", "Vendor Name": "PacketLight Networks Ltd.", "Module Name": "PL-2000M, PL-2000AD and PL-2000ADS", "Module Type": "Hardware", "Validation Date": "09/04/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4582.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4582", "detail_available": true, "module_name": "PL-2000M, PL-2000AD and PL-2000ADS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 10 and operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "PacketLight's PL-2000M, PL-2000AD and PL-2000ADS Layer-1 encryption solutions ensure the confidentiality and integrity of data, based on GCM-AES-256 encryption standards, supporting Diffie-Hellman (DH) key exchange up to every 1-minute. In addition, the solutions support multiple protocols including 10G/40G/100G Ethernet, 8G/16G/32G Fibre Channel, OTU2/OTU2e/OTU3/OTU4 and STM-64/OC-192" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4579", "Certificate Number": "4579", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Aironet 1562e/i/d/ps, 2802e/i, 3802e/i/p, 4800 Wireless LAN Access points, Version 8.10, 16.12", "Module Type": "Hardware", "Validation Date": "09/01/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4579.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4579", "detail_available": true, "module_name": "Cisco Aironet 1562e/i/d/ps, 2802e/i, 3802e/i/p, 4800 Wireless LAN Access points, Version 8.10, 16.12", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3. This module contains the embedded module ACT2Lite validated to FIPS 140-2 under Cert. #2125 operating in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Cisco Aironet Series Wireless Access Points provide highly secure and reliable wireless connections for both indoor and outdoor environments.", "algorithms": [ "AES", "CVL", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4578", "Certificate Number": "4578", "Vendor Name": "SUSE LLC", "Module Name": "SUSE Rancher Kubernetes Cryptographic Library", "Module Type": "Software", "Validation Date": "09/01/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4578.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4578", "detail_available": true, "module_name": "SUSE Rancher Kubernetes Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 9.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "A software library that contains cryptography to serve SUSE’s Rancher Kubernetes Engine and its ecosystem of supported cloud-native tools written in the Go programming language.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4577", "Certificate Number": "4577", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung SCrypto Cryptographic Module", "Module Type": "Software", "Validation Date": "08/31/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4577.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4577", "detail_available": true, "module_name": "Samsung SCrypto Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SCrypto is secure library which is used to provide a standardized common cryptographic API to trusted applications for the secure world/TEE environment.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4576", "Certificate Number": "4576", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung SCrypto Cryptographic Module", "Module Type": "Software", "Validation Date": "08/31/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4576.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4576", "detail_available": true, "module_name": "Samsung SCrypto Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SCrypto is secure library which is used to provide a standardized common cryptographic API to trusted applications for the secure world/TEE environment.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4575", "Certificate Number": "4575", "Vendor Name": "Certicom Corp.", "Module Name": "Security Builder FIPS Java Module", "Module Type": "Software", "Validation Date": "08/31/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4575.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4575", "detail_available": true, "module_name": "Security Builder FIPS Java Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Security Builder FIPS Java Module is a standards-based cryptographic toolkit written in Java. It supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into Java-based applications. The Security Builder FIPS Java Module is intended for use by developers who want government level security and can also be used in conjunction with other Certicom developer toolkits including Security Builder PKI and Security Builder SSL." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4574", "Certificate Number": "4574", "Vendor Name": "Google, LLC.", "Module Name": "Titan Security Key, Chip Boundary", "Module Type": "Hardware", "Validation Date": "08/31/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4574.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4574", "detail_available": true, "module_name": "Titan Security Key, Chip Boundary", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Implemented with Google's \"Titan\" secure microcontroller and custom firmware, the Titan Security Key is a FIPS-compliant Universal 2nd Factor (U2F) authenticator and hardware root of trust." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4573", "Certificate Number": "4573", "Vendor Name": "ICU Medical, Inc.", "Module Name": "LifeCare PCA™ Infusion Pump", "Module Type": "Hardware", "Validation Date": "08/31/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4573.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4573", "detail_available": true, "module_name": "LifeCare PCA™ Infusion Pump", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "LifeCare PCA™ is a Patient-Controlled Analgesia Infusion System with Full IV-EHR Interoperability.With the ICU Medical LifeCare PCA patient-controlled analgesia infusion system, you can be confident you are safely delivering the right drug at the right dose to the right patient in the right concentration. As the first and only PCA system with an integrated barcode reader and full IV-EHR interoperability, LifeCare PCA offers streamlined programming." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4572", "Certificate Number": "4572", "Vendor Name": "Aruba, a Hewlett Packard Enterprise Company", "Module Name": "Aruba 2930F, 2930M, 3810M and 5400R zl2 Switch Series", "Module Type": "Hardware", "Validation Date": "08/31/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4572.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4572", "detail_available": true, "module_name": "Aruba 2930F, 2930M, 3810M and 5400R zl2 Switch Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When initialized and configured as specified in Section 10 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Aruba 2930F, 2930M and 3810M Switch Series are designed for customers creating digital workplaces that are optimized for mobile users with an integrated wired and wireless approach. The 2930F is basic Layer 3 switch that supports 10GbE uplinks, PoE+, robust QoS, RIP Routing, Access OSPF, and IPV6, ACLs. The module delivers consistent wired/wireless user experience with unified management tools such as Aruba ClearPass Policy Manager and Aruba Airwave. The 2930M and 3810M are Layer 3 access switches that support 10GbE and 40GbE uplinks, Dual Modular Power Supplies, full PoE+, HPE Smart Rat" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4571", "Certificate Number": "4571", "Vendor Name": "Aruba, a Hewlett Packard Enterprise Company", "Module Name": "Aruba 2930M, 3810M and 5400R zl2 Switch Series", "Module Type": "Hardware", "Validation Date": "08/31/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4571.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4571", "detail_available": true, "module_name": "Aruba 2930M, 3810M and 5400R zl2 Switch Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Aruba 2930M and 3810M Switch Series are designed for customers creating digital workplaces that are optimized for mobile users with an integrated wired and wireless approach. These Layer 3 access switches support 10GbE and 40GbE uplinks, Dual Modular Power Supplies, full PoE+, HPE Smart Rate, ACLs, robust QoS, RIP, OSPF routing, Tunnel Node, PIM, VRRP and IPv6. The Aruba 5400R zl2 Switch Series is an industry-leading mobile campus access chassis solution with HPE Smart Rate multi-gigabit ports." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4570", "Certificate Number": "4570", "Vendor Name": "Apple Inc.", "Module Name": "Apple corecrypto User Space Module for ARM (ccv10)", "Module Type": "Software", "Validation Date": "08/30/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4570.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4570", "detail_available": true, "module_name": "Apple corecrypto User Space Module for ARM (ccv10)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Apple corecrypto User Space Module for ARM (ccv10) is a software cryptographic module running on a multi-chip standalone hardware device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4566", "Certificate Number": "4566", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper CryptoCore Cryptographic Module", "Module Type": "Software", "Validation Date": "08/30/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4566.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4566", "detail_available": true, "module_name": "Juniper CryptoCore Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The cryptographic module provides FIPS 140-2 compliant cryptographic functionality for Juniper Networks security products such as JATP.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4565", "Certificate Number": "4565", "Vendor Name": "Amazon Web Services, Inc.", "Module Name": "Amazon Linux 2 NSS Cryptographic Module", "Module Type": "Software", "Validation Date": "08/30/202303/25/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4565.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4565", "detail_available": true, "module_name": "Amazon Linux 2 NSS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 10.2 of the Security Policy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Amazon Linux 2 NSS Cryptographic Module is a set of libraries designed to support cross-platform development of security-enabled applications. These applications may support the TLS protocol, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards supporting FIPS 140-2 validated cryptographic algorithms.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4564", "Certificate Number": "4564", "Vendor Name": "HID Global and Giesecke+Devrient Mobile Security America Inc.", "Module Name": "HID Global ActivID Applet Suite v2.7.5 and v2.7.6 on Giesecke & Devrient Sm@rtCafé Expert 7.0", "Module Type": "Hardware", "Validation Date": "08/30/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4564.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4564", "detail_available": true, "module_name": "HID Global ActivID Applet Suite v2.7.5 and v2.7.6 on Giesecke & Devrient Sm@rtCafé Expert 7.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with module Sm@rtCafé Expert 7.0 validated to FIPS 140-2 under Cert. #2327 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "HID Global ActivID Applet v2.7.5 and v2.7.6 are Java Card applet suites that use the Sm@rtCafé Expert 7.0 operating system. The products can be used over contact and contactless interfaces and can be configured for support of GSC-IS v2.1 and PIV standards (NIST SP 800-73-4 and SP 800-78-4).", "algorithms": [ "CVL", "DRBG", "KAS", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4563", "Certificate Number": "4563", "Vendor Name": "Gemalto", "Module Name": "IDPrime PIV v3.0 Applet on IDCore 3130 Platform", "Module Type": "Hardware", "Validation Date": "08/29/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4563.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4563", "detail_available": true, "module_name": "IDPrime PIV v3.0 Applet on IDCore 3130 Platform", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the IDCore 3130 Platform and when initialized and configured as specified in Section 13 of the Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "« IDPrime PIV v3.0 » is the next generation of FIPS201-2 smart card running on latest IDCore 3130 platform, which complies with the latest version of NIST SP800-73-4, SP800-85A-4 and all algorithms of SP800-78-4. The product can be used over Contact and Contactless interfaces (ISO 7816 & 14443) to provide physical and logical accesss control. It embeds latest optimized FIPS POST feature, OPACITY secure messaging with Pairing code, and Biometric Match on card.", "algorithms": [ "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4562", "Certificate Number": "4562", "Vendor Name": "HID Global and Gemalto", "Module Name": "HID Global ActivID Applet Suite v2.7.4 on Gemalto TOPDLv2.1", "Module Type": "Hardware", "Validation Date": "08/29/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4562.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4562", "detail_available": true, "module_name": "HID Global ActivID Applet Suite v2.7.4 on Gemalto TOPDLv2.1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the TOPDLv2.1 Platform and when initialized and configured as specified in Section 10 of the Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "HID Global ActivID Applet v2.7.4 is a Java Card applet suite that uses the Gemalto TOPDLv2.1 operating system. The product can be used over contact and contactless interfaces and can be configured for support of GSC-IS v2.1 and PIV standards (NIST SP 800-73-4 and SP 800-78-4).", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4559", "Certificate Number": "4559", "Vendor Name": "Aruba, a Hewlett Packard Enterprise Company", "Module Name": "Aruba 2930F Switch Series", "Module Type": "Hardware", "Validation Date": "08/21/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4559.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4559", "detail_available": true, "module_name": "Aruba 2930F Switch Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The 2930F is designed for customers creating digital workplaces that are optimized for mobile users with an integrated wired and wireless approach. The Basic Layer 3 switch supports 10GbE uplinks, PoE+, robust QoS, RIP Routing, Access OSPF, and IPV6, ACLs. The module delivers consistent wired/wireless user experience with unified management tools such as Aruba ClearPass Policy Manager and Aruba Airwave." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4556", "Certificate Number": "4556", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 9200 Series Switches", "Module Type": "Hardware", "Validation Date": "08/02/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4556.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4556", "detail_available": true, "module_name": "Cisco Catalyst 9200 Series Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 3 of the Security Policy. This module contains the embedded module 'ACT2Lite Cryptographic Module' validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "With full PoE+ capability, power and fan redundancy, stacking bandwidth up to 160 Gbps, modular uplinks, Layer 3 feature support, and cold patching, Catalyst 9200 Series switches are the industry's unparalleled solution with differentiated resiliency and progressive architecture for cost-effective branch-office access. The switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. Advanced security feature supports IOS-XE software, MACsec encryption, hardware anchored secure boot, Secure Unique Device Identification (SUDI) support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4550", "Certificate Number": "4550", "Vendor Name": "Broadcom", "Module Name": "Symantec Messaging Gateway Cryptographic Module", "Module Type": "Software", "Validation Date": "07/12/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4550.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4550", "detail_available": true, "module_name": "Symantec Messaging Gateway Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Symantec Messaging Gateway Cryptographic Module provides standards compliant cryptographic functionality for the Symantec Messaging Gateway product.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4548", "Certificate Number": "4548", "Vendor Name": "Amazon Web Services, Inc.", "Module Name": "Amazon Linux 2 OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "07/10/202310/30/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4548.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4548", "detail_available": true, "module_name": "Amazon Linux 2 OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Amazon Linux 2 OpenSSL Crypto Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for the applications running on Amazon Linux 2." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4544", "Certificate Number": "4544", "Vendor Name": "Thales", "Module Name": "eToken 5300 Mini and Micro MD 4.3.5", "Module Type": "Hardware", "Validation Date": "06/29/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4544.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4544", "detail_available": true, "module_name": "eToken 5300 Mini and Micro MD 4.3.5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with IDPrime MD 830-revB", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "eToken 5300 is an ideal solution for enterprises looking to deploy the military-grade security of PKI, while maintaining a convenient solution for employees. The eToken 5300 is a compact, tamper-evident USB with presence detection, which creates a third factor of authentication. Something you have (physical token), something you know (PIN), something you do (touching the token). The eToken 5300 is a state-of-the-art new design, which offers multi-application dynamic smart card functionality.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4542", "Certificate Number": "4542", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "06/26/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4542.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4542", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4540", "Certificate Number": "4540", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu 18.04 OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "06/22/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4540.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4540", "detail_available": true, "module_name": "Ubuntu 18.04 OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Sections 9.1 of the Security Policy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "OpenSSL is an open-source library of various cryptographic algorithms written mainly in C." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4539", "Certificate Number": "4539", "Vendor Name": "Commscope Technologies LLC", "Module Name": "FastIron ICX™ 7850 Series Switch/Router", "Module Type": "Hardware", "Validation Date": "06/22/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4539.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4539", "detail_available": true, "module_name": "FastIron ICX™ 7850 Series Switch/Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When configured in FIPS Approved Mode as per Security Policy Section 8", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Superior Scalability: Up to 76.8 Tbps of combined switching capacity and 384x 100 GbE or 576x 1025 GbE ports per 12 units' stack supports the most demanding enterprise environments. Maximum Flexibility: Network Core connectivity and switching capacity can be distributed wherever it is needed. Does not need to be co-located in a single wiring closet like a traditional chassis.", "algorithms": [ "AES", "DES", "DSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4533", "Certificate Number": "4533", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-1101E/2000E/2201E/2500E/3301E", "Module Type": "Hardware", "Validation Date": "06/12/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4533.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4533", "detail_available": true, "module_name": "FortiGate-1101E/2000E/2201E/2500E/3301E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy with the tamper evident seals installed as indicated in the Security Policy. Authentication at level 3 is only applicable when identity-based authentication is enforced for the User role.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiGate-1101E, 2000E, 2201E, 2500E and 3301E are multiple chip, standalone cryptographic modules consisting of production grade components contained in a physically protected enclosure in accordance with FIPS 140-2 Level 2 requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4527", "Certificate Number": "4527", "Vendor Name": "Persistent Systems, LLC", "Module Name": "Embedded Module and Embedded Module Lite", "Module Type": "Hardware", "Validation Date": "05/31/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4527.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4527", "detail_available": true, "module_name": "Embedded Module and Embedded Module Lite", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to overall level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Embedded Module, Embedded Module Lite, and Wave Relay® MANET provide wireless network connectivity between highly mobile users in a true peer-to-peer topology without requiring additional infrastructure. The Embedded Module and Embedded Module Lite are designed to be integrated into many types of systems, including UGVs, UAVs, and sensors." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4526", "Certificate Number": "4526", "Vendor Name": "Persistent Systems, LLC", "Module Name": "Embedded Module and Embedded Module Lite", "Module Type": "Hardware", "Validation Date": "05/31/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4526.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4526", "detail_available": true, "module_name": "Embedded Module and Embedded Module Lite", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 3.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Embedded Module, Embedded Module Lite, and Wave Relay® MANET provide wireless network connectivity between highly mobile users in a true peer-to­peer topology without requiring additional infrastructure. The Embedded Module and Embedded Module Lite are designed to be integrated into many types of systems, including UGVs, UAVs, and sensors." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4525", "Certificate Number": "4525", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 9500 Series Switches", "Module Type": "Hardware", "Validation Date": "05/26/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4525.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4525", "detail_available": true, "module_name": "Cisco Catalyst 9500 Series Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 3 of the Security Policy. This module contains the embedded module 'ACT2Lite Cryptographic Module' validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Catalyst 9500 Series Switches are stackable enterprise switching platform built for security, IoT, mobility, and cloud. The switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. The modules include cryptographic algorithms implemented in IOS-XE software as well as hardware ASIC. Advanced security feature supports MACsec encryption, hardware anchored secure boot and Secure Unique Device Identification (SUDI) support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4520", "Certificate Number": "4520", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 9600 Series Switches", "Module Type": "Hardware", "Validation Date": "05/11/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4520.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4520", "detail_available": true, "module_name": "Cisco Catalyst 9600 Series Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 3 of the Security Policy. This module contains the embedded module ' ACT2Lite Cryptographic Module' validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Catalyst 9600 Series Switches are stackable enterprise switching platform built for security, IoT, mobility, and cloud. The switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. The modules include cryptographic algorithms implemented in IOS-XE software as well as hardware ASIC. Advanced security feature supports MACsec encryption, hardware anchored secure boot and Secure Unique Device Identification (SUDI) support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4519", "Certificate Number": "4519", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 9400 Series Switches", "Module Type": "Hardware", "Validation Date": "05/11/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4519.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4519", "detail_available": true, "module_name": "Cisco Catalyst 9400 Series Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 3 of the Security Policy. This module contains the embedded module 'ACT2Lite Cryptographic Module' validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Catalyst 9400 Series Switches are stackable enterprise switching platform built for security, IoT, mobility, and cloud. The switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. The modules include cryptographic algorithms implemented in IOS-XE software as well as hardware ASIC. Advanced security feature supports MACsec encryption, hardware anchored secure boot and Secure Unique Device Identification (SUDI) support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4514", "Certificate Number": "4514", "Vendor Name": "Persistent Systems, LLC", "Module Name": "MPU5", "Module Type": "Hardware", "Validation Date": "05/08/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4514.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4514", "detail_available": true, "module_name": "MPU5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When initialized and configured to overall level 2 per the Security Policy. The tamper evident material installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The MPU5 and Wave Relay® MANET provide wireless network connectivity between highly mobile users in a true peer-to-peer topology without requiring additional infrastructure. The MPU5 is designed to be carried by dismount users or mounted on towers, vehicles and aircraft." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4510", "Certificate Number": "4510", "Vendor Name": "Giesecke+Devrient Mobile Security GmbH", "Module Name": "StarSign PIV Applet V 1.0 on Giesecke+Devrient Sm@rtCafé Expert 7.0", "Module Type": "Hardware", "Validation Date": "05/05/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4510.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4510", "detail_available": true, "module_name": "StarSign PIV Applet V 1.0 on Giesecke+Devrient Sm@rtCafé Expert 7.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with module Sm@rtCafé Expert 7.0 validated to FIPS 140-2 under Cert. #2327 operating in FIPS mode.", "module_type": "Hardware", "embodiment": "Single Chip", "description": "StarSign PIV Applet V 1.0 on Giesecke+Devrient Sm@rtCafé Expert 7.0 provides authentication, encryption, and digital signature cryptographic services and is intended for general use. Sm@rtCafé Expert 7.0 is a Smart Card based on Java Card and GlobalPlatform Technology. Sm@rtCafé Expert 7.0 conforms to Java Card Classic Platform Specification 3.0.4 and GlobalPlatform Card Specification Version 2.2.1 supporting Secure Channel Protocol 03, Card Specification V2.2 Amendment D. The product is suitable for government and corporate identification, payment and banking, health care and authentication.", "algorithms": [ "AES", "DRBG", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4508", "Certificate Number": "4508", "Vendor Name": "SUSE, LLC", "Module Name": "SUSE Linux Enterprise Server Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "05/05/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4508.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4508", "detail_available": true, "module_name": "SUSE Linux Enterprise Server Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in section 10.1 of the Security Policy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SUSE Linux Enterprise Server Kernel Crypto API Module provides cryptographic services to the Linux operating system kernel." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4505", "Certificate Number": "4505", "Vendor Name": "F5, Inc.", "Module Name": "Cryptographic Module for BIG-IP ®", "Module Type": "Software", "Validation Date": "05/03/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4505.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4505", "detail_available": true, "module_name": "Cryptographic Module for BIG-IP ®", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Cryptographic library offering various cryptographic mechanisms to BIG-IP Virtual Edition." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4501", "Certificate Number": "4501", "Vendor Name": "Maximus Federal", "Module Name": "Maximus Federal Cryptographic Module", "Module Type": "Software", "Validation Date": "05/02/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4501.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4501", "detail_available": true, "module_name": "Maximus Federal Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Maximus Federal Cryptographic Module is a standards-based cryptographic engine used for the Maximus Intelligent Virtual Assistant and Maximus Cloud. The module delivers core cryptographic functions to Maximus platforms and features robust algorithm support.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4498", "Certificate Number": "4498", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 7 NSS Cryptographic Module", "Module Type": "Software", "Validation Date": "05/02/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4498.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4498", "detail_available": true, "module_name": "Red Hat Enterprise Linux 7 NSS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major Internet security standards. NSS is available free of charge under a variety of open source compatible licenses. See http://www.mozilla.org/projects/security/pki/nss/." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4494", "Certificate Number": "4494", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 9300 Series Switches", "Module Type": "Hardware", "Validation Date": "04/28/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4494.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4494", "detail_available": true, "module_name": "Cisco Catalyst 9300 Series Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 3 of the Security Policy. This module contains the embedded module 'ACT2Lite Cryptographic Module' validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Catalyst 9300 Series Switches are stackable enterprise switching platform built for security, IoT, mobility, and cloud. The switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. The modules include cryptographic algorithms implemented in IOS-XE software as well as hardware ASIC. Advanced security feature supports MACsec encryption, hardware anchored secure boot and Secure Unique Device Identification (SUDI) support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4491", "Certificate Number": "4491", "Vendor Name": "Commscope Technologies LLC", "Module Name": "FastIron ICX™ 7750, ICX™ 7250 and ICX™ 7150 Series Switch/Router", "Module Type": "Hardware", "Validation Date": "04/27/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4491.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4491", "detail_available": true, "module_name": "FastIron ICX™ 7750, ICX™ 7250 and ICX™ 7150 Series Switch/Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When the ICX7750 is assembled as per Security Policy Table 7, and configured in FIPS Approved Mode as per Security Policy Section 10", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The ICX 7750 provides the capabilities of a chassis with the flexibility and cost-effectiveness of a stackable switch. The switch delivers faster network response time via wire-speed, non-blocking performance across all ports to support latency-sensitive applications such as real-time voice or video streaming and Virtual Destop infrastructure. Up to 12 ICX 7750 switches can be stacked together to provide terabytes of aggregated stacking bandwidth with full redundancy, eliminating inter-switch bottlenecks. Industry-leading 10/40 Gbps Ethernet port density and flexibility. Up to 32x40 GbE", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4487", "Certificate Number": "4487", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 9200L Series Switches", "Module Type": "Hardware", "Validation Date": "04/26/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4487.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4487", "detail_available": true, "module_name": "Cisco Catalyst 9200L Series Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 3 of the Security Policy. This module contains the embedded module 'ACT2Lite Cryptographic Module' validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "With full PoE+ capability, power and fan redundancy, stacking bandwidth up to 160 Gbps, modular uplinks, Layer 3 feature support, and cold patching, Catalyst 9200L Series switches are the industry’s unparalleled solution with differentiated resiliency and progressive architecture for cost-effective branch-office access. The switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. Advanced security feature supports IOS-XE software, MACsec encryption, hardware anchored secure boot, Secure Unique Device Identification (SUDI) support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4486", "Certificate Number": "4486", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 9300 Series Switches", "Module Type": "Hardware", "Validation Date": "04/26/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4486.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4486", "detail_available": true, "module_name": "Cisco Catalyst 9300 Series Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Catalyst 9300 Series Switches are stackable enterprise switching platform built for security, IoT, mobility, and cloud. The switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. The modules include cryptographic algorithms implemented in IOS-XE software as well as hardware ASIC. Advanced security feature supports MACsec encryption, hardware anchored secure boot and Secure Unique Device Identification (SUDI) support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4485", "Certificate Number": "4485", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "04/25/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4485.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4485", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4482", "Certificate Number": "4482", "Vendor Name": "Quantum Knight, INC.", "Module Name": "CLEAR Cryptosystem", "Module Type": "Software", "Validation Date": "04/17/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4482.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4482", "detail_available": true, "module_name": "CLEAR Cryptosystem", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "CLEAR Cryptosystem is a standards-based cryptographic engine that enables the protection of data requiring absolute compliance with federal standards. The module delivers core cryptographic functions for boosting the strength and speed of cryptographic protection while guaranteeing data integrity, data at rest encryption, and streaming data transmissions. CLEAR Cryptosystem provides flexible modes of operation that include multi-factor authentication (MFA) and embedded access control lists (ACL) for controlled access to data.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4481", "Certificate Number": "4481", "Vendor Name": "Worldline SA/NV", "Module Name": "ADYTON Cryptographic Module", "Module Type": "Hardware", "Validation Date": "04/17/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4481.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4481", "detail_available": true, "module_name": "ADYTON Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Worldline SA/NV ADYTON is an innovative high-performance Hardware Security Module (HSM) platform. The design of the ADYTON is based on high security, reliability and robustness, user friendliness, and conformance to international security standards. ADYTON has an integrated color display, full HEX capacitive keyboard, chip card reader, fingerprint reader, and a USB Host connection." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4478", "Certificate Number": "4478", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung SCrypto Cryptographic Module", "Module Type": "Software", "Validation Date": "04/17/202308/28/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4478.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4478", "detail_available": true, "module_name": "Samsung SCrypto Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SCrypto is secure library which is used to provide a standardized common cryptographic API to trusted applications for the secure world/TEE environment.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4477", "Certificate Number": "4477", "Vendor Name": "F5, Inc.", "Module Name": "F5® vCMP Cryptographic Module", "Module Type": "Firmware", "Validation Date": "04/17/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4477.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4477", "detail_available": true, "module_name": "F5® vCMP Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed and configured as specified in the section 8 of the Security Policy with tamper evident labels contained in F5-ADD-BIG-FIPS140 kit and affixed as indicated in the Security Policy section 4.", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "F5® vCMP Cryptographic Module, Application Delivery Controller and Firewall software running on F5 BIG-IP and VIPRION hardwares." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4476", "Certificate Number": "4476", "Vendor Name": "Commscope Technologies LLC", "Module Name": "FastIron ICX™ 7650 Series Switch/Router", "Module Type": "Hardware", "Validation Date": "04/14/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4476.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4476", "detail_available": true, "module_name": "FastIron ICX™ 7650 Series Switch/Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When assembled as per Security Policy Table 2, and configured in FIPS Approved Mode as per Security Policy Section 8", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Ruckus ICX 7650 Switch is designed to meet the new challenges of the multi-gigabit wireless era. It delivers non-blocking performance, high availability, and scalability with multi-gigabit Ethernet access (2.5/5/10GbE), high PoE output with 802.3bt** support as well as 10 Gigabit Ethernet Aggregation and 40/100GbE uplink options.", "algorithms": [ "AES", "DES", "DSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4474", "Certificate Number": "4474", "Vendor Name": "Commscope Technologies LLC", "Module Name": "FastIron ICX™ 7450 Series Switch/Router", "Module Type": "Hardware", "Validation Date": "04/14/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4474.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4474", "detail_available": true, "module_name": "FastIron ICX™ 7450 Series Switch/Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When assembled as per Security Policy Table 3, and configured in FIPS Approved Mode as per Security Policy Section 8", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The ICX 7450 is an ideal network solution for campus networks requiring 1 GbE access or small aggregation deployments with upgradeable 1GbE, 10 GbE or 40 GbE uplink modules. The switch also makes a suitable data center Top-of-Rack (ToR) solution, providing a ToR access-layer that can be upgraded to run on 10GbE/40GbE in the future with minimum costs and changes to cabling.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4472", "Certificate Number": "4472", "Vendor Name": "Amazon Web Services, Inc.", "Module Name": "Amazon Linux 2 GnuTLS Cryptographic Module", "Module Type": "Software", "Validation Date": "04/14/202303/25/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4472.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4472", "detail_available": true, "module_name": "Amazon Linux 2 GnuTLS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 10.1 of the Security Policy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Amazon Linux 2 GnuTLS Cryptographic Module implements general purpose cryptographic algorithms and network protocols.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4471", "Certificate Number": "4471", "Vendor Name": "F5, Inc.", "Module Name": "F5® Device Cryptographic Module", "Module Type": "Hardware", "Validation Date": "04/14/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4471.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4471", "detail_available": true, "module_name": "F5® Device Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS Mode and configured as specified in the section 8 of the Security Policy with tamper evident labels contained in F5-ADD-BIG-FIPS140 kit and installed as indicated in the Security Policy section 4.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "F5® Device Cryptographic Module, Application Delivery Controller and Firewall software running on F5 BIG-IP and VIPRION hardware." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4470", "Certificate Number": "4470", "Vendor Name": "Dell Inc., BSAFE Product Team", "Module Name": "RSA BSAFE® Crypto-C Micro Edition", "Module Type": "Software", "Validation Date": "04/11/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4470.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4470", "detail_available": true, "module_name": "RSA BSAFE® Crypto-C Micro Edition", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When entropy is externally loaded, no assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Crypto-C Micro Edition (ME) Module is RSA's cryptographic library designed for securing mobile devices like wireless phones and personal digital assistants. It contains assembly-level optimizations on key wireless processors. Its functionality includes a wide range of data encryption and signing algorithms, including Triple-DES, the Advanced Encryption Standard (AES) algorithm, the RSA Public Key Cryptosystem, the DSA government signature algorithm, MD5 and SHA1 message digest routines, and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4465", "Certificate Number": "4465", "Vendor Name": "F5, Inc", "Module Name": "F5® Device Cryptographic Module", "Module Type": "Hardware", "Validation Date": "04/06/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4465.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4465", "detail_available": true, "module_name": "F5® Device Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS Mode and configured as specified in the section 8 of the Security Policy with tamper evident labels contained in F5-ADD-BIG-FIPS140 kit and installed as indicated in the Security Policy section 4.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "F5® Device Cryptographic Module, Application Delivery Controller and Firewall software running on F5 BIG-IP." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4464", "Certificate Number": "4464", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu 18.04 Azure Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "04/05/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4464.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4464", "detail_available": true, "module_name": "Ubuntu 18.04 Azure Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Ubuntu 18.04 Azure Kernel Crypto API module is a software module running as part of the operating system kernel that provides general purpose cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4460", "Certificate Number": "4460", "Vendor Name": "Apple Inc.", "Module Name": "Apple corecrypto User Space Module for Intel (ccv10)", "Module Type": "Software", "Validation Date": "03/28/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4460.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4460", "detail_available": true, "module_name": "Apple corecrypto User Space Module for Intel (ccv10)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Apple corecrypto User Space Module for Intel (ccv10) is a software cryptographic module running on a multi-chip standalone hardware device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4450", "Certificate Number": "4450", "Vendor Name": "Persistent Systems, LLC", "Module Name": "MPU5", "Module Type": "Hardware", "Validation Date": "03/14/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4450.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4450", "detail_available": true, "module_name": "MPU5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "The tamper evident material installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The MPU5 and Wave Relay® MANET provide wireless network connectivity between highly mobile users in a true peer-to-peer topology without requiring additional infrastructure. The MPU5 is designed to be carried by dismount users or mounted on towers, vehicles and aircraft." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4399", "Certificate Number": "4399", "Vendor Name": "Marvell", "Module Name": "NITROXIII CNN35XX-NFBE HSM Family", "Module Type": "Hardware", "Validation Date": "12/27/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4399.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4399", "detail_available": true, "module_name": "NITROXIII CNN35XX-NFBE HSM Family", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "CNN35XX-NFBE HSM Family is a high performance purpose built solution for key management and crypto acceleration compliance to FIPS 140-2 level 3. The module supports flexible key store that can be partitioned up to 32 individually managed and isolated partitions. This is a SRIOV capable PCIe adapter and can be used in a virtualization environment to extend services like virtual key management, offloading general and TLS specific crypto operations through dedicated I/O channels. This product is suitable for PKI users, vendors, TLS servers/load balancers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4377", "Certificate Number": "4377", "Vendor Name": "CyberArk Software Ltd.", "Module Name": "CyberArk Cryptographic Module", "Module Type": "Software", "Validation Date": "11/21/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4377.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4377", "detail_available": true, "module_name": "CyberArk Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "CyberArk Cryptographic Module is a standards-based cryptographic engine for servers and appliances. The module delivers core cryptographic functions to server platforms and features robust algorithm support, including Suite B algorithms. CyberArk Cryptographic Module offloads secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4376", "Certificate Number": "4376", "Vendor Name": "REDCOM Laboratories, Inc.", "Module Name": "REDCOM Crypto Module", "Module Type": "Software", "Validation Date": "11/21/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4376.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4376", "detail_available": true, "module_name": "REDCOM Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The REDCOM Crypto Module is a standards-based cryptographic engine for unified communications devices and infrastructure. REDCOM Crypto Module offloads functions for secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4375", "Certificate Number": "4375", "Vendor Name": "Radiant Logic Inc.", "Module Name": "Radiant Logic Cryptographic Module for Java", "Module Type": "Software", "Validation Date": "11/16/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4375.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4375", "detail_available": true, "module_name": "Radiant Logic Cryptographic Module for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Radiant Logic Cryptographic Module for Java is a standards-based cryptographic engine for native Java environments. The module delivers core cryptographic functions to server platforms and features robust algorithm support, including Suite B algorithms. Radiant Logic Cryptographic Module for Java offloads secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4374", "Certificate Number": "4374", "Vendor Name": "HID Global Corporation", "Module Name": "HID Global Cryptographic Module", "Module Type": "Software", "Validation Date": "11/16/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4374.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4374", "detail_available": true, "module_name": "HID Global Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "HID Global Cryptographic Module is a cryptographic engine for mobile devices. The module delivers core cryptographic functions to some of HID Global’s mobile app solutions for multifactor authentication - such as the HID Approve mobile app and HID Approve mobile SDK.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4373", "Certificate Number": "4373", "Vendor Name": "Hewlett Packard Enterprise", "Module Name": "OneView Java Crypto Module", "Module Type": "Software", "Validation Date": "11/16/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4373.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4373", "detail_available": true, "module_name": "OneView Java Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The OneView Java Cryptographic Module provides FIPS Approved cryptographic algorithms for HPE OneView.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4372", "Certificate Number": "4372", "Vendor Name": "Forcepoint", "Module Name": "Forcepoint Java Crypto Module", "Module Type": "Software", "Validation Date": "11/16/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4372.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4372", "detail_available": true, "module_name": "Forcepoint Java Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Forcepoint Java Crypto Module is a standards-based cryptographic engine for native Java environments. The module delivers core cryptographic functions to mobile and server platforms and features robust algorithm support, including Suite B algorithms. The Forcepoint Java Crypto Module offloads secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4371", "Certificate Number": "4371", "Vendor Name": "Proofpoint Inc.", "Module Name": "Proofpoint Cryptographic Module for Java", "Module Type": "Software", "Validation Date": "11/16/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4371.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4371", "detail_available": true, "module_name": "Proofpoint Cryptographic Module for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Proofpoint Cryptographic Module for Java is a cryptographic component to be used by the various Proofpoint security products. The module is designed to meet Level 1 requirements of FIPS 140-2 standard. The module is a cryptographic library that provides a variety of cryptographic services including SSH, HTTPS, etc.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4370", "Certificate Number": "4370", "Vendor Name": "Okta, Inc.", "Module Name": "Okta Cryptographic Module for Java", "Module Type": "Software", "Validation Date": "11/16/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4370.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4370", "detail_available": true, "module_name": "Okta Cryptographic Module for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Okta Cryptographic Module for Java manages functions for secure key management, data integrity, data at rest encryption, and secure communications for the Okta Multifactor Authentication solution.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4369", "Certificate Number": "4369", "Vendor Name": "Zscaler Inc.", "Module Name": "Zscaler Java Crypto Module", "Module Type": "Software", "Validation Date": "11/16/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4369.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4369", "detail_available": true, "module_name": "Zscaler Java Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Zscaler Java Crypto Module offloads functions for secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4368", "Certificate Number": "4368", "Vendor Name": "Trend Micro Inc.", "Module Name": "Trend Micro Java Crypto Module", "Module Type": "Software", "Validation Date": "11/16/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4368.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4368", "detail_available": true, "module_name": "Trend Micro Java Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Trend Micro Java Crypto Module provides FIPS Approved cryptographic algorithms for Trend Micro products including Trend Micro Deep Security.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4359", "Certificate Number": "4359", "Vendor Name": "Rubrik Inc.", "Module Name": "Rubrik Cryptographic Library for Java", "Module Type": "Software", "Validation Date": "11/08/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4359.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4359", "detail_available": true, "module_name": "Rubrik Cryptographic Library for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode, the module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Rubrik Cryptographic Library for Java is a standards-based, cryptographic engine for Rubrik products. The module delivers core cryptographic functions to applications and platforms and features robust algorithm support. The Rubrik Cryptographic Library for Java offloads functions for secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4358", "Certificate Number": "4358", "Vendor Name": "A10 Networks, Inc.", "Module Name": "Thunder Series TH3040S, TH5440S, TH5840S and TH7440S-11", "Module Type": "Hardware", "Validation Date": "11/07/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4358.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4358", "detail_available": true, "module_name": "Thunder Series TH3040S, TH5440S, TH5840S and TH7440S-11", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When operated as per the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Thunder Series is designed to meet the growing demands of Web sites, carriers and enterprises. The Thunder offers intelligent Layer 4-7 application processing capabilities with performance and scalability to meet critical business requirements.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4355", "Certificate Number": "4355", "Vendor Name": "Intel Corporation", "Module Name": "Cryptographic Module for Intel® Platforms' Security Engine Chipset", "Module Type": "Firmware-Hybrid", "Validation Date": "11/07/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4355.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4355", "detail_available": true, "module_name": "Cryptographic Module for Intel® Platforms' Security Engine Chipset", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Sections 2.3 and 9.1 for of the Security Policy. When entropy is externally loaded, no assurance of the minimum strength of generated keys", "module_type": "Firmware-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The Cryptographic Module for Intel® CSE is a hardware-firmware hybrid module present on Intel® PCH platforms. The module performs crypto functions for CSE applications, including but are not limited to: PTT (Platform Trust Technology), AMT (Active Management Technology), and DAL (Dynamic Application Loader)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4353", "Certificate Number": "4353", "Vendor Name": "Kasten, Inc.", "Module Name": "Kasten BoringCrypto", "Module Type": "Software", "Validation Date": "11/03/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4353.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4353", "detail_available": true, "module_name": "Kasten BoringCrypto", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 12.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "A software library that contains cryptographic functionality to serve BoringSSL and other user-space applications.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4349", "Certificate Number": "4349", "Vendor Name": "Spectro Cloud, Inc.", "Module Name": "Spectro Cloud Cryptographic Module", "Module Type": "Software", "Validation Date": "10/27/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4349.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4349", "detail_available": true, "module_name": "Spectro Cloud Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 12.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Spectro Cloud Cryptographic Module is a general-purpose cryptographic library incorporated into the Kubernetes Management Platform and Kubernetes distributions for the protection of sensitive information.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4320", "Certificate Number": "4320", "Vendor Name": "Nokia Corporation", "Module Name": "SR-OS Cryptographic Module", "Module Type": "Firmware", "Validation Date": "10/05/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4320.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4320", "detail_available": true, "module_name": "SR-OS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The SR-OS Cryptographic Module (SRCM) provides the cryptographic algorithm functions needed to allow SR-OS to implement cryptography for those services and protocols that require it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4319", "Certificate Number": "4319", "Vendor Name": "Raytheon Technologies", "Module Name": "Raytheon Cryptographic Module for Java", "Module Type": "Software", "Validation Date": "10/04/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4319.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4319", "detail_available": true, "module_name": "Raytheon Cryptographic Module for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Raytheon Cryptographic Module for Java is a standards-based cryptographic engine for native Java environments. The module delivers core cryptographic functions to mobile and server platforms and features robust algorithm support, including Suite B algorithms. Raytheon Cryptographic Module for Java offloads secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4318", "Certificate Number": "4318", "Vendor Name": "CTERA Networks Ltd.", "Module Name": "CTERA Crypto Module™ (Java)", "Module Type": "Software", "Validation Date": "10/04/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4318.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4318", "detail_available": true, "module_name": "CTERA Crypto Module™ (Java)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "CTERA Crypto Module™ (Java) is a secure cryptographic engine used by CTERA Enterprise File Services Platform. The platform enables organizations to securely sync, serve and protect data on any private or public cloud infrastructure.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4317", "Certificate Number": "4317", "Vendor Name": "Saviynt", "Module Name": "Saviynt Cryptographic Module", "Module Type": "Software", "Validation Date": "10/04/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4317.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4317", "detail_available": true, "module_name": "Saviynt Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Saviynt Cryptographic Module provides core cryptographic functions to the Saviynt Security Manager platform.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4316", "Certificate Number": "4316", "Vendor Name": "Singlewire Software", "Module Name": "InformaCast Java Crypto Library", "Module Type": "Software", "Validation Date": "10/04/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4316.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4316", "detail_available": true, "module_name": "InformaCast Java Crypto Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "InformaCast transforms devices on your network into a powerful system for IP paging and emergency alerting. InformaCast contains Java libraries that feature robust FIPS 140-2 validated algorithm support.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4315", "Certificate Number": "4315", "Vendor Name": "Veritas Technologies LLC", "Module Name": "Veritas Cryptographic Module for Java", "Module Type": "Software", "Validation Date": "10/04/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4315.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4315", "detail_available": true, "module_name": "Veritas Cryptographic Module for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Veritas Cryptographic Module for Java delivers core cryptographic functions for use in various Veritas products. It provides secure key management for Information Studio users and services, secure communications for clients making API calls to Information Studio, secure internal communication between the Information Studio components, secure at-rest encryption for confidential user data, and secure communications for Information Studio services transmitting data to and from external services.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4314", "Certificate Number": "4314", "Vendor Name": "Plantronics, Inc.", "Module Name": "Poly Crypto Module for Java", "Module Type": "Software", "Validation Date": "10/04/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4314.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4314", "detail_available": true, "module_name": "Poly Crypto Module for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Poly Crypto Module for Java is a standards-based \"Drop-in Compliance\" cryptographic engine for servers and appliances. The module delivers core cryptographic functions to mobile platforms and features robust algorithm support, including Suite B algorithms. Poly Crypto Module for Java offloads functions for secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4313", "Certificate Number": "4313", "Vendor Name": "Cloudera, Inc.", "Module Name": "Cloudera Cryptographic Module for Java", "Module Type": "Software", "Validation Date": "10/04/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4313.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4313", "detail_available": true, "module_name": "Cloudera Cryptographic Module for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Cloudera Cryptographic Module for Java is a FIPS 140-2 Validated Cryptographic provider for use with Cloudera Data Platform (CDP) products. The module delivers core cryptographic functions to the Cloudera Data Platform (CDP) products and features robust algorithm support.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4311", "Certificate Number": "4311", "Vendor Name": "CGI Federal Inc.", "Module Name": "CGI Momentum™ Java Cryptographic Module", "Module Type": "Software", "Validation Date": "09/26/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4311.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4311", "detail_available": true, "module_name": "CGI Momentum™ Java Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "CGI Momentum™ Java Cryptographic Module implements a wide array of cryptographic algorithms including Suite B algorithms. CGI Momentum™ product suite uses this module as Java JCA/JCE provider thus providing data at rest encryption, transport level encryption, PKI key management, digital signature generation and other crypto operations through a trusted and verified implementation.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4308", "Certificate Number": "4308", "Vendor Name": "Accellion USA, LLC", "Module Name": "Kiteworks Cryptographic Module", "Module Type": "Software", "Validation Date": "09/20/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4308.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4308", "detail_available": true, "module_name": "Kiteworks Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Kiteworks Secure File Sharing and Governance Platform offers a secure data transfer channel that protects customers’ sensitive information in transit and at rest. It provides granular policy controls and a full audit trail to comply with regulations such as HIPAA, SOC 2, NIST 800-53 and -171, ITAR and EAR. Users share files in folders, SFTP and secure email, via plugins, web, and mobile interfaces. The Kiteworks Cryptographic Module is a component of the Kiteworks Secure File Sharing and Governance Platform.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4307", "Certificate Number": "4307", "Vendor Name": "Cocoon Data", "Module Name": "Cocoon Data Content Crypto Service", "Module Type": "Software", "Validation Date": "09/20/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4307.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4307", "detail_available": true, "module_name": "Cocoon Data Content Crypto Service", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Cocoon Data Platform implements the FIPS-197 standard Advanced Encryption Standard (AES) with 256-bit key sizes (AES-256) for encryption and decryption. These keys are used with a cryptographic algorithm to encrypt and decrypt content. The cryptographic keys are generated by the secure pseudo random number generator algorithm.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4295", "Certificate Number": "4295", "Vendor Name": "Kanguru Solutions", "Module Name": "Kanguru Defender SED300", "Module Type": "Hardware", "Validation Date": "09/10/202212/22/2025", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4295.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4295", "detail_available": true, "module_name": "Kanguru Defender SED300", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in the Security Rules Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Kanguru Defender SED300 is a 256-bit AES hardware encrypted, self-encrypting solid state drive, fully compliant with industry standard TCG Opal SSC protocol, and used primarily to secure data at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4294", "Certificate Number": "4294", "Vendor Name": "DIGISTOR", "Module Name": "DIGISTOR® C Series Advanced SSD and Seagate® BarraCuda™ 515 SSD", "Module Type": "Hardware", "Validation Date": "09/10/202209/15/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4294.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4294", "detail_available": true, "module_name": "DIGISTOR® C Series Advanced SSD and Seagate® BarraCuda™ 515 SSD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in the Security Rules Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "DIGISTOR® C Series Advanced and Seagate® BarraCuda™ 515 SSDs provide endpoint security for Data at Rest. These are FIPS 140-2 L2-certified with AES 256-bit encryption. Firmware renders secured portions of the drive unreadable at the sector level. Authentication keys from user-supplied credentials use the maximum length allowed; keys are not stored in their final form. Zero-trust access prevents data breaches and ransomware attacks. Keep Alive heartbeat automatically hides secured data. Unerasable data access logs provide audit trails. Data destruction verification ensures that data was erased." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4285", "Certificate Number": "4285", "Vendor Name": "Glyph Production Technologies", "Module Name": "Secure Drive + BT", "Module Type": "Hardware", "Validation Date": "08/29/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4285.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4285", "detail_available": true, "module_name": "Secure Drive + BT", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Hardware encrypted USB 3.0 SATA drive with Bluetooth interface for authentication and configuration." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4283", "Certificate Number": "4283", "Vendor Name": "Ezurio", "Module Name": "Summit Linux FIPS Core Crypto Module", "Module Type": "Software-Hybrid", "Validation Date": "08/24/202204/17/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4283.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4283", "detail_available": true, "module_name": "Summit Linux FIPS Core Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 10.1 of the Security Policy.", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "Ezurio's 60 Series SOM and WB50NBT bring all of Ezurio's industry competence and capabilities into one solution. The SOM provides superior enterprise-class Wi-Fi and Bluetooth connectivity. This solution is equipped with a Cortex A5 applications processor, wireless and wired connectivity, enterprise-grade security, LCD support for the 60 Series SOM, and comprehensive Linux board support package (BSP). The 60 SOM is the ideal system-on-module, and the WB50NBT, the ideal wireless bridge for devices that require superior connectivity.", "algorithms": [ "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4281", "Certificate Number": "4281", "Vendor Name": "Glyph Production Technologies", "Module Name": "Secure Drive + KP", "Module Type": "Hardware", "Validation Date": "08/23/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4281.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4281", "detail_available": true, "module_name": "Secure Drive + KP", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Hardware encrypted USB 3.0 SATA drive with integrated keypad for authentication and configuration." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4276", "Certificate Number": "4276", "Vendor Name": "Ascom Sweden AB", "Module Name": "Ascom Smartphone BoringCrypto", "Module Type": "Software", "Validation Date": "08/08/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4276.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4276", "detail_available": true, "module_name": "Ascom Smartphone BoringCrypto", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 12.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Ascom Smartphone BoringCrypto is a general-purpose cryptographic library incorporated into the Ascom Myco smartphones for the protection of sensitive information.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4274", "Certificate Number": "4274", "Vendor Name": "Palo Alto Networks, Inc.", "Module Name": "Instant-On Networks (ION) devices ION 1000, ION 2000, ION 3000, ION 7000, and ION 9000", "Module Type": "Hardware", "Validation Date": "07/26/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4274.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4274", "detail_available": true, "module_name": "Instant-On Networks (ION) devices ION 1000, ION 2000, ION 3000, ION 7000, and ION 9000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The CloudGenix Instant-On Network (ION) family of hardware and software devices enable integration of heterogeneous WAN links, confident integration of the cloud, improved application performance and visibility, and reduce overall cost and complexity of customers' WAN.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4257", "Certificate Number": "4257", "Vendor Name": "Solo.io", "Module Name": "Gloo BoringCrypto", "Module Type": "Software", "Validation Date": "06/24/202209/12/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4257.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4257", "detail_available": true, "module_name": "Gloo BoringCrypto", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 12.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "BoringCrypto", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4256", "Certificate Number": "4256", "Vendor Name": "Panasonic Corporation of North America", "Module Name": "Panasonic BoringCrypto Module", "Module Type": "Software", "Validation Date": "06/24/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4256.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4256", "detail_available": true, "module_name": "Panasonic BoringCrypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 12.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Software library for the Panasonic TOUGHBOOK N1 that contains cryptographic functionality to serve BoringSSL and other user-space applications", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4255", "Certificate Number": "4255", "Vendor Name": "Zettaset, Inc", "Module Name": "Zettaset XCrypt FIPS Cryptographic Library", "Module Type": "Software", "Validation Date": "06/23/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4255.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4255", "detail_available": true, "module_name": "Zettaset XCrypt FIPS Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Zettaset FIPS Java cryptographic library for XCrypt Product Suite.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4253", "Certificate Number": "4253", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft BoringCrypto Module", "Module Type": "Software", "Validation Date": "06/23/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4253.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4253", "detail_available": true, "module_name": "Microsoft BoringCrypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 12.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Software library for the Microsoft Surface 2 Duo that contains cryptographic functionality to serve BoringSSL and other user-space applications", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4248", "Certificate Number": "4248", "Vendor Name": "Qube Cinema Technologies Pvt. Ltd.", "Module Name": "Qube Xi Integrated Media Block", "Module Type": "Hardware", "Validation Date": "06/10/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4248.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4248", "detail_available": true, "module_name": "Qube Xi Integrated Media Block", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Qube Xi Integrated Media Block is a secure media processor used primarily in Digital Cinema applications. The Qube Xi provides secure playback of Digital Cinema Packages, including media decryption and decoding, while tightly integrated with a Digital Cinema Projector or Direct View Display. Media professionals, content owners and other stakeholders, rely on the security features provided by the Qube Xi Integrated Media Block to protect their valuable content, and to perform the secure logging of operations within a theatre auditorium or post production environment." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4245", "Certificate Number": "4245", "Vendor Name": "Keysight Technologies", "Module Name": "Keysight Technologies Cryptographic Module for Network Visibility", "Module Type": "Software", "Validation Date": "06/07/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4245.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4245", "detail_available": true, "module_name": "Keysight Technologies Cryptographic Module for Network Visibility", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Keysight Technologies Cryptographic Module for Network Visibility is integrated into Keysight’s network visibility platform to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4244", "Certificate Number": "4244", "Vendor Name": "Nexthink, Inc.", "Module Name": "Nexthink Cryptographic library", "Module Type": "Software", "Validation Date": "06/07/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4244.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4244", "detail_available": true, "module_name": "Nexthink Cryptographic library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Nexthink Cryptographic library is a general purpose cryptographic module incorporated into Nexthink applications to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4240", "Certificate Number": "4240", "Vendor Name": "SafeLogic Inc.", "Module Name": "CryptoComply for Java", "Module Type": "Software", "Validation Date": "06/01/202208/04/202212/14/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4240.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4240", "detail_available": true, "module_name": "CryptoComply for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SafeLogic's CryptoComply for Java is designed to provide FIPS 140 validated cryptographic functionality and is available for licensing.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4239", "Certificate Number": "4239", "Vendor Name": "Hitachi Vantara, LLC", "Module Name": "Hitachi Vantara Cryptographic Library", "Module Type": "Software", "Validation Date": "05/31/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4239.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4239", "detail_available": true, "module_name": "Hitachi Vantara Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Hitachi Vantara Cryptographic Library is a general purpose cryptographic library incorporated into Hitachi Content Platform and other Hitachi products for the protection of sensitive information.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4237", "Certificate Number": "4237", "Vendor Name": "Panzura", "Module Name": "Panzura CloudFS ™ FIPS Cryptographic Module", "Module Type": "Software", "Validation Date": "05/25/202209/22/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4237.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4237", "detail_available": true, "module_name": "Panzura CloudFS ™ FIPS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Cryptographic module for use with Panzura products.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4231", "Certificate Number": "4231", "Vendor Name": "Nokia Corporation", "Module Name": "7705 SAR-OS SAR-A/M Cryptographic Module (SARCM)", "Module Type": "Software", "Validation Date": "05/23/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4231.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4231", "detail_available": true, "module_name": "7705 SAR-OS SAR-A/M Cryptographic Module (SARCM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The 7705 SAR-OS SAR-A/M Cryptographic Module (SARCM) provides the cryptographic algorithm functions needed to allow SAR-OS to implement cryptography for those services and protocols that require it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4230", "Certificate Number": "4230", "Vendor Name": "Tavve Holdings, LLC", "Module Name": "Ranger Cryptographic Module", "Module Type": "Software", "Validation Date": "05/16/202206/03/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4230.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4230", "detail_available": true, "module_name": "Ranger Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Ranger Cryptographic Module provides cryptographic functions for Tavve’s Ranger-based applications.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4224", "Certificate Number": "4224", "Vendor Name": "Quadient, Inc.", "Module Name": "Virtual PSD Module", "Module Type": "Firmware", "Validation Date": "05/10/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4224.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4224", "detail_available": true, "module_name": "Virtual PSD Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode with IBM 4767 Cryptographic Coprocessor Security Module validated to FIPS 140-2 under Cert. #3164 operating in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-Chip Embedded", "description": "The Quadient Virtual Postal Security Device provides register management and cryptographic key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4222", "Certificate Number": "4222", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "IOS Common Cryptographic Module (IC2M)", "Module Type": "Firmware", "Validation Date": "05/09/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4222.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4222", "detail_available": true, "module_name": "IOS Common Cryptographic Module (IC2M)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The IC2M module provides the FIPS validated cryptographic algorithms for services requiring those algorithms. The module does not implement any protocols directly. Instead, it provides the cryptographic primitives and functions to allow IOS to implement those various protocols." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4218", "Certificate Number": "4218", "Vendor Name": "Marvell Semiconductor, Inc.", "Module Name": "NITROXIII CNN35XX-NFBE HSM Family", "Module Type": "Hardware", "Validation Date": "05/09/202210/14/202208/15/202302/11/2025", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4218.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4218", "detail_available": true, "module_name": "NITROXIII CNN35XX-NFBE HSM Family", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "CNN35XX-NFBE HSM Family is a high performance purpose built solution for key management and crypto acceleration compliance to FIPS 140-2 level 3. The module supports flexible key store that can be partitioned up to 32 individually managed and isolated partitions. This is a SRIOV capable PCIe adapter and can be used in a virtualization environment to extend services like virtual key management, offloading general and TLS specific crypto operations through dedicated logical I/O channels. This product is suitable for PKI users, vendors, TLS servers/load balancers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4217", "Certificate Number": "4217", "Vendor Name": "NOKIA SOLUTIONS AND NETWORKS OY", "Module Name": "Nokia BC-FJA (Bouncy Castle FIPS Java API)", "Module Type": "Software", "Validation Date": "05/09/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4217.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4217", "detail_available": true, "module_name": "Nokia BC-FJA (Bouncy Castle FIPS Java API)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Nokia BC-FJA (Bouncy Castle FIPS Java API) is a software cryptographic module that provides cryptographic functions and services to various Nokia applications via a well-defined Java-language application programming interface (API).", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4213", "Certificate Number": "4213", "Vendor Name": "Zhejiang Dahua Technology Co., Ltd.", "Module Name": "DHSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "05/06/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4213.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4213", "detail_available": true, "module_name": "DHSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When Operated in FIPS Mode.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The module is a set of software libraries, whose purpose is to provide cryptographic algorithm services (such as encryption and decryption services), as well as Transport Layer Security protocol (TLS) v1.0, v1.1, v1.2, certificate management, asymmetric key generation, random number generation and so on. The module provides API interface for application calling. The module can act as a TLS server or TLS client, and interacts with other peers via the TLS protocol.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4204", "Certificate Number": "4204", "Vendor Name": "Nokia Corporation", "Module Name": "7705 SAR-OS SAR-18/8/X/Ax/Wx/W/H/Hc Control Plane Cryptographic Module (SARCM)", "Module Type": "Software", "Validation Date": "04/25/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4204.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4204", "detail_available": true, "module_name": "7705 SAR-OS SAR-18/8/X/Ax/Wx/W/H/Hc Control Plane Cryptographic Module (SARCM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in the Security Policy Section 9.1", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The 7705 SAR-OS SAR-18/8/X/Ax/Wx/W/H/Hc Control Plane Cryptographic Module (SARCPCM) provides the cryptographic algorithm functions needed to allow SAR-OS to implement cryptography for those services and protocols that require it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4200", "Certificate Number": "4200", "Vendor Name": "NCoded Communications, Inc.", "Module Name": "NCoded Ultra Cryptographic Mobile Module", "Module Type": "Software", "Validation Date": "04/21/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4200.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4200", "detail_available": true, "module_name": "NCoded Ultra Cryptographic Mobile Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #1938", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "NCoded Ultra Cryptographic Mobile (NUCM) Module is a standards-based \"Drop-in Compliance\" cryptographic engine for mobile devices. The module delivers core cryptographic functions to the mobile devices and features robust algorithm support, including Suite B algorithms. NUCM offloads functions for secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4186", "Certificate Number": "4186", "Vendor Name": "Cigent Technology Inc.", "Module Name": "Cigent Secure SSD Advanced FIPS M.2 2280", "Module Type": "Hardware", "Validation Date": "03/28/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4186.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4186", "detail_available": true, "module_name": "Cigent Secure SSD Advanced FIPS M.2 2280", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in the Security Rules Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Cigent Secure SSD Advanced FIPS is the most effective endpoint data protection. Firmware renders secured portions of the drive unreadable at the sector level. Keys derived from user supplied credentials use the maximum length allowed and are never stored in their final form. Zero-trust file access requires MFA to access files stopping data breach and ransomware for in-use data. Keep Alive heartbeat detects if Cigent software is disabled and automatically hides data. Secure data access logs are stored in firmware and cannot be wiped. Data destruction verification ensures complete data erasure." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4184", "Certificate Number": "4184", "Vendor Name": "Adaptiva", "Module Name": "Adaptiva Edge Platform Cryptographic Module", "Module Type": "Software", "Validation Date": "03/24/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4184.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4184", "detail_available": true, "module_name": "Adaptiva Edge Platform Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Adaptiva Edge Platform Cryptographic Module is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4179", "Certificate Number": "4179", "Vendor Name": "Thales", "Module Name": "ProtectServer Internal Express 2 (PSI-E2)", "Module Type": "Hardware", "Validation Date": "03/15/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4179.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4179", "detail_available": true, "module_name": "ProtectServer Internal Express 2 (PSI-E2)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the Security Policy Section 3", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Thales PSI-E 2 is a high-end intelligent PCI adapter card, used either standalone or in the Thales PSE 2 appliance, that provides a wide range of cryptographic functions using firmware and dedicated hardware processors. The module provides key management (e.g., generation, storage, deletion, and backup), an extensive suite of cryptographic mechanisms, and process management including separation between operators. The PSI-E 2 also features non-volatile tamper protected memory for key storage, a hardware random number generator, and an RTC." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4178", "Certificate Number": "4178", "Vendor Name": "Cellcrypt", "Module Name": "Cellcrypt Core V4 FIPS 140-2 Module", "Module Type": "Software", "Validation Date": "03/15/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4178.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4178", "detail_available": true, "module_name": "Cellcrypt Core V4 FIPS 140-2 Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Cellcrypt Core V4 FIPS 140-2 Module is a software library with a C language Application Program Interface (API) used by applications requiring cryptographic services. It is primarily used with Cellcrypt Private Stack and other Cellcrypt applications.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4175", "Certificate Number": "4175", "Vendor Name": "Secret Double Octopus", "Module Name": "Octopus Authentication Server Cryptographic Module", "Module Type": "Software", "Validation Date": "03/13/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4175.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4175", "detail_available": true, "module_name": "Octopus Authentication Server Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Octopus Authentication Server manages the authentication requests and the connection to the application on the mobile device to get the user approval." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4174", "Certificate Number": "4174", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco FIPS Object Module", "Module Type": "Software", "Validation Date": "03/09/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4174.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4174", "detail_available": true, "module_name": "Cisco FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco FIPS Object Module (FOM) is a software library that provides cryptographic services to a vast array of Cisco's networking and collaboration products. The module provides FIPS 140 validated cryptographic algorithms for services such as IPSEC, SRTP, SSH, TLS, 802.1x, etc. The module does not directly implement any of these protocols, instead it provides the cryptographic primitives and functions to allow a developer to implement the various protocols.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4166", "Certificate Number": "4166", "Vendor Name": "Keysight Technologies", "Module Name": "Keysight Technologies Cryptographic Module for OpenSSL", "Module Type": "Software", "Validation Date": "03/01/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4166.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4166", "detail_available": true, "module_name": "Keysight Technologies Cryptographic Module for OpenSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Keysight Technologies Cryptographic Module for OpenSSL is integrated into Keysight’s network visibility platform to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4165", "Certificate Number": "4165", "Vendor Name": "Splunk Inc.", "Module Name": "Splunk Cryptographic Module", "Module Type": "Software", "Validation Date": "02/28/202211/06/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4165.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4165", "detail_available": true, "module_name": "Splunk Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3273", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Splunk Cryptographic Module is a general purpose cryptographic module integrated in Splunk's products to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4164", "Certificate Number": "4164", "Vendor Name": "Trend Micro Inc.", "Module Name": "Trend Micro NSS Crypto Module", "Module Type": "Software", "Validation Date": "02/24/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4164.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4164", "detail_available": true, "module_name": "Trend Micro NSS Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security relevant modification to Cert. #3616", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Trend Micro NSS Crypto Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for Trend Micro components.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4163", "Certificate Number": "4163", "Vendor Name": "SafeLogic Inc.", "Module Name": "CryptoComply for HSM", "Module Type": "Hardware", "Validation Date": "02/22/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4163.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4163", "detail_available": true, "module_name": "CryptoComply for HSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "SafeLogic's CryptoComply for HSM is designed to provide FIPS 140-2 validated cryptographic functionality and is available for licensing.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4160", "Certificate Number": "4160", "Vendor Name": "Emerson Digital Cold Chain", "Module Name": "Emerson TempTrak Crypto Module", "Module Type": "Software", "Validation Date": "02/22/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4160.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4160", "detail_available": true, "module_name": "Emerson TempTrak Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Emerson TempTrak Crypto Module is a general purpose cryptographic module integrated into Emerson’s TempTrak product to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4148", "Certificate Number": "4148", "Vendor Name": "Cloudera, Inc.", "Module Name": "Cloudera Cryptographic Module for Libgcrypt", "Module Type": "Software", "Validation Date": "02/09/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4148.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4148", "detail_available": true, "module_name": "Cloudera Cryptographic Module for Libgcrypt", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed and configured per Security Policy section 3.1 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security-relevant modification to Cert. #3604", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Cloudera Cryptographic Module for Libgcrypt is a general purpose FIPS 140-2 Validated Cryptographic library for use with Cloudera Data Platform (CDP) products.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4147", "Certificate Number": "4147", "Vendor Name": "Hewlett Packard Enterprise", "Module Name": "Hewlett Packard Enterprise NSS Crypto Module", "Module Type": "Software", "Validation Date": "02/09/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4147.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4147", "detail_available": true, "module_name": "Hewlett Packard Enterprise NSS Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security relevant modification to Cert. #3616", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Hewlett Packard Enterprise NSS Crypto Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for Hewlett Packard Enterprise components.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4146", "Certificate Number": "4146", "Vendor Name": "Cloudera, Inc.", "Module Name": "Cloudera Cryptographic Module for NSS", "Module Type": "Software", "Validation Date": "02/07/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4146.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4146", "detail_available": true, "module_name": "Cloudera Cryptographic Module for NSS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security relevant modification to Cert. #3616", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Cloudera Cryptographic Module for NSS is a general purpose FIPS 140-2 Validated Cryptographic library for use with Cloudera Data Platform (CDP) products.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4145", "Certificate Number": "4145", "Vendor Name": "Hewlett Packard Enterprise", "Module Name": "Hewlett Packard Enterprise libgcrypt Crypto Module", "Module Type": "Software", "Validation Date": "02/07/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4145.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4145", "detail_available": true, "module_name": "Hewlett Packard Enterprise libgcrypt Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed and configured per Security Policy section 3.1 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security-relevant modification to Cert. #3604", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Hewlett Packard Enterprise libgcrypt Crypto Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for Hewlett Packard Enterprise components.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4141", "Certificate Number": "4141", "Vendor Name": "Seagate Technology LLC", "Module Name": "Seagate® BarraCuda™ 515 SSD", "Module Type": "Hardware", "Validation Date": "01/31/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4141.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4141", "detail_available": true, "module_name": "Seagate® BarraCuda™ 515 SSD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in the Security Rules Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Seagate® BarraCudaTM 515 are high-performance self-encrypting solid state drives with the support of NVMe interface. User data is protected by AES256-XTS on-the-fly hardware encryption/decryption without compromising transfer rates. This SSD series implement various FIPS approved cryptographic algorithms and FIPS approved services are provided through compliance with the industry-standard TCG Opal SSC protocol." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4136", "Certificate Number": "4136", "Vendor Name": "SafeLogic Inc.", "Module Name": "CryptoComply for Libgcrypt", "Module Type": "Software", "Validation Date": "01/18/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4136.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4136", "detail_available": true, "module_name": "CryptoComply for Libgcrypt", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed and configured per Security Policy section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security-relevant modification to Cert. #3604", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SafeLogic's CryptoComply for Libgcrypt is designed to provide FIPS 140 validated cryptographic functionality and is available for licensing.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4135", "Certificate Number": "4135", "Vendor Name": "SafeLogic Inc.", "Module Name": "CryptoComply for NSS", "Module Type": "Software", "Validation Date": "01/13/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4135.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4135", "detail_available": true, "module_name": "CryptoComply for NSS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security relevant modification to Cert. #3616", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SafeLogic's CryptoComply for NSS is designed to provide FIPS 140 validated cryptographic functionality and is available for licensing.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4133", "Certificate Number": "4133", "Vendor Name": "ECI Telecom Ltd (part of the ribbon Communications group of companies)", "Module Name": "ECI TM200EN Encryption Module", "Module Type": "Hardware", "Validation Date": "01/13/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4133.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4133", "detail_available": true, "module_name": "ECI TM200EN Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "TM200EN operates as a line card in ECI’s Apollo product line.", "algorithms": [ "AES", "CVL", "DRBG", "ECDH", "HMAC", "KDF", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4131", "Certificate Number": "4131", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "01/13/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4131.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4131", "detail_available": true, "module_name": "Juniper OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Juniper OpenSSL Cryptographic Module is a set of software libraries implementing the Transport Layer Security (TLS) protocol v1.0, v1.1 and v1.2 and Datagram Transport Layer Security (DTLS) protocol v1.0 and v1.2, as well as general purpose cryptographic algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4130", "Certificate Number": "4130", "Vendor Name": "Juniper Networks, Inc", "Module Name": "Juniper Networks EX4650, QFX5120 and QFX5210 Ethernet Switches", "Module Type": "Hardware", "Validation Date": "01/11/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4130.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4130", "detail_available": true, "module_name": "Juniper Networks EX4650, QFX5120 and QFX5210 Ethernet Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Juniper Networks QFX series switches are high performance, high density data center switches. The QFX switches provide high performance, wire speed switching with low latency and jitter. The QFX series switches provide the universal building blocks for multiple data center fabric architectures.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4128", "Certificate Number": "4128", "Vendor Name": "Neubus Inc", "Module Name": "OpenSSL_Neubus_FIPS", "Module Type": "Software", "Validation Date": "01/10/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4128.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4128", "detail_available": true, "module_name": "OpenSSL_Neubus_FIPS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Neubus OpenSSL FIPS Object Module is a software library for use by processes that require cryptographic service. It is implemented in our AV-6000 product." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4123", "Certificate Number": "4123", "Vendor Name": "FUJIFILM SONOSITE, Inc.", "Module Name": "FUJIFILM SONOSITE Cryptographic Module", "Module Type": "Software", "Validation Date": "01/05/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4123.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4123", "detail_available": true, "module_name": "FUJIFILM SONOSITE Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "FUJIFILM SONOSITE Cryptographic Module is a software library providing a C language application program interface (API) for use by processes that require cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4122", "Certificate Number": "4122", "Vendor Name": "FilingCloud", "Module Name": "FilingCloud Cryptographic Module", "Module Type": "Software", "Validation Date": "01/03/202201/07/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4122.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4122", "detail_available": true, "module_name": "FilingCloud Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3273", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "FilingCloud Cryptographic Module is a standards-based, drop-in compliant cryptographic engine for servers, PCs, network appliances, mobile devices, and other deployments. The module delivers core cryptographic functions and features robust algorithm support, including Suite B algorithms. FilingCloud Cryptographic Module offloads secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4121", "Certificate Number": "4121", "Vendor Name": "DualAuth", "Module Name": "DualAuth Cryptographic Module", "Module Type": "Software", "Validation Date": "01/03/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4121.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4121", "detail_available": true, "module_name": "DualAuth Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3273", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "DualAuth Cryptographic Module is a standards-based, drop-in compliant cryptographic engine for servers, PCs, network appliances, mobile devices, and other deployments. The module delivers core cryptographic functions and features robust algorithm support, including Suite B algorithms. DualAuth Cryptographic Module offloads secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4120", "Certificate Number": "4120", "Vendor Name": "Saviynt", "Module Name": "Saviynt Cryptographic Module", "Module Type": "Software", "Validation Date": "01/03/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4120.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4120", "detail_available": true, "module_name": "Saviynt Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3080", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Saviynt Cryptographic Module provides core cryptographic functions to the Saviynt Security Manager platform.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4118", "Certificate Number": "4118", "Vendor Name": "Nutanix, Inc.", "Module Name": "Nutanix Cryptographic Module for BoringSSL", "Module Type": "Software", "Validation Date": "12/28/202109/22/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4118.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4118", "detail_available": true, "module_name": "Nutanix Cryptographic Module for BoringSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 12.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Nutanix Cryptographic Module for BoringSSL is a suite of FIPS Approved algorithms used for TLS and other cryptographic functions.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4116", "Certificate Number": "4116", "Vendor Name": "Silver Peak Systems, Inc.", "Module Name": "Silver Peak Unity EdgeConnect EC-XS-FIPS, EC-M-P-FIPS, EC-XL-P-FIPS and EC-XL-P-NM-FIPS", "Module Type": "Hardware", "Validation Date": "12/27/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4116.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4116", "detail_available": true, "module_name": "Silver Peak Unity EdgeConnect EC-XS-FIPS, EC-M-P-FIPS, EC-XL-P-FIPS and EC-XL-P-NM-FIPS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Unity EdgeConnect appliances deliver predictable application performance over any combination of transport services. Orchestrated application-driven security policies enable direct internet breakout for trusted SaaS and web applications. Fully compatible with existing WAN infrastructure, EdgeConnect provides simplifies and enables the Thin Branch.", "algorithms": [ "AES", "CVL", "DRBG", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4115", "Certificate Number": "4115", "Vendor Name": "CommScope Technologies LLC", "Module Name": "R650-US Access Point, R650-WW Access Point, R750 Access Point, R850 Access Point, T750SE Access Point, T750 Access Point, and T750-WW Access Point", "Module Type": "Hardware", "Validation Date": "12/27/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4115.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4115", "detail_available": true, "module_name": "R650-US Access Point, R650-WW Access Point, R750 Access Point, R850 Access Point, T750SE Access Point, T750 Access Point, and T750-WW Access Point", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When initialized and configured as specified in Section 9 of the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Ruckus WiFi 6 access point portfolio comprises of indoor and outdoor APs that brings higher capacity, efficiency, and performance to enterprises, distributed offices, and small businesses. Ruckus WiFi 6 portfolio offers dual-band, dual-concurrent APs that supports up to eight spatial streams (4x4:4 in 5GHz, 4x4:4 in 2.4GHz). Equipped with OFDMA and MU-MIMO capabilities, the APs efficiently manage up to 1024 client connections with increased capacity, improved coverage and performance in ultra-high dense environments.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDH", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4114", "Certificate Number": "4114", "Vendor Name": "Juniper Networks, Inc", "Module Name": "Juniper Networks SRX345, SRX345-DUAL-AC, SRX380 and SRX1500 Services Gateway", "Module Type": "Hardware", "Validation Date": "12/22/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4114.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4114", "detail_available": true, "module_name": "Juniper Networks SRX345, SRX345-DUAL-AC, SRX380 and SRX1500 Services Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 1.2 and 5 of the Security Policy. The JNPR-FIPS-TAMPER-LBLS tamper evident seals installed as indicated in Section 5 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Juniper Networks SRX Series Services Gateways are a series of secure routers that provide essential capabilities to connect, secure, and manage work force locations sized from handfuls to hundreds of users. By consolidating fast, highly available switching, routing, security, and applications capabilities in a single device, enterprises can economically deliver new services, safe connectivity, and a satisfying end user experience.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4113", "Certificate Number": "4113", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiSandbox-1000F/2000E/3000E", "Module Type": "Hardware", "Validation Date": "12/20/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4113.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4113", "detail_available": true, "module_name": "FortiSandbox-1000F/2000E/3000E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy with the tamper evident seals and entropy token installed as indicated in the Security Policy. Authentication at level 3 is only applicable when identity-based authentication is enforced for the User role. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiSandbox-2000E, 1000F and 3000E are multiple chip, standalone cryptographic modules consisting of production grade components contained in a physically protected enclosure in accordance with FIPS 140-2 Level 2 requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4112", "Certificate Number": "4112", "Vendor Name": "Gallagher Group", "Module Name": "Gallagher OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "12/20/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4112.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4112", "detail_available": true, "module_name": "Gallagher OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Gallagher creates and delivers integrated security solutions to meet varying needs, from basic access control right through to high security alarm systems. The Gallagher OpenSSL Cryptographic Module provides cryptographic services for a range of Gallagher products.", "algorithms": [ "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4107", "Certificate Number": "4107", "Vendor Name": "VAST Data", "Module Name": "VAST Data FIPS Object Module for OpenSSL", "Module Type": "Software", "Validation Date": "12/14/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4107.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4107", "detail_available": true, "module_name": "VAST Data FIPS Object Module for OpenSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The VAST Data FIPS Object Module for OpenSSL is a software library replacement for applications that use OpenSSL 1.0.2 and require FIPS 140-2 validated cryptography.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4105", "Certificate Number": "4105", "Vendor Name": "CTERA Networks Ltd.", "Module Name": "CTERA Crypto Module (Java)", "Module Type": "Software", "Validation Date": "12/13/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4105.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4105", "detail_available": true, "module_name": "CTERA Crypto Module (Java)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3080", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "CTERA Crypto Module (Java) is a secure cryptographic engine used by CTERA Enterprise File Services Platform. The platform enables organizations to securely sync, serve and protect data on any private or public cloud infrastructure.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4104", "Certificate Number": "4104", "Vendor Name": "Broadcom", "Module Name": "CAPKI for Server", "Module Type": "Software", "Validation Date": "12/13/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4104.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4104", "detail_available": true, "module_name": "CAPKI for Server", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3273", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "CAPKI for Server is a standards-based cryptographic engine for servers. The module delivers core cryptographic functions and robust algorithm support. CAPKI for Server offloads functions for secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4103", "Certificate Number": "4103", "Vendor Name": "Cloudera, Inc.", "Module Name": "Cloudera Cryptographic Module for Java", "Module Type": "Software", "Validation Date": "12/13/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4103.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4103", "detail_available": true, "module_name": "Cloudera Cryptographic Module for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3080", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Cloudera Cryptographic Module for Java is a FIPS 140-2 Validated Cryptographic provider for use with Cloudera Data Platform (CDP) products. The module delivers core cryptographic functions to the Cloudera Data Platform (CDP) products and features robust algorithm support.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4102", "Certificate Number": "4102", "Vendor Name": "Plantronics, Inc.", "Module Name": "Poly Crypto Module for Java", "Module Type": "Software", "Validation Date": "12/13/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4102.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4102", "detail_available": true, "module_name": "Poly Crypto Module for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3080", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Poly Unified Communications Cryptographic Module for Java is a standards-based \"Drop-in Compliance\" cryptographic engine for servers and appliances. The module delivers core cryptographic functions to mobile platforms and features robust algorithm support, including Suite B algorithms. Poly Unified Communications Cryptographic Module for Java offloads functions for secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4100", "Certificate Number": "4100", "Vendor Name": "Sophos Limited", "Module Name": "Sophos Cryptographic Module", "Module Type": "Software", "Validation Date": "12/13/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4100.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4100", "detail_available": true, "module_name": "Sophos Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Sophos Cryptographic Module is a general-purpose cryptographic library incorporated into the Sophos Firewall systems to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4099", "Certificate Number": "4099", "Vendor Name": "Spectralink Corporation", "Module Name": "Qualcomm® Pseudo Random Number Generator", "Module Type": "Hardware", "Validation Date": "12/13/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4099.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4099", "detail_available": true, "module_name": "Qualcomm® Pseudo Random Number Generator", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Qualcomm Pseudo Random Number Generator is a hardware random number generator that provides cryptographic functions through on-chip entropy sources and hash based DRBG" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4096", "Certificate Number": "4096", "Vendor Name": "Singlewire Software", "Module Name": "InformaCast Java Crypto Library", "Module Type": "Software", "Validation Date": "12/06/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4096.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4096", "detail_available": true, "module_name": "InformaCast Java Crypto Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3080", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "InformaCast transforms devices on your network into a powerful system for IP paging and emergency alerting. InformaCast contains Java libraries that feature robust FIPS 140-2 validated algorithm support.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4095", "Certificate Number": "4095", "Vendor Name": "Tigera, Inc.", "Module Name": "Tigera Cryptographic Module", "Module Type": "Software", "Validation Date": "12/06/202107/01/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4095.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4095", "detail_available": true, "module_name": "Tigera Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 12.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Tigera Cryptographic Module is a general-purpose cryptographic module integrated in Tigera’s products to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4094", "Certificate Number": "4094", "Vendor Name": "Riverbed", "Module Name": "Riverbed Cryptographic Module v1.1", "Module Type": "Software", "Validation Date": "12/06/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4094.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4094", "detail_available": true, "module_name": "Riverbed Cryptographic Module v1.1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Riverbed Cryptographic Module is a general purpose cryptographic library incorporated into SteelHead family products for the protection of sensitive information.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4091", "Certificate Number": "4091", "Vendor Name": "Bruin Biometrics LLC", "Module Name": "Provizio Crypto Module", "Module Type": "Software", "Validation Date": "12/03/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4091.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4091", "detail_available": true, "module_name": "Provizio Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized, and configured as specified in Section 3 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security-relevant modification of Cert. #3432.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Provizio Crypto Module (PCM) is a general-purpose, software cryptographic module providing FIPS 140-2 Approved cryptography via a C language Application Programming Interface. PCM meets the overall requirements applicable to a multi-chip stand-alone embodiment at Level 1 security of FIPS 140-2. PCM is a cryptographic library providing symmetric and asymmetric encryption and decryption, message digest, message authentication, random number generation, key generation, digital signature generation and verification, along with other cryptographic functionality.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4088", "Certificate Number": "4088", "Vendor Name": "Plantronics, Inc.", "Module Name": "Poly Crypto Module for MobileOS", "Module Type": "Software", "Validation Date": "12/02/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4088.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4088", "detail_available": true, "module_name": "Poly Crypto Module for MobileOS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #1938", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Poly Unified Communications Cryptographic Module for MobileOS is a standards-based \"Drop-in Compliance\" cryptographic engine for servers and appliances. The module delivers core cryptographic functions to mobile platforms and features robust algorithm support, including Suite B algorithms. Poly Unified Communications Cryptographic Module for MobileOS offloads functions for secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4078", "Certificate Number": "4078", "Vendor Name": "Qualcomm Technologies, Inc.", "Module Name": "Qualcomm® Trusted Execution Environment (TEE) Software Cryptographic Library", "Module Type": "Software-Hybrid", "Validation Date": "11/29/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4078.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4078", "detail_available": true, "module_name": "Qualcomm® Trusted Execution Environment (TEE) Software Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Qualcomm(R) Pseudo Random Number Generator validated to FIPS 140-2 under Cert. #3114 operating in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Single Chip", "description": "Qualcomm Trusted Execution Environment Software Cryptographic Library provides various software cryptographic functionalities to the 32/64 bit Qualcomm Trusted Execution Environment Trusted Applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4075", "Certificate Number": "4075", "Vendor Name": "Fortanix, Inc.", "Module Name": "Fortanix SDKMS Appliance (FX2200, Version 3.10.16)", "Module Type": "Hardware", "Validation Date": "11/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4075.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4075", "detail_available": true, "module_name": "Fortanix SDKMS Appliance (FX2200, Version 3.10.16)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Fortanix SDKMS appliance is the building block for running Fortanix Self-Defending Key Management Service (SDKMS), a unified HSM and Key Management solution. With SDKMS, you can securely generate, store, and use cryptographic keys and certificates, as well as secrets, such as passwords, API keys, tokens, or any blob of data.", "algorithms": [ "AES", "CVL", "DRBG", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4073", "Certificate Number": "4073", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-VM", "Module Type": "Software", "Validation Date": "11/17/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4073.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4073", "detail_available": true, "module_name": "FortiGate-VM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy and with the entropy token installed as indicated in the Security Policy. Authentication at level 3 is only applicable when identity-based authentication is enforced for the User role. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiGate-VM is a software module designed to execute on a General Purpose Computer (GPC) hardware platform running the VMware hypervisor. The module provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering, traffic shaping, and HA capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4072", "Certificate Number": "4072", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-600D/1200D/1500D/3000D/3700D and FortiGate-5001D with FortiGate-5144C Chassis", "Module Type": "Hardware", "Validation Date": "11/17/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4072.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4072", "detail_available": true, "module_name": "FortiGate-600D/1200D/1500D/3000D/3700D and FortiGate-5001D with FortiGate-5144C Chassis", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy with the tamper evident seals and entropy token installed as indicated in the Security Policy. Authentication at level 3 is only applicable when identity-based authentication is enforced for the User role. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiGate-600D/1200D/1500D/3000D/3700D and FortiGate-5001D with FortiGate-5144C Chassis are multiple chip standalone cryptographic modules consisting of production grade components, contained in a physically protected enclosure in accordance with FIPS 140-2 Level 2 requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4071", "Certificate Number": "4071", "Vendor Name": "REDCOM Laboratories, Inc.", "Module Name": "REDCOM Crypto Module", "Module Type": "Software", "Validation Date": "11/16/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4071.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4071", "detail_available": true, "module_name": "REDCOM Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3273", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The REDCOM Crypto Module is a standards-based \"Drop-in Compliance\" cryptographic engine for unified communications devices and infrastructure. REDCOM Crypto Module offloads functions for secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4066", "Certificate Number": "4066", "Vendor Name": "Gigamon Inc.", "Module Name": "Gigamon’s BC-FJA (Bouncy Castle FIPS Java API)", "Module Type": "Software", "Validation Date": "11/02/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4066.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4066", "detail_available": true, "module_name": "Gigamon’s BC-FJA (Bouncy Castle FIPS Java API)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Gigamon’s Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4053", "Certificate Number": "4053", "Vendor Name": "CommScope Technologies LLC", "Module Name": "Ruckus Networks Virtual SmartZone (vSZ)", "Module Type": "Software", "Validation Date": "10/27/202101/30/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4053.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4053", "detail_available": true, "module_name": "Ruckus Networks Virtual SmartZone (vSZ)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When initialized and configured as specified in Section 8 of the Security Policy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Ruckus Virtual SmartZone (vSZ) is a Network Function Virtualization (NFV) based and cloud-ready controller for service providers and enterprises ready to elevate their wired and wireless infrastructure deployment to the next level of flexibility, resiliency, and scale." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4052", "Certificate Number": "4052", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "10/26/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4052.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4052", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4051", "Certificate Number": "4051", "Vendor Name": "Attivo Networks Inc.", "Module Name": "ACM 200", "Module Type": "Hardware", "Validation Date": "10/26/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4051.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4051", "detail_available": true, "module_name": "ACM 200", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The ACM is designed to manage several BOTsinks in a centralized manner. ACMs cannot be managed by other ACMs, and each BOTsink can be programmed to use one and only one ACM.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4050", "Certificate Number": "4050", "Vendor Name": "Attivo Networks Inc.", "Module Name": "BotSink 3200 and 5100", "Module Type": "Hardware", "Validation Date": "10/26/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4050.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4050", "detail_available": true, "module_name": "BotSink 3200 and 5100", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The BOTsink 3200 and BOTsink 5100 cryptographic modules are central to the Attivo BOTsink solution. These are hardware modules that deploy in configurable networks of interest to construct distributed decoy systems.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4049", "Certificate Number": "4049", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu 18.04 IBM-GT Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "10/25/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4049.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4049", "detail_available": true, "module_name": "Ubuntu 18.04 IBM-GT Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Ubuntu 18.04 IBM-GT Kernel Crypto API module is a software module running as part of the operating system kernel that provides general purpose cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4045", "Certificate Number": "4045", "Vendor Name": "eWBM", "Module Name": "MS1201 Security Sub-system", "Module Type": "Hardware", "Validation Date": "10/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4045.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4045", "detail_available": true, "module_name": "MS1201 Security Sub-system", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "MS1201 Security Sub-system is a Silicon IP Security Module with a secure asset store protecting all valuable assets on your device. It is a stand-alone Root of Trust that offers key management and crypto functions needed for platform and application security. MS1201 Security Sub-system offers all security services to manage your device securely through its lifecycle. These include Secure Debug, Secure Provisioning, HUK and Identity protection and secure authentication services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4042", "Certificate Number": "4042", "Vendor Name": "Motorola Mobility LLC", "Module Name": "Motorola BoringCrypto Android", "Module Type": "Software", "Validation Date": "10/06/202101/12/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4042.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4042", "detail_available": true, "module_name": "Motorola BoringCrypto Android", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 12.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Motorola BoringCrypto Android Module on Motorola Mobile devices running Android 11.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4040", "Certificate Number": "4040", "Vendor Name": "Avaya, Inc.", "Module Name": "Avaya BoringCrypto Android", "Module Type": "Software", "Validation Date": "10/05/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4040.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4040", "detail_available": true, "module_name": "Avaya BoringCrypto Android", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Avaya BoringCrypto Android cryptographic module is a library that provides FIPS 140-2 approved cryptographic algorithms for the BoringSSL and other user-space Android applications which require cryptographic functionality.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4039", "Certificate Number": "4039", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "09/28/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4039.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4039", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4038", "Certificate Number": "4038", "Vendor Name": "XSOC Corp", "Module Name": "XSOC Cryptosystem", "Module Type": "Software", "Validation Date": "09/27/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4038.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4038", "detail_available": true, "module_name": "XSOC Cryptosystem", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3080", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "XSOC Cryptosystem ™ is a standards-based \"Drop-in Compliance\" cryptographic engine that enables the protection of data requiring absolute compliance with federal standards. The module delivers core cryptographic Suite-B functions to the layered architecture of XSOC's own proprietary security workflow and overall cryptosystem. Data that is enciphered or transformed by XSOC passes through XSOC Cryptosystem during every cycle of operation. XSOC Cryptosystem enables flexible modes of operation for encryption.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4037", "Certificate Number": "4037", "Vendor Name": "CommScope Technologies LLC", "Module Name": "Ruckus Networks Virtual SmartZone - Data Plane (vSZ-D)", "Module Type": "Software", "Validation Date": "09/24/202101/30/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4037.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4037", "detail_available": true, "module_name": "Ruckus Networks Virtual SmartZone - Data Plane (vSZ-D)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When initialized and configured as specified in Section 8 of the Security Policy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Ruckus Virtual SmartZone-Dataplane (vSZ-D) offers organizations more flexibility in deploying the dataplane as needed in a Network Function Virtualization (NFV) architecture aligned fashion. It offers secure tunneling of user data traffic that encrypts payload traffic, maintains flat network topology, enables mobility across L2 subnets, and offers differentiated per site policy control and QoS amongst others.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4036", "Certificate Number": "4036", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco FIPS Object Module", "Module Type": "Firmware", "Validation Date": "09/23/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4036.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4036", "detail_available": true, "module_name": "Cisco FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco FIPS Object Module (FOM) is a firmware library that provides cryptographic services to a vast array of Cisco's networking and collaboration products. The module provides FIPS 140 validated cryptographic algorithms for services such as IPSEC, SRTP, SSH, TLS, 802.1x, etc. The module does not directly implement any of these protocols, instead it provides the cryptographic primitives and functions to allow a developer to implement the various protocols.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4035", "Certificate Number": "4035", "Vendor Name": "Mobile-ID Technologies And Services Joint Stock Company", "Module Name": "Trusted Key PKI Cryptographic Module", "Module Type": "Hardware", "Validation Date": "09/21/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4035.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4035", "detail_available": true, "module_name": "Trusted Key PKI Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When installed, initialized, and configured as specified in the Security Policy Section 2.12. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Our versatile Trusted Key PKI USB tokens are USB-interfaced device that offer a variety of security measures, including certificate-based public key infrastructure (PKI) authentication, digital signing, encrypting/decrypting files such as emails and documents, VPN client authentication and more.", "algorithms": [ "AES", "DES", "DRBG", "ECDSA", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4033", "Certificate Number": "4033", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "09/20/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4033.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4033", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4031", "Certificate Number": "4031", "Vendor Name": "Modius, Inc.", "Module Name": "Modius Cryptographic Security Module (MCSM)", "Module Type": "Software", "Validation Date": "09/14/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4031.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4031", "detail_available": true, "module_name": "Modius Cryptographic Security Module (MCSM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Modius Cryptographic Security Module is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4030", "Certificate Number": "4030", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-5001E1 Blade with FortiGate-5144C Chassis", "Module Type": "Hardware", "Validation Date": "09/13/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4030.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4030", "detail_available": true, "module_name": "FortiGate-5001E1 Blade with FortiGate-5144C Chassis", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy with the tamper evident seals installed as indicated in the Security Policy. Authentication at level 3 is only applicable when identity-based authentication is enforced for the User role.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiGate-5001E1 is an ATCA, blade based, multiple chip, standalone cryptographic module consisting of production grade components contained in a physically protected enclosure in accordance with FIPS 140-2 Level 2 requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4029", "Certificate Number": "4029", "Vendor Name": "Onclave Networks, Inc.", "Module Name": "Onclave FIPS Object Module for OpenSSL", "Module Type": "Software", "Validation Date": "09/13/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4029.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4029", "detail_available": true, "module_name": "Onclave FIPS Object Module for OpenSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Onclave FIPS Object Module for OpenSSL is a general-purpose cryptographic module integrated in Onclave's and third-party products to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4028", "Certificate Number": "4028", "Vendor Name": "VMware, Inc.", "Module Name": "VMware's BoringCrypto Module", "Module Type": "Software", "Validation Date": "09/13/202103/27/202311/07/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4028.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4028", "detail_available": true, "module_name": "VMware's BoringCrypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 3.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "VMware’s BoringCrypto Module is a software library that implements and provides FIPS 140-2 Approved cryptographic functionalities to various VMware products and services.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4027", "Certificate Number": "4027", "Vendor Name": "Aqua Security Software Ltd.", "Module Name": "Aqua OpenSSL Module", "Module Type": "Software", "Validation Date": "09/13/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4027.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4027", "detail_available": true, "module_name": "Aqua OpenSSL Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Aqua OpenSSL Module is a general purpose cryptographic module incorporated into the Aqua applications to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4026", "Certificate Number": "4026", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ISR 1000 Series Routers without MACSEC", "Module Type": "Hardware", "Validation Date": "09/13/202109/15/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4026.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4026", "detail_available": true, "module_name": "Cisco ISR 1000 Series Routers without MACSEC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 9 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Integrated Services Router (ISR) 1000 Series provide comprehensive security services including VPN for small businesses, enterprise small branch and teleworkers. The platforms are architected to enable the next phase of branch-office evolution, providing rich media collaboration and virtualization to the branch while offering a wide-range of connectivity options.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4024", "Certificate Number": "4024", "Vendor Name": "Splunk Inc.", "Module Name": "Splunk Cryptographic Module", "Module Type": "Software", "Validation Date": "09/07/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4024.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4024", "detail_available": true, "module_name": "Splunk Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. The validation entry is a non-security relevant modification to Cert. #3503.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Splunk Cryptographic Module is a general-purpose cryptographic module integrated in Splunk's products to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4023", "Certificate Number": "4023", "Vendor Name": "Ribbon Communications, Inc.", "Module Name": "SBC 5400 Session Border Controller", "Module Type": "Hardware", "Validation Date": "09/07/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4023.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4023", "detail_available": true, "module_name": "SBC 5400 Session Border Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 3.1 of the Security Policy. When FIPS Kit 550-06508 is installed, initialized and configured as specified in Section 3 of the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The SBC 5400 Session Border Controller is a high-performance air-cooled, 2U, IP encryption appliance that provides secure SIP-based communications with robust security, reduced latency, real-time encryption (VOIP signaling and media traffic), media transcoding, flexible SIP session routing, and policy management.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDH", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4022", "Certificate Number": "4022", "Vendor Name": "NETSCOUT Systems Inc.", "Module Name": "NETSCOUT-FJA", "Module Type": "Software", "Validation Date": "09/03/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4022.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4022", "detail_available": true, "module_name": "NETSCOUT-FJA", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The NETCOUT Systems Inc. FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well. The module is designed to integrate with the associated Bouncy Castle APIs including those for TLS, X.509, CMS, S/MIME, TSP, PKIX, and OpenPGP.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4021", "Certificate Number": "4021", "Vendor Name": "PESA, Inc.", "Module Name": "PESA Crypto Module", "Module Type": "Software", "Validation Date": "08/31/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4021.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4021", "detail_available": true, "module_name": "PESA Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The PESA Crypto Module is a general-purpose cryptographic module that provides FIPS 140-2 validated cryptographic primitives to secure sensitive information in PESA’s video distribution system.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4020", "Certificate Number": "4020", "Vendor Name": "CommScope Technologies LLC", "Module Name": "Ruckus Networks SmartZone 144 (SZ-144) and SmartZone 300 (SZ-300) WLAN Controllers", "Module Type": "Hardware", "Validation Date": "08/30/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4020.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4020", "detail_available": true, "module_name": "Ruckus Networks SmartZone 144 (SZ-144) and SmartZone 300 (SZ-300) WLAN Controllers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When initialized and configured as specified in Section 9 of the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Ruckus SmartZone is an industry leading controller that supports comprehensive management functionality, high performance operation and flexibility to address many different implementation scenarios. Its unique architecture allows the controller to actively manage APs and switches in the network, providing enhanced resiliency and visibility.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4016", "Certificate Number": "4016", "Vendor Name": "Code Corporation", "Module Name": "codeEncrypt", "Module Type": "Software", "Validation Date": "08/24/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4016.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4016", "detail_available": true, "module_name": "codeEncrypt", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When entropy is externally loaded, no assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "codeEncrypt module is a comprehensive suite of FIPS Approved algorithms.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4015", "Certificate Number": "4015", "Vendor Name": "Verizon", "Module Name": "Verizon OpenSSL Library", "Module Type": "Software", "Validation Date": "08/24/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4015.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4015", "detail_available": true, "module_name": "Verizon OpenSSL Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. The validation entry is a non-security relevant modification to Cert. #3503.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Verizon OpenSSL Library is a software library replacement for applications that use OpenSSL 1.0.2 and require FIPS 140-2 validated cryptography (including FIPS 186-4 RSA KeyGen).", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4014", "Certificate Number": "4014", "Vendor Name": "Kyocera Document Solutions Inc.", "Module Name": "MFP Cryptographic Module(A)", "Module Type": "Hardware", "Validation Date": "08/24/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4014.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4014", "detail_available": true, "module_name": "MFP Cryptographic Module(A)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Section 10.3 of the Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "MFP Cryptographic Module(A) is a cryptographic security chip for encrypting data written to a storage device and other security function of Kyocera multifunction printer. Secure key generation and fast AES encryption/decryption are offered through SATA interface. SecureBoot verifies the integrity of the firmware when the product starts up." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4012", "Certificate Number": "4012", "Vendor Name": "Palo Alto Networks, Inc.", "Module Name": "GlobalProtect App", "Module Type": "Software", "Validation Date": "08/19/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4012.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4012", "detail_available": true, "module_name": "GlobalProtect App", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy and operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The GlobalProtect App is a software cryptographic module that runs on commerically available operating systems and provides security for mobile users. The GlobalProtect App secures traffic using TLS or IPsec, and allows users to connect to corporate networks to access a company's resources from anywhere in the world (e.g., when users are remote)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4009", "Certificate Number": "4009", "Vendor Name": "NXP Semiconductors", "Module Name": "FIPS SE051", "Module Type": "Hardware", "Validation Date": "08/12/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4009.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4009", "detail_available": true, "module_name": "FIPS SE051", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "NXP Semiconductors offers the secure element EdgeLock™ SE051 as a turnkey solution for IoT security. It comes with JCOP4, a secure Java Card Operating System based on several independent 3rd party specifications, such as Java Card 3.0.4 specifications or the GlobalPlatform, and an applet optimized for IoT security use cases pre-installed and updatable via SEMS Lite. There is also a version that can be programmed with customer developed applets. The solution is complemented by NXP’s Plug & Trust Middleware, enabling fast time to market & easy design in with host applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4008", "Certificate Number": "4008", "Vendor Name": "DataLocker Inc.", "Module Name": "K350", "Module Type": "Hardware", "Validation Date": "08/11/202108/25/202104/14/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4008.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4008", "detail_available": true, "module_name": "K350", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "This module contains the embedded module JCOP 3 SecID P60 CS (OSB) validated to FIPS 140-2 under Cert. #3175 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The K350 is an encrypted portable storage device, featuring three crypto processors, which provide layers of cryptographic protection. It requires no additional software or drivers to be installed on the host PC. It is intended for use by US Federal agencies or other markets that require FIPS 140-2 validated encrypted storage.", "algorithms": [ "AES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4007", "Certificate Number": "4007", "Vendor Name": "IBM Corporation", "Module Name": "IBM® z/VM® Version 7 Release 2 System SSL Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "08/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4007.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4007", "detail_available": true, "module_name": "IBM® z/VM® Version 7 Release 2 System SSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "z/VM System SSL provides cryptographic functions which allows z/VM to protect data using the SSL/TLS protocols. z/VM System SSL also enables administrators to create and manage X.509 V3 certificates and keys within key database files." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4005", "Certificate Number": "4005", "Vendor Name": "Kanguru Solutions", "Module Name": "Kanguru Defender SED300", "Module Type": "Hardware", "Validation Date": "08/06/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4005.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4005", "detail_available": true, "module_name": "Kanguru Defender SED300", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in the Security Rules Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Kanguru Defender SED300 is a 256-bit AES hardware encrypted, self-encrypting solid state drive, fully compliant with industry standard TCG Opal SSC protocol, and used primarily to secure data at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4004", "Certificate Number": "4004", "Vendor Name": "Dynatrace, Inc.", "Module Name": "Dynatrace Java Crypto Module", "Module Type": "Software", "Validation Date": "08/03/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4004.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4004", "detail_available": true, "module_name": "Dynatrace Java Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Dynatrace Java Crypto Module is a general-purpose cryptographic module integrated into the Dynatrace Active Gate product to provide FIPS 140-2 validated cryptography for TLS and the protection of other sensitive information.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4002", "Certificate Number": "4002", "Vendor Name": "Tanium, Inc.", "Module Name": "Tanium FIPS OpenSSL Module", "Module Type": "Software", "Validation Date": "08/03/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4002.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4002", "detail_available": true, "module_name": "Tanium FIPS OpenSSL Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Tanium FIPS OpenSSL module is a general purpose cryptographic module incorporated into the Tanium Endpoint Platform to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4001", "Certificate Number": "4001", "Vendor Name": "ControlUp Technologies, Inc", "Module Name": "ControlUp OpenSSL FIPS library", "Module Type": "Software", "Validation Date": "08/03/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4001.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4001", "detail_available": true, "module_name": "ControlUp OpenSSL FIPS library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The ControlUp OpenSSL FIPS library is a general purpose cryptographic module incorporated into the ControlUp applications to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4000", "Certificate Number": "4000", "Vendor Name": "Cohesity Inc.", "Module Name": "Cohesity FIPS Object Module for OpenSSL", "Module Type": "Software", "Validation Date": "08/03/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4000.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4000", "detail_available": true, "module_name": "Cohesity FIPS Object Module for OpenSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The KeyPair FIPS Object Module is incorporated into Cohesity OS that is supported on various hardware models.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3999", "Certificate Number": "3999", "Vendor Name": "Koninklijke Philips N.V.", "Module Name": "Philips FIPS Object Module for OpenSSL", "Module Type": "Software", "Validation Date": "08/03/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3999.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3999", "detail_available": true, "module_name": "Philips FIPS Object Module for OpenSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Philips FIPS Object Module for OpenSSL is a general-purpose cryptographic module integrated in Philips' products to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3998", "Certificate Number": "3998", "Vendor Name": "CareView Communications, Inc.", "Module Name": "CareView Cryptographic Module", "Module Type": "Software", "Validation Date": "08/03/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3998.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3998", "detail_available": true, "module_name": "CareView Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The CareView Cryptographic Module is a software module that provides cryptographic services.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3996", "Certificate Number": "3996", "Vendor Name": "Apricorn", "Module Name": "Aegis Fortress L3 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "07/29/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3996.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3996", "detail_available": true, "module_name": "Aegis Fortress L3 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When configured as specified in Section 11.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Aegis Fortress L3 is a FIPS 140-2 Level 3 validated hardware encrypted USB 3.1 external storage drive. Its software free design allows interface to any host that supports USB and mass storage. Authentication is performed via the embedded keypad and all CSPs (PINs, encryption keys, etc) never leave the device boundary for improved security. The device supports 1 administrator and 1 user and offers a variety of features including forced enrollment, programmable brute force, recovery PINs, 7-16 digit PINs, auto lock, read only modes, and is compatible with Apricorn’s Aegis Configurator." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3994", "Certificate Number": "3994", "Vendor Name": "CommVault Systems, Inc.", "Module Name": "CommVault Crypto Library", "Module Type": "Software", "Validation Date": "07/27/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3994.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3994", "detail_available": true, "module_name": "CommVault Crypto Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "CommVault Crypto Library (CVCL) is a cryptographic software module used in various products by CommVault Systems, Inc. The module provides a collection of FIPS Approved and Non-FIPS Approved cryptographic services for key generation, symmetric and asymmetric encryption, hash, HMAC and signature generation/verification." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3988", "Certificate Number": "3988", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ASR 1000 Series Routers without MACSEC", "Module Type": "Hardware", "Validation Date": "07/19/202108/25/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3988.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3988", "detail_available": true, "module_name": "Cisco ASR 1000 Series Routers without MACSEC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 9 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco ASR 1000 Series Routers accelerate services by offering performance and resiliency with optimized, intelligent services; establishing a benchmark for price-to-performance offerings in the enterprise routing, service provider edge, and broadband aggregation segments; facilitating significant network innovations in areas such as secure WAN aggregation, managed customer-premises-equipment services, and service provider edge services; reducing operating expenses and capital expenditures by facilitating managed or hosted services over identical architectures and operating environments.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3985", "Certificate Number": "3985", "Vendor Name": "Marvell", "Module Name": "NITROXIII CNN35XX-NFBE HSM Family", "Module Type": "Hardware", "Validation Date": "07/16/202108/13/202102/14/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3985.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3985", "detail_available": true, "module_name": "NITROXIII CNN35XX-NFBE HSM Family", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized and configured per Section 10 of the Security Policy. This validation entry is a non-security-relevant modification to Cert. #3788", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "CNN35XX-NFBE HSM Family is a high performance purpose built solution for key management and crypto acceleration compliance to FIPS 140-2 level 3. The module supports flexible key store that can be partitioned up to 32 individually managed and isolated partitions. This is a SRIOV capable PCIe adapter and can be used in a virtualization environment to extend services like virtual key management, offloading general and TLS specific crypto operations through dedicated logical I/O channels. This product is suitable for PKI users, vendors, TLS servers/load balancers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3984", "Certificate Number": "3984", "Vendor Name": "Coolrock Software Pty Ltd", "Module Name": "OFSM (Obsidian FIPS Security Module)", "Module Type": "Software", "Validation Date": "07/16/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3984.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3984", "detail_available": true, "module_name": "OFSM (Obsidian FIPS Security Module)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Obsidian FIPS Security Module is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3982", "Certificate Number": "3982", "Vendor Name": "Ruckus Wireless, Inc.", "Module Name": "R610-F Access Point, R710 Access Point, R720 Access Point, T610 Access Point, T610s Access Point, T710 Access Point, T710s Access Point, E510 Access Point", "Module Type": "Hardware", "Validation Date": "07/15/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3982.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3982", "detail_available": true, "module_name": "R610-F Access Point, R710 Access Point, R720 Access Point, T610 Access Point, T610s Access Point, T710 Access Point, T710s Access Point, E510 Access Point", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Sections 2 and 8 of the Security Policy and with the tamper evident seals installed as specified in Section 7 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "R610 is an indoor 802.11ac Wave 2 3x3:3 Wi-Fi AP; R710 is an indoor 802.11ac Wave 2 4x4:4 Wi-Fi AP; R720 is an indoor 802.11ac Wave 2 4x4:4 Wi-Fi AP with 2.5Gbps Backhaul; T610 is an outdoor 802.11ac Wave 2 4x4:4 Wi-Fi AP; T710 is an outdoor 802.11ac Wave 2 4x4:4 Wi-Fi AP; E510 is an embedded 802.11ac Wave 2 Wi-Fi AP with external antenna", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3981", "Certificate Number": "3981", "Vendor Name": "Entrust Corporation", "Module Name": "Entrust Authority™ Security Kernel", "Module Type": "Software", "Validation Date": "07/15/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3981.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3981", "detail_available": true, "module_name": "Entrust Authority™ Security Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with module [Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Windows Server 2016 Standard] validated to FIPS 140-2 under Cert. #2936 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Security Kernel is a C++ implementation of cryptographic functions accessible by an object-oriented API. Depending on configuration, the algorithms may be implemented in software, hardware, or both." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3976", "Certificate Number": "3976", "Vendor Name": "Keeper Security Inc.", "Module Name": "Keeper Security Cryptographic Module", "Module Type": "Software", "Validation Date": "07/12/202107/27/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3976.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3976", "detail_available": true, "module_name": "Keeper Security Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Keeper is a password manager application and digital vault that stores passwords, authentication information and other sensitive documents using 256-bit AES encryption, zero-knowledge architecture and two-factor authentication.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3974", "Certificate Number": "3974", "Vendor Name": "HPI Federal LLC", "Module Name": "Poly Crypto Module", "Module Type": "Software", "Validation Date": "07/07/202111/14/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3974.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3974", "detail_available": true, "module_name": "Poly Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3273", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Poly Crypto Module is a standards-based \"Drop-in Compliance\" cryptographic engine for unified communications devices and infrastructure. The module delivers core cryptographic functions to HP Poly devices and features robust algorithm support, including Suite B algorithms. Poly Crypto Module offloads functions for secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation. The Poly Crypto module is used by the following HP Poly devices: VVX 150, VVX 250, VVX 350, VVX 450.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3972", "Certificate Number": "3972", "Vendor Name": "DataLocker Inc.", "Module Name": "DL4FE", "Module Type": "Hardware", "Validation Date": "07/07/202102/25/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3972.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3972", "detail_available": true, "module_name": "DL4FE", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "This module contains the embedded module JCOP 3 SecID P60 CS (OSB) validated to FIPS 140-2 under Cert. #3175 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The DL4FE is an encrypted portable storage device, featuring three crypto processors, which provide layers of cryptographic protection. It requires no additional software or drivers to be installed on the host PC. It is intended for use by US Federal agencies or other markets that require FIPS 140-2 validated encrypted storage.", "algorithms": [ "AES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3967", "Certificate Number": "3967", "Vendor Name": "Extreme Networks, Inc.", "Module Name": "Extreme Networks SLX 9640, SLX 9150 and SLX 9250 Switches", "Module Type": "Hardware", "Validation Date": "07/06/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3967.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3967", "detail_available": true, "module_name": "Extreme Networks SLX 9640, SLX 9150 and SLX 9250 Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Section 9 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Extreme Networks SLX 9640, SLX 9150 and SLX 9250 are Top of Rack (ToR) 1/10/40/100 GbE, low-latency switch for virtualized and cloud environments. Delivers exceptional application performance. Extreme SLX 9640 is an enterprise-class 1/10/40/100GbE routing platform featuring ease of management and high performance in a small footprint to scale out your virtualized and/or cloud network. SLX 9150 and SLX 9250 are enterprise class 1/10/25/40/100GbE switching platforms that meet the demands of operational scalability." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3961", "Certificate Number": "3961", "Vendor Name": "Securemetric Technology Sdn Bhd.", "Module Name": "ST3H Ace Token", "Module Type": "Hardware", "Validation Date": "06/29/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3961.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3961", "detail_available": true, "module_name": "ST3H Ace Token", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When installed, initialized, and configured as specified in the Security Policy Section 2.12. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The HYP2003 Cryptographic Module is designed to provide strong authentication and identification and to support network login, secure online transactions, digital signatures, and sensitive data protection.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3960", "Certificate Number": "3960", "Vendor Name": "DocuSign, Inc.", "Module Name": "DocuSign HSM Appliance", "Module Type": "Hardware", "Validation Date": "06/27/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3960.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3960", "detail_available": true, "module_name": "DocuSign HSM Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. This module contains the embedded module eToken 5105 validated to FIPS 140-2 under Cert. #1883 operating in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "DocuSign HSM Appliance is a high-performance cryptographic service provider. It performs high-speed cryptographic operations while protecting sensitive data. Its features include Triple-DES, AES, CCM, HMAC, RSA, ECDSA, SHA-1, SHA-256, SHA-384, SHA-512, public key database and certificate support, authenticated and encrypted communication with the module, secure storage of secret/private keys, software key medium and smartcard support, tamper-responsive enclosure, high level API requiring no cryptographic expertise, in-depth logging and auditing, and secure backup capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3958", "Certificate Number": "3958", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba AOS-CX Cryptographic Module", "Module Type": "Software", "Validation Date": "06/22/202106/25/202101/30/202209/14/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3958.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3958", "detail_available": true, "module_name": "Aruba AOS-CX Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Aruba AOS-CX Cryptographic Module is the FIPS validated cryptographic provider for Aruba 10000, 8XXX series, and 6XXX series switches.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3956", "Certificate Number": "3956", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 8 GnuTLS Cryptographic Module", "Module Type": "Software", "Validation Date": "06/17/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3956.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3956", "detail_available": true, "module_name": "Red Hat Enterprise Linux 8 GnuTLS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "GnuTLS is a secure communications library implementing the TLS and DTLS protocols. It provides a simple C language application programming interface to access the secure communications protocols as well as APIs to parse and write X.509, PKCS#12, and other required structures which is shipped with Red Hat Enterprise Linux 8." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3954", "Certificate Number": "3954", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu 18.04 Google Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "06/14/202110/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3954.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3954", "detail_available": true, "module_name": "Ubuntu 18.04 Google Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Ubuntu 18.04 Google Kernel Crypto API module is a software module running as part of the operating system kernel that provides general purpose cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3950", "Certificate Number": "3950", "Vendor Name": "Spectralink", "Module Name": "Spectralink Cryptographic Module for BoringSSL", "Module Type": "Software", "Validation Date": "06/08/202110/21/202111/29/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3950.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3950", "detail_available": true, "module_name": "Spectralink Cryptographic Module for BoringSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 12.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "A software library that provides FIPS 140-2 approved algorithms to BoringSSL and other user-space applications on Spectralink Android devices.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3946", "Certificate Number": "3946", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 8 NSS Cryptographic Module", "Module Type": "Software", "Validation Date": "06/07/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3946.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3946", "detail_available": true, "module_name": "Red Hat Enterprise Linux 8 NSS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major Internet security standards. NSS is available free of charge under a variety of open source compatible licenses. See http://www.mozilla.org/projects/security/pki/nss/." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3945", "Certificate Number": "3945", "Vendor Name": "Rambus Inc.", "Module Name": "VaultIP", "Module Type": "Hardware", "Validation Date": "06/07/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3945.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3945", "detail_available": true, "module_name": "VaultIP", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "VaultIP is a Silicon IP Security Module with a secure asset store protecting all valuable assets on your device. It is a stand-alone Root of Trust that offers key management and crypto functions needed for platform and application security. VaultIP offers all security services to manage your device securely through its lifecycle. These include Secure Debug, Secure Provisioning, HUK and Identity protection and secure authentication services. Secure Boot and Communication protocols such as TLS can leverage VaultIP to secure the boot process and protect private communication keys." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3944", "Certificate Number": "3944", "Vendor Name": "Apricorn", "Module Name": "Apricorn FIPS 140-2 Encryption System Gen 2", "Module Type": "Hardware", "Validation Date": "06/07/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3944.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3944", "detail_available": true, "module_name": "Apricorn FIPS 140-2 Encryption System Gen 2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When configured as specified in Section 11.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The AFESG2 is a FIPS 140-2 Level 2 validated complete encryption system. Its software-free design allows interface to any host that supports USB and mass storage. All CSPs (PINs, encryption keys, etc.) are protected and never leave the module boundary for improved security. The device supports 1 Admin, 4 Users and offers a variety of features including forced enrollment, programmable brute force, recovery PINs, 7-16 digit PINs, auto lock, read-only modes, and is compatible with Apricorn’s Aegis Configurator. The AFESG2 is used in the Aegis Fortress, Padlock DT FIPS and Padlock SSD." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3943", "Certificate Number": "3943", "Vendor Name": "Apricorn", "Module Name": "Aegis Secure Key 3NX Cryptographic Module", "Module Type": "Hardware", "Validation Date": "06/07/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3943.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3943", "detail_available": true, "module_name": "Aegis Secure Key 3NX Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When configured as specified in Section 11.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Apricorn Aegis Secure Key 3NX and 3NXC is a FIPS 140-2 Level 3 validated hardware encrypted USB 3.1 memory key. Its software-free design allows interface to any host that supports USB and mass storage. Authentication is performed via the embedded keypad and all CSPs (PINs, encryption keys, etc) never leave the device boundary for improved security. The device supports 1 administrator, 1 user and offers a variety of features including forced enrollment, programmable brute force, recovery PINs, 7-16 digit PINs, auto lock, read only modes, and is compatible with Apricorn’s Aegis Configurator." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3942", "Certificate Number": "3942", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-6300F/6301F/6500F/6501F", "Module Type": "Hardware", "Validation Date": "06/02/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3942.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3942", "detail_available": true, "module_name": "FortiGate-6300F/6301F/6500F/6501F", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy with the tamper evident seals and entropy token installed as indicated in the Security Policy. Authentication at level 3 is only applicable when identity-based authentication is enforced for the User role. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiGate-6300F/6301F/6500F/6501F are multiple chip, standalone cryptographic modules consisting of production grade components contained in a physically protected enclosure in accordance with FIPS 140-2 Level 2 requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3941", "Certificate Number": "3941", "Vendor Name": "Broadcom Inc.", "Module Name": "Broadcom FIPS Object Module for OpenSSL", "Module Type": "Software", "Validation Date": "06/02/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3941.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3941", "detail_available": true, "module_name": "Broadcom FIPS Object Module for OpenSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Broadcom FIPS Module for OpenSSL is a general-purpose cryptographic module integrated in Broadcom’s products and Whitebox switches running Broadcom Network Operating Systems to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3937", "Certificate Number": "3937", "Vendor Name": "IBM Corporation", "Module Name": "IBM® z/OS® Version 2 Release 4 System SSL Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "05/26/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3937.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3937", "detail_available": true, "module_name": "IBM® z/OS® Version 2 Release 4 System SSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules IBM(R) z/OS(R) Version 2 Release 4 Security Server RACF(R) Signature Verification Module validated to FIPS 140-2 under Cert. #2691 and IBM(R) z/OS(R) Version 2 Release 4 ICSF PKCS #11 Cryptographic Module validated to FIPS 140-2 under Cert. #3924 operating in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "z/OS® System SSL provides a rich set of C based application programming interfaces that allow applications to protect data using the SSL/TLS protocols and through PKCS#7 cryptographic messages. z/OS System SSL also enables applications to create and manage X.509 V3 certificates and keys within key database files and PKCS#11 tokens." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3930", "Certificate Number": "3930", "Vendor Name": "Marvell", "Module Name": "NITROXIII CNN35XX-NFBE HSM Family", "Module Type": "Hardware", "Validation Date": "05/21/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3930.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3930", "detail_available": true, "module_name": "NITROXIII CNN35XX-NFBE HSM Family", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized and configured per Section 10 of the Security Policy. This validation entry is a non-security-relevant modification to Cert. #3788", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "CNN35XX-NFBE HSM Family is a high performance purpose built solution for key management and crypto acceleration compliance to FIPS 140-2 level 3. The module supports flexible key store that can be partitioned up to 32 individually managed and isolated partitions. This is a SRIOV capable PCIe adapter and can be used in a virtualization environment to extend services like virtual key management, offloading general and TLS specific crypto operations through dedicated logical I/O channels. This product is suitable for PKI users, vendors, TLS servers/load balancers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3929", "Certificate Number": "3929", "Vendor Name": "Plantronics, Inc.", "Module Name": "Poly Unified Communications Cryptographic Module", "Module Type": "Firmware-Hybrid", "Validation Date": "05/21/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3929.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3929", "detail_available": true, "module_name": "Poly Unified Communications Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The Poly UC Cryptographic Library is a component of Poly's Unified Communications products and solutions. It provides the underlying cryptographic primitives as well as the functionality necessary to support the use of industry-standard secure communications protocols." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3927", "Certificate Number": "3927", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-201E/301E/401E/501E/601E", "Module Type": "Hardware", "Validation Date": "05/17/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3927.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3927", "detail_available": true, "module_name": "FortiGate-201E/301E/401E/501E/601E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy with the tamper evident seals installed as indicated in the Security Policy. Authentication at level 3 is only applicable when identity-based authentication is enforced for the User role.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiGate-201E/301E/401E/501E/601E are multiple chip, standalone cryptographic modules consisting of production grade components contained in a physically protected enclosure in accordance with FIPS 140-2 Level 2 requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3924", "Certificate Number": "3924", "Vendor Name": "IBM Corporation", "Module Name": "IBM® z/OS® Version 2 Release 4 ICSF PKCS #11 Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "05/10/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3924.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3924", "detail_available": true, "module_name": "IBM® z/OS® Version 2 Release 4 ICSF PKCS #11 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module IBM(R) z/OS(R) Version 2 Release 4 Security Server RACF(R) Signature Verification Module validated to FIPS 140-2 under Cert. #2691 operating in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "ICSF is a software element of z/OS that works with hardware cryptographic features and the Security Server (RACF) to provide secure, high-speed cryptographic services in the z/OS environment. ICSF, which runs as a started task, provides the application programming interfaces by which applications request the cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3921", "Certificate Number": "3921", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux Unbreakable Enterprise Kernel (UEK 4) Cryptographic Module", "Module Type": "Software", "Validation Date": "05/04/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3921.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3921", "detail_available": true, "module_name": "Oracle Linux Unbreakable Enterprise Kernel (UEK 4) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Oracle Linux 7 NSS Cryptographic Library validated to FIPS 140-2 under Cert. #3616 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3919", "Certificate Number": "3919", "Vendor Name": "IBM Corporation", "Module Name": "IBM® z/OS® Version 2 Release 4 System SSL Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "05/03/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3919.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3919", "detail_available": true, "module_name": "IBM® z/OS® Version 2 Release 4 System SSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules IBM(R) z/OS(R) Version 2 Release 4 Security Server RACF(R) Signature Verification Module validated to FIPS 140-2 under Cert. #2691 operating in FIPS mode and IBM(R) z/OS(R) Version 2 Release 4 ICSF PKCS #11 Cryptographic Module validated to FIPS 140-2 under Cert. #3909 operating in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "z/OS® System SSL provides a rich set of C based application programming interfaces that allow applications to protect data using the SSL/TLS protocols and through PKCS#7 cryptographic messages. z/OS System SSL also enables applications to create and manage X.509 V3 certificates and keys within key database files and PKCS#11 tokens." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3918", "Certificate Number": "3918", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 8 Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "05/03/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3918.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3918", "detail_available": true, "module_name": "Red Hat Enterprise Linux 8 Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates random strings whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Linux kernel Crypto API implemented in Red Hat Enterprise Linux 8 provides services operating inside the Linux kernel with various ciphers, message digests and an approved random number generator." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3917", "Certificate Number": "3917", "Vendor Name": "Huawei Technologies Co., Ltd.", "Module Name": "HUAWEI OptiX OSN 1800 Series", "Module Type": "Hardware", "Validation Date": "05/03/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3917.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3917", "detail_available": true, "module_name": "HUAWEI OptiX OSN 1800 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode as specified in Section 8 of the Security Policy. The tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "OptiX OSN 1800 series provide a truly seamless integration of technologies, serving high-bandwidth packet, OTN and TDM transport application at the edge/aggregation point for metro networks.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3913", "Certificate Number": "3913", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-61E/61F/81E/101E/101F and FortiWiFi-61E", "Module Type": "Hardware", "Validation Date": "05/03/202105/11/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3913.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3913", "detail_available": true, "module_name": "FortiGate-61E/61F/81E/101E/101F and FortiWiFi-61E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy with the tamper evident seals installed as indicated in the Security Policy. Authentication at level 3 is only applicable when identity-based authentication is enforced for the User role.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiGate-61E/61F/81E/101E/101F and FortiWiFi-61E are multiple chip, standalone cryptographic modules consisting of production grade components contained in a physically protected enclosure in accordance with FIPS 140-2 Level 2 requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3912", "Certificate Number": "3912", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-3401E/3601E/3960E/3980E", "Module Type": "Hardware", "Validation Date": "05/03/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3912.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3912", "detail_available": true, "module_name": "FortiGate-3401E/3601E/3960E/3980E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy with the tamper evident seals installed as indicated in the Security Policy. Authentication at level 3 is only applicable when identity-based authentication is enforced for the User role.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiGate-3401E, 3601E, 3960E and 3980E are multiple chip, standalone cryptographic modules consisting of production grade components contained in a physically protected enclosure in accordance with FIPS 140-2 Level 2 requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3909", "Certificate Number": "3909", "Vendor Name": "IBM Corporation", "Module Name": "IBM® z/OS® Version 2 Release 4 ICSF PKCS #11 Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "04/26/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3909.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3909", "detail_available": true, "module_name": "IBM® z/OS® Version 2 Release 4 ICSF PKCS #11 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module IBM(R) z/OS(R) Version 2 Release 4 Security Server RACF(R) Signature Verification Module validated to FIPS 140-2 under Cert. #2691 operating in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "ICSF is a software element of z/OS that works with hardware cryptographic features and the Security Server (RACF) to provide secure, high-speed cryptographic services in the z/OS environment. ICSF, which runs as a started task, provides the application programming interfaces by which applications request the cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3906", "Certificate Number": "3906", "Vendor Name": "Senetas Corporation Ltd., distributed by Thales SA (SafeNet)", "Module Name": "CN6000 Series Encryptors", "Module Type": "Hardware", "Validation Date": "04/22/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3906.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3906", "detail_available": true, "module_name": "CN6000 Series Encryptors", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The CN6000 Series are high-speed hardware encryption platforms that secure data over optical and twisted-pair Ethernet networks. Models included are the CN6100 10G Ethernet; operating at a line rate of 10Gb/s and the CN6040 1G Ethernet; operating at a line rate of up to 1Gb/s. Data privacy is provided by FIPS approved AES CFB and CTR algorithms. GCM is also available for applications that demand authentication. TRANSEC (aka Traffic Flow Security or TFS) can be used to remove patterns in network traffic and prevent traffic analysis." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3905", "Certificate Number": "3905", "Vendor Name": "Senetas Corporation Ltd., distributed by Thales SA (SafeNet)", "Module Name": "CN Series Encryptors", "Module Type": "Hardware", "Validation Date": "04/22/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3905.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3905", "detail_available": true, "module_name": "CN Series Encryptors", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The CN4010, CN4020, CN6010, CN6140, CN9100 and CN9120 are high-speed hardware encryption platforms that secure data over twisted-pair and optical Ethernet networks. The modules support line rates from 10Mb/s to 100Gb/s. All models except CN4010 are equipped with pluggable transceivers to support a variety of optical network interfaces. Data privacy is provided by FIPS approved AES algorithms in CFB, CTR and GCM modes. Additional transmission security is provided via TRANSEC (Traffic Flow Security) which can be used to remove patterns in network traffic and prevent traffic analysis attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3904", "Certificate Number": "3904", "Vendor Name": "Beijing JN TASS Technology Co., Ltd.", "Module Name": "TASS Crypto Engine", "Module Type": "Hardware", "Validation Date": "04/22/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3904.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3904", "detail_available": true, "module_name": "TASS Crypto Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. The tamper evident seals installed as indicated in Section 10.1 of the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "TASS Crypto Engine is a hardware security module with modern cryptography technology, and features physical security protection measures. It has key management and key wrapping mechanisms, and provides secure application-level cryptographic services for business systems, including message verification, data encryption and decryption, signature generation and verification, etc." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3901", "Certificate Number": "3901", "Vendor Name": "Mist Systems", "Module Name": "FIPS AP43", "Module Type": "Hardware", "Validation Date": "04/19/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3901.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3901", "module_name": "FIPS AP43", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The AP43 Series is a tri-radio 4x4 802.11ax Access Point with maximum data rates of 2,400 Mbps in the 5GHz band and 1,148 Mbps in the 2.4GHz band. The 3rd radio functions as a network, location, and security sensor, a synthetic test client radio, as well as a spectrum monitor.", "detail_available": true }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3900", "Certificate Number": "3900", "Vendor Name": "Samsung Electronic Co. Ltd.", "Module Name": "Samsung BoringSSL Android", "Module Type": "Software", "Validation Date": "04/19/202101/14/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3900.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3900", "detail_available": true, "module_name": "Samsung BoringSSL Android", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Provides general purpose cryptographic services to user-space applications on the mobile platform for the protection of data.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3899", "Certificate Number": "3899", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba IAP-303H, IAP-304, IAP-305, IAP-314, IAP-315, IAP-324, IAP-325, IAP-334, and IAP-335 Wireless Access Points with Aruba Instant Firmware", "Module Type": "Hardware", "Validation Date": "04/19/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3899.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3899", "detail_available": true, "module_name": "Aruba IAP-303H, IAP-304, IAP-305, IAP-314, IAP-315, IAP-324, IAP-325, IAP-334, and IAP-335 Wireless Access Points with Aruba Instant Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 13 of the Security Policy. The tamper evident labels installed as indicated in the security policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's Wi-Fi Instant Access Points operate at gigabit speeds, offering extreme performance for mobile devices. In FIPS 140-2 mode, Aruba IAPs support the IEEE 802.11i/WPA2 client standard. Aruba APs also support wireless intrusion detection/prevention services and wireless mesh topologies. The built-in GUI provides access to live monitoring and traffic visibility, while network configuration provides full customization of SSIDs, roles, guest access, and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3898", "Certificate Number": "3898", "Vendor Name": "Thales Trusted Cyber Technologies", "Module Name": "Luna T7 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "04/17/202101/14/2025", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3898.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3898", "module_name": "Luna T7 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Luna T7 Cryptographic Module from Thales Trusted Cyber Technologies (TCT) is a high-assurance, tamper-resistant Hardware Security Module (HSM) which secures sensitive data and critical applications by storing, protecting and managing cryptographic keys. It provides end users with industry-leading security and performance, an ability to generate quantum enhanced keys, and can quickly be embedded directly into servers and security appliances for FIPS 140-2 validated key security. Thales TCT's Lluna HSMs are designed, developed, manufactured, sold, and supported in the United States.", "algorithms": [ "AES", "DES", "SHA", "SHS" ], "detail_available": true }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3897", "Certificate Number": "3897", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiWLM-100D and FortiWLM-1000D", "Module Type": "Hardware", "Validation Date": "04/16/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3897.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3897", "module_name": "FortiWLM-100D and FortiWLM-1000D", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy. The tamper evident seals and entropy token installed as indicated in the security policy. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiWLM-100D and 1000D are multi-chip standalone cryptographic modules consisting of production-grade components in a physically protected enclosure conformant to FIPS 140-2 Level 2 requirements. The modules have similar appearance and functionality but have different numbers and types of network interfaces to support various network configurations: - The FortiWLM-100D has 4 network interfaces with status LEDs for each network interface (4x 10/100/1000 Base-T) - The FortiWLM-1000D has 8 network interfaces with status LEDs for each network interface (4x 10/100/1000 Base-T,4x 1GB SFP)", "detail_available": true }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3896", "Certificate Number": "3896", "Vendor Name": "Palo Alto Networks, Inc.", "Module Name": "Panorama 9.0 M-100, M-200, M-500 and M-600", "Module Type": "Hardware", "Validation Date": "04/15/202107/05/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3896.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3896", "module_name": "Panorama 9.0 M-100, M-200, M-500 and M-600", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Panorama 9.0 on the M-100, M-200, M-500 and M-600 provides centralized management and visibility of multiple Palo Alto Networks next-generation firewalls and supports distributed management and logging functions. It allows you to oversee all applications, users, and content traversing the network and then create application enablement policies that protect and control the entire network. The M-500 and M-600 provide an additional service, the PAN-DB private cloud, which is an on-premise solution suitable for organizations that prohibit or restrict the use of the PAN-DB public cloud service.", "detail_available": true }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3895", "Certificate Number": "3895", "Vendor Name": "Palo Alto Networks, Inc.", "Module Name": "WildFire 9.0 WF-500", "Module Type": "Hardware", "Validation Date": "04/15/202107/05/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3895.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3895", "module_name": "WildFire 9.0 WF-500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "WildFire WF-500 identifies unknown malware, zero-day exploits, and Advanced Persistent Threats (APTs) through dynamic analysis, and automatically disseminates protection in near real-time to help security teams meet the challenge of advanced cyber-attacks.", "detail_available": true }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3894", "Certificate Number": "3894", "Vendor Name": "Palo Alto Networks, Inc.", "Module Name": "Panorama Virtual Appliance 9.0", "Module Type": "Software", "Validation Date": "04/15/202107/05/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3894.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3894", "module_name": "Panorama Virtual Appliance 9.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Panorama Virtual Appliance 9.0 module provides centralized management and visibility of multiple Palo Alto Networks next-generation firewalls and supports distributed management and logging functions. It allows you to oversee all applications, users, and content traversing the network and then create application enablement policies that protect and control the entire network.", "detail_available": true }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3893", "Certificate Number": "3893", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux Unbreakable Enterprise Kernel (UEK 5) Cryptographic Module", "Module Type": "Software", "Validation Date": "04/15/202101/30/202209/28/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3893.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3893", "detail_available": true, "module_name": "Oracle Linux Unbreakable Enterprise Kernel (UEK 5) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Oracle Linux 7 NSS Cryptographic Module validated to FIPS 140-2 under Cert. #4586 operating in FIPS mode. The module generates random strings whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Oracle Linux Unbreakable Enterprise Kernel Cryptographic Module provides cryptographic services to applications requiring Kernel level cryptography via the Kernel Crypto API." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3892", "Certificate Number": "3892", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 7 OpenSSH Client Cryptographic Module", "Module Type": "Software", "Validation Date": "04/12/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3892.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3892", "detail_available": true, "module_name": "Red Hat Enterprise Linux 7 OpenSSH Client Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Red Hat Enterprise Linux 7 OpenSSL Module validated to FIPS 140-2 under Cert. #3867 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The OpenSSH Client cryptographic module provides the client-side component for an SSH protocol version 2 protected communication channel. OpenSSH is the standard SSH implementation and shipped with RHEL 7. Its cryptographic mechanisms use the OpenSSL library in FIPS 140-2 mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3891", "Certificate Number": "3891", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 7 OpenSSH Server Cryptographic Module", "Module Type": "Software", "Validation Date": "04/12/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3891.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3891", "detail_available": true, "module_name": "Red Hat Enterprise Linux 7 OpenSSH Server Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Red Hat Enterprise Linux 7 OpenSSL Module validated to FIPS 140-2 under Cert. #3867 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The OpenSSH Server cryptographic module provides the server-side component for an SSH protocol version 2 protected communication channel. OpenSSH is the standard SSH implementation and shipped with RHEL 7. Its cryptographic mechanisms use the OpenSSL library in FIPS 140-2 mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3890", "Certificate Number": "3890", "Vendor Name": "Trend Micro Inc.", "Module Name": "TippingPoint Crypto Core OpenSSL", "Module Type": "Software", "Validation Date": "04/12/202108/23/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3890.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3890", "detail_available": true, "module_name": "TippingPoint Crypto Core OpenSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Trend Micro, TippingPoint Crypto Core OpenSSL is a software library which provides FIPS 140-2 approved cryptographic algorithms and services for Trend Micro TippingPoint security products.", "algorithms": [ "AES", "CVL", "DES", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3889", "Certificate Number": "3889", "Vendor Name": "General Dynamics Mission Systems", "Module Name": "Fortress Mesh Points", "Module Type": "Hardware", "Validation Date": "04/12/202104/13/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3889.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3889", "detail_available": true, "module_name": "Fortress Mesh Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. The protocol SNMP shall not be used when operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Fortress Mesh Point is an all-in-one network access device housed in a rugged compact chassis, with the most stringent security available today built in. It can serve as a wireless bridge, a WLAN access point, and an eight-port LAN switch, while performing all the functions of a Fortress controller device: encrypting wireless traffic and providing Multi-factor Authentication for devices on the network it protects." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3888", "Certificate Number": "3888", "Vendor Name": "Palo Alto Networks, Inc.", "Module Name": "PAN-OS 9.0 VM-Series", "Module Type": "Software", "Validation Date": "04/09/202107/05/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3888.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3888", "detail_available": true, "module_name": "PAN-OS 9.0 VM-Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Palo Alto Networks VM-Series allows you to protect your applications and data from cyber threats with our next-generation firewall security, and advanced threat prevention features." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3887", "Certificate Number": "3887", "Vendor Name": "Integral Memory Plc", "Module Name": "Integral Crypto AES 256 Bit USB 3.0", "Module Type": "Hardware", "Validation Date": "04/07/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3887.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3887", "detail_available": true, "module_name": "Integral Crypto AES 256 Bit USB 3.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Integral Crypto / Crypto Dual and Envoy Dual FIPS 140-2 Encrypted USB 3.0 Flash Drive offers the data security of military grade 256-bit hardware encryption and tamper-proof circuitry as well as the environmental resistance of a triple-layer case design, ensuring your sensitive data is completely safe and can be taken with you wherever you go." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3886", "Certificate Number": "3886", "Vendor Name": "Utimaco IS GmbH", "Module Name": "CryptoServer CSe-Series", "Module Type": "Hardware", "Validation Date": "04/07/202108/23/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3886.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3886", "detail_available": true, "module_name": "CryptoServer CSe-Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The CryptoServer CSe-Series is an encapsulated, protected security module realized as a multi-chip embedded cryptographic module per FIPS 140-2. Its realization meets overall FIPS 140-2 Level 3 requirements, with Level 4 \"Physical Security\". The module's primary purpose is to provide secure cryptographic services such as encryption or decryption (for various algorithms like AES and Triple-DES), hashing, signing and verification of data (RSA, ECDSA, DSA), random number generation, on-board secure key generation, key storage and further key management functions in a tamper-protected environment." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3885", "Certificate Number": "3885", "Vendor Name": "Allied Telesis", "Module Name": "AT-SBx908 Gen2, AT-x950, AT-x550, AT-x530 Secure Management Module", "Module Type": "Hardware", "Validation Date": "04/06/202108/23/202204/24/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3885.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3885", "detail_available": true, "module_name": "AT-SBx908 Gen2, AT-x950, AT-x550, AT-x530 Secure Management Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, initialized, and configured as specified in Section 8 of the Security Policy and tamper-evident seals installed as indicated in the Section 5", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The AlliedWare Plus OpenSSL FIPS Object Module is a software library which provides cryptographic support for securing the communication and management of the device. The products certified cover AT-x530, AT-x530L, AT-x550, ATx950 and SwitchBlade x908 Generation 2 models." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3884", "Certificate Number": "3884", "Vendor Name": "Palo Alto Networks, Inc.", "Module Name": "PAN-OS 9.0 Firewalls PA-220, PA-220R, PA-800 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series", "Module Type": "Hardware", "Validation Date": "04/06/202107/05/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3884.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3884", "detail_available": true, "module_name": "PAN-OS 9.0 Firewalls PA-220, PA-220R, PA-800 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Palo Alto Networks PA-220, PA-220R, PA-800 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series and PA-7000 Series Firewalls are multi-chip standalone modules that provide network security by enabling enterprises to see and control applications, users, and content using three unique identification technologies: App-ID, User-ID, and Content-ID. These identification technologies enable enterprises to create business-relevant security policies to safely enabling organizations to adopt new applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3883", "Certificate Number": "3883", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 9800 (40/80/L) Wireless Controllers running IOS-XE 16.12", "Module Type": "Hardware", "Validation Date": "04/06/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3883.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3883", "detail_available": true, "module_name": "Cisco Catalyst 9800 (40/80/L) Wireless Controllers running IOS-XE 16.12", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 11 of the Security Policy and operated in FIPS mode. This module contains the embedded module ACT2Lite validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Series Wireless Controllers, are a highly scalable and flexible platform that enables system-wide services for mission-critical wireless networking in medium-sized to large enterprises and campus environments.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3882", "Certificate Number": "3882", "Vendor Name": "HID Global", "Module Name": "HID Global Applets v3.0 on NXP JCOP 3 SecID P60 CS (OSB)", "Module Type": "Hardware", "Validation Date": "04/05/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3882.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3882", "detail_available": true, "module_name": "HID Global Applets v3.0 on NXP JCOP 3 SecID P60 CS (OSB)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The HID Global ActivID Applet v3.0 is a Java Card applet that provides a secure environment for generation, storage and use of cryptographic keys used in security protocols used for authentication, digital signature and key agreement. Devices using this applet can be configured to support contact or contactless interfaces. The ActivID Applet can be configured to support PIV standards (NIST SP 800-73-4 and SP 800-78-4)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3881", "Certificate Number": "3881", "Vendor Name": "BeyondTrust Corporation", "Module Name": "BeyondTrust Cryptographic Module", "Module Type": "Software", "Validation Date": "04/03/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3881.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3881", "detail_available": true, "module_name": "BeyondTrust Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3273.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The BeyondTrust Cryptographic Module is utilized by our Secure Remote Access products (Remote Support and Privileged Remote Access) to ensure that secure key management, data integrity, data at rest encryption, and secure communications are performed by a trusted implementation.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3880", "Certificate Number": "3880", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco FTD FX-OS on 4K/9K Cryptographic Module", "Module Type": "Hardware", "Validation Date": "04/03/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3880.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3880", "detail_available": true, "module_name": "Cisco FTD FX-OS on 4K/9K Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed with the tamper evident seals and opacity shields, initialized and configured as specified in Section 3 of the Security Policy. This module contains the embedded module Cisco Firepower Threat Defense on 4K/9K Cryptographic Module validated to FIPS 140-2 under Cert. #3821 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "This Cisco Firepower eXtensible Operating System (FX-OS) is part of the Cisco Application Centric Infrastructure (ACI) Security Solution and provides an agile, open, built for scalability, consistent control, and simplified management. The FX-OS provides provides high performance, flexible input/output configurations, and scalability. A graphical user interface provides streamlined, visual representation of current chassis status and simplified configuration of chassis features. A command-based interface for configuring features, monitoring chassis status, and accessing advanced troublesho", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3879", "Certificate Number": "3879", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® NVMe FlashCore™ Module 2", "Module Type": "Hardware", "Validation Date": "04/01/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3879.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3879", "detail_available": true, "module_name": "IBM® NVMe FlashCore™ Module 2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 7 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The IBM® NVMe FlashCore™ Module2 is a NVMe-connected self-encrypting non-volatile storage module." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3878", "Certificate Number": "3878", "Vendor Name": "Trellix", "Module Name": "Network Security Platform Sensor NS3100, NS3200, NS5100 and NS5200", "Module Type": "Hardware", "Validation Date": "03/30/202106/01/202106/29/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3878.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3878", "detail_available": true, "module_name": "Network Security Platform Sensor NS3100, NS3200, NS5100 and NS5200", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3877", "Certificate Number": "3877", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Firepower 2100 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "03/30/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3877.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3877", "detail_available": true, "module_name": "Cisco Firepower 2100 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Cisco Firepower 2100 Series is a family of four threat-focused NGFW security platforms. These are all next generation security services platforms capable of running multiple (firewall (NGFW), traffic management) security services simultaneously.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3876", "Certificate Number": "3876", "Vendor Name": "SafeLogic Inc.", "Module Name": "CryptoComply for HSM", "Module Type": "Hardware", "Validation Date": "03/30/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3876.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3876", "detail_available": true, "module_name": "CryptoComply for HSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "SafeLogic's CryptoComply for HSM is designed to provide FIPS 140-2 validated cryptographic functionality and is available for licensing." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3875", "Certificate Number": "3875", "Vendor Name": "VMware, Inc.", "Module Name": "VMware OpenSSL FIPS Object Module", "Module Type": "Software", "Validation Date": "03/29/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3875.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3875", "detail_available": true, "module_name": "VMware OpenSSL FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security-relevant modification to Cert. #2839", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The VMware OpenSSL FIPS Object Module provides cryptographic functions to various VMware applications.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3874", "Certificate Number": "3874", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 9800-CL Wireless Controller", "Module Type": "Software", "Validation Date": "03/29/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3874.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3874", "detail_available": true, "module_name": "Cisco Catalyst 9800-CL Wireless Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 11 of the Security Policy and operated in FIPS mode.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Series Wireless Controllers, are a highly scalable and flexible platform that enables system-wide services for mission-critical wireless networking in medium-sized to large enterprises and campus environments.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3873", "Certificate Number": "3873", "Vendor Name": "Trellix", "Module Name": "Network Security Platform Sensor NS9300P", "Module Type": "Hardware", "Validation Date": "03/29/202106/28/202106/29/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3873.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3873", "detail_available": true, "module_name": "Network Security Platform Sensor NS9300P", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3872", "Certificate Number": "3872", "Vendor Name": "Trellix", "Module Name": "Network Security Platform Sensor NS9300 S", "Module Type": "Hardware", "Validation Date": "03/29/202106/28/202106/29/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3872.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3872", "detail_available": true, "module_name": "Network Security Platform Sensor NS9300 S", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3871", "Certificate Number": "3871", "Vendor Name": "Trellix", "Module Name": "Network Security Platform Sensor NS9100 and NS9200", "Module Type": "Hardware", "Validation Date": "03/29/202106/28/202106/29/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3871.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3871", "detail_available": true, "module_name": "Network Security Platform Sensor NS9100 and NS9200", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3870", "Certificate Number": "3870", "Vendor Name": "Trellix", "Module Name": "Network Security Platform Sensor NS7150, NS7250 and NS7350", "Module Type": "Hardware", "Validation Date": "03/29/202106/28/202106/29/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3870.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3870", "detail_available": true, "module_name": "Network Security Platform Sensor NS7150, NS7250 and NS7350", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3869", "Certificate Number": "3869", "Vendor Name": "Trellix", "Module Name": "Network Security Platform Sensor NS7100, NS7200 and NS7300", "Module Type": "Hardware", "Validation Date": "03/29/202106/28/202106/29/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3869.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3869", "detail_available": true, "module_name": "Network Security Platform Sensor NS7100, NS7200 and NS7300", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3868", "Certificate Number": "3868", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 9600 Series Switches", "Module Type": "Hardware", "Validation Date": "03/29/202108/25/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3868.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3868", "detail_available": true, "module_name": "Cisco Catalyst 9600 Series Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 3 of the Security Policy. This module contains the embedded module 'ACT2Lite Cryptographic Module' validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Catalyst 9600 Series Switches are stackable enterprise switching platform built for security, IoT, mobility, and cloud. The switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. The modules include cryptographic algorithms implemented in IOS-XE software as well as hardware ASIC. Advanced security feature supports MACsec encryption, hardware anchored secure boot and Secure Unique Device Identification (SUDI) support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3867", "Certificate Number": "3867", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 7 OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "03/29/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3867.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3867", "detail_available": true, "module_name": "Red Hat Enterprise Linux 7 OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The OpenSSL FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the OpenSSL library." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3866", "Certificate Number": "3866", "Vendor Name": "Zebra Technologies Corporation", "Module Name": "Zebra BoringSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "03/25/202109/14/202103/18/202409/17/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3866.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3866", "detail_available": true, "module_name": "Zebra BoringSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 12.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "A software library that contains cryptographic functionality to serve BoringSSL and other user-space applications.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3865", "Certificate Number": "3865", "Vendor Name": "Vocera Communications, Inc.", "Module Name": "Vocera Smartbadge Cryptographic Module", "Module Type": "Firmware", "Validation Date": "03/25/202112/22/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3865.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3865", "detail_available": true, "module_name": "Vocera Smartbadge Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The Vocera Smartbadge Cryptographic Module is a firmware module that provides the cryptographic primitives (including encryption/decryption, hashing, digital signature functions, and key derivation) needed to support secure communication services to the system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3864", "Certificate Number": "3864", "Vendor Name": "IDEMIA", "Module Name": "ID-One PIV 2.4 on Cosmo V8.2 SPE Configurations", "Module Type": "Hardware", "Validation Date": "03/24/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3864.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3864", "detail_available": true, "module_name": "ID-One PIV 2.4 on Cosmo V8.2 SPE Configurations", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "ID-One PIV 2.4 on Cosmo V8.2 – SPE configurations, is a dual interface smartcard chip (ISO 7816 & ISO 14443) that contains a Personal Identity Verification (PIV) application with On-Card-Fingerprints-Comparison that has been enhanced from FIPS 201-2 PIV Standard from NIST to offer higher security and stronger cryptography for an overall level 3 validation and address the needs of Governments and Entreprises around the world.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3863", "Certificate Number": "3863", "Vendor Name": "IDEMIA", "Module Name": "ID-One PIV 2.4 on Cosmo V8.2 NPIVP & CIV Configurations", "Module Type": "Hardware", "Validation Date": "03/24/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3863.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3863", "detail_available": true, "module_name": "ID-One PIV 2.4 on Cosmo V8.2 NPIVP & CIV Configurations", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "ID-One PIV 2.4 on Cosmo V8.2, is a dual interface smartcard chip (ISO 7816 & ISO 14443) that contains a Personal Identity Verification (PIV) application with On-Card-Fingerprints-Comparison that can be configured to strictly comply with NIST FIPS 201-2 Standard for US Government Federal Employees and Contractors (NPIVP configuration), or support enhanced functionalities (ANSI 504), and additional access conditions (SO_PIN), as well as stronger cryptography (ECC P521) while maintaining backward compatibility with NPIVP, to address Civilian markets worldwide (CIV configuration).", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3862", "Certificate Number": "3862", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Motorola Solutions Cryptographic Firmware Module", "Module Type": "Firmware", "Validation Date": "03/24/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3862.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3862", "detail_available": true, "module_name": "Motorola Solutions Cryptographic Firmware Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The cryptographic firmware module is used in Motorola Solutions GRV 8000 Comparator to support Project 25 (P25) conventional or voting and simulcast network topologies.", "algorithms": [ "DES", "HMAC", "KDF" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3861", "Certificate Number": "3861", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Motorola Solutions Cryptographic Firmware Module", "Module Type": "Firmware", "Validation Date": "03/24/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3861.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3861", "detail_available": true, "module_name": "Motorola Solutions Cryptographic Firmware Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "Cryptographic firmware module used in Motorola Solutions Astro APX series and VX series portable radios." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3860", "Certificate Number": "3860", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 7 NSS Cryptographic Module", "Module Type": "Software", "Validation Date": "03/24/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3860.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3860", "detail_available": true, "module_name": "Red Hat Enterprise Linux 7 NSS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major Internet security standards. NSS is available free of charge under a variety of open source compatible licenses. See http://www.mozilla.org/projects/security/pki/nss/." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3859", "Certificate Number": "3859", "Vendor Name": "Apple Inc.", "Module Name": "Apple corecrypto User Space Module for Intel (ccv10)", "Module Type": "Software", "Validation Date": "03/24/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3859.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3859", "detail_available": true, "module_name": "Apple corecrypto User Space Module for Intel (ccv10)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Apple corecrypto User Space Module for Intel (ccv10) is a software cryptographic module running on a multi-chip standalone hardware device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3858", "Certificate Number": "3858", "Vendor Name": "Apple Inc.", "Module Name": "Apple corecrypto Kernel Space Module for Intel (ccv10)", "Module Type": "Software", "Validation Date": "03/24/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3858.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3858", "detail_available": true, "module_name": "Apple corecrypto Kernel Space Module for Intel (ccv10)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Apple corecrypto Kernel Space Module for Intel (ccv10) is a software cryptographic module running on a multi-chip standalone hardware device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3857", "Certificate Number": "3857", "Vendor Name": "VMware, Inc.", "Module Name": "VMware's OpenSSL FIPS Object Module", "Module Type": "Software", "Validation Date": "03/24/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3857.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3857", "detail_available": true, "module_name": "VMware's OpenSSL FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. This validation entry is a non-security-relevant modification to Cert. #3550", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "VMware's OpenSSL FIPS Object Module v2.0.20-vmw is a general-purpose cryptographic module that provides FIPS-Approved cryptographic functions and services to various VMware's products and components.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3856", "Certificate Number": "3856", "Vendor Name": "Apple Inc.", "Module Name": "Apple corecrypto User Space Module for ARM (ccv10)", "Module Type": "Software", "Validation Date": "03/23/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3856.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3856", "detail_available": true, "module_name": "Apple corecrypto User Space Module for ARM (ccv10)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Apple corecrypto User Space Module for ARM (ccv10) is a software cryptographic module running on a multi-chip standalone hardware device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3855", "Certificate Number": "3855", "Vendor Name": "Apple Inc.", "Module Name": "Apple corecrypto Kernel Space Module for ARM (ccv10)", "Module Type": "Software", "Validation Date": "03/23/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3855.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3855", "detail_available": true, "module_name": "Apple corecrypto Kernel Space Module for ARM (ccv10)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Apple corecrypto Kernel Space Module for ARM (ccv10) is a software cryptographic module running on a multi-chip standalone hardware device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3854", "Certificate Number": "3854", "Vendor Name": "HID Global", "Module Name": "HID Global Applets v3.0 on NXP JCOP 3 SecID P60 CS (OSB)", "Module Type": "Hardware", "Validation Date": "03/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3854.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3854", "detail_available": true, "module_name": "HID Global Applets v3.0 on NXP JCOP 3 SecID P60 CS (OSB)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Section 1.1 of the Security Policy.", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The HID Global ActivID Applet v3.0 is a Java Card applet that provides a secure environment for generation, storage and use of cryptographic keys used in security protocols used for authentication, digital signature and key agreement. Devices using this applet can be configured to support contact or contactless interfaces. The ActivID Applet can be configured to support PIV standards (NIST SP 800-73-4 and SP 800-78-4)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3853", "Certificate Number": "3853", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 9300 Series Switches", "Module Type": "Hardware", "Validation Date": "03/18/202108/25/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3853.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3853", "detail_available": true, "module_name": "Cisco Catalyst 9300 Series Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 3 of the Security Policy. This module contains the embedded module 'ACT2Lite Cryptographic Module' validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Catalyst 9300 Series Switches are stackable enterprise switching platform built for security, IoT, mobility, and cloud. The switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. The modules include cryptographic algorithms implemented in IOS-XE software as well as hardware ASIC. Advanced security feature supports MACsec encryption, hardware anchored secure boot and Secure Unique Device Identification (SUDI) support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3852", "Certificate Number": "3852", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 9200L Series Switches", "Module Type": "Hardware", "Validation Date": "03/18/202108/25/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3852.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3852", "detail_available": true, "module_name": "Cisco Catalyst 9200L Series Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 3 of the Security Policy. This module contains the embedded module 'ACT2Lite Cryptographic Module' validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "With full PoE+ capability, power and fan redundancy, stacking bandwidth up to 160 Gbps, modular uplinks, Layer 3 feature support, and cold patching, Catalyst 9200L Series switches are the industry’s unparalleled solution with differentiated resiliency and progressive architecture for cost-effective branch-office access. The switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. Advanced security feature supports IOS-XE software, MACsec encryption, hardware anchored secure boot, Secure Unique Device Identification (SUDI) support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3851", "Certificate Number": "3851", "Vendor Name": "Google, LLC.", "Module Name": "Titan Security Key, Chip Boundary", "Module Type": "Hardware", "Validation Date": "03/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3851.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3851", "detail_available": true, "module_name": "Titan Security Key, Chip Boundary", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Implemented with Google's \"Titan\" secure microcontroller and custom firmware, the Titan Security Key is a FIPS-compliant Universal 2nd Factor (U2F) authenticator and hardware root of trust." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3850", "Certificate Number": "3850", "Vendor Name": "DocuSign, Inc.", "Module Name": "DocuSign Signature Appliance", "Module Type": "Hardware", "Validation Date": "03/18/202109/15/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3850.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3850", "detail_available": true, "module_name": "DocuSign Signature Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. This module contains the embedded module eToken 5105 validated to FIPS 140-2 under Cert. #1883 operating in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The DocuSign Signature Appliance is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization's end-users. End-users will connect securely to the appliance from their PC for the purpose of signing documents and data. The DocuSign Signature Appliance also enables organization using AES based encryption keys for encrypting/decrypting data." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3849", "Certificate Number": "3849", "Vendor Name": "Renesas Electronics Corporation", "Module Name": "RX65N-2MB Security Management Module", "Module Type": "Hardware", "Validation Date": "03/15/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3849.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3849", "detail_available": true, "module_name": "RX65N-2MB Security Management Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "\"RX65N-2MB Security Management Module\" is provided as a reference for developers creating FIPS 140-2-compliant products using the RX65N-2MB. The module has security hardware called \"TSIP\", which has encryption engine and random number generator. TSIP and firmware implement various cryptographic algorithms, key management, secure boot, and secure firmware update. In this module, the plaintext keys exists only inside TSIP which restricts external access.", "algorithms": [ "AES", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3848", "Certificate Number": "3848", "Vendor Name": "SUSE, LLC", "Module Name": "SUSE Linux Enterprise Server libgcrypt Cryptographic Module", "Module Type": "Software", "Validation Date": "03/15/202111/28/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3848.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3848", "detail_available": true, "module_name": "SUSE Linux Enterprise Server libgcrypt Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SUSE Libgcrypt is a general purpose cryptographic library based on the code from GnuPG.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3847", "Certificate Number": "3847", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "03/15/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3847.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3847", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3846", "Certificate Number": "3846", "Vendor Name": "VMware, Inc.", "Module Name": "VMware's BoringCrypto Module", "Module Type": "Software", "Validation Date": "03/13/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3846.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3846", "detail_available": true, "module_name": "VMware's BoringCrypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 3.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "VMware’s BoringCrypto Module is a versatile software library that implements FIPS 140-2 Approved cryptographic services for VMware products and platforms.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3845", "Certificate Number": "3845", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "03/12/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3845.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3845", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3844", "Certificate Number": "3844", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks MX10003 3D Universal Edge Router with JNP-MIC1-MACSEC MACSec MIC and EX9253 Ethernet Switch with EX9253-6Q12C-M MACSec Line Card", "Module Type": "Hardware", "Validation Date": "03/12/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3844.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3844", "detail_available": true, "module_name": "Juniper Networks MX10003 3D Universal Edge Router with JNP-MIC1-MACSEC MACSec MIC and EX9253 Ethernet Switch with EX9253-6Q12C-M MACSec Line Card", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 1.2 and 6 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Juniper MX and EX9200 Series are comprehensive, Scalable and secure switching and routing solutions specifically designed to meet the needs of campus, enterprises and service providers. They deliver high performance, reliability and scale to enable a cost-effective solution.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3843", "Certificate Number": "3843", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Adaptive Security Appliance (ASA) Virtual", "Module Type": "Software", "Validation Date": "03/10/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3843.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3843", "detail_available": true, "module_name": "Cisco Adaptive Security Appliance (ASA) Virtual", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA Virtual Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3842", "Certificate Number": "3842", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 8 OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "03/08/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3842.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3842", "detail_available": true, "module_name": "Red Hat Enterprise Linux 8 OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The OpenSSL FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the OpenSSL library." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3841", "Certificate Number": "3841", "Vendor Name": "F5 Networks, Inc", "Module Name": "F5® Device Cryptographic Module", "Module Type": "Hardware", "Validation Date": "03/08/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3841.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3841", "detail_available": true, "module_name": "F5® Device Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS Mode and configured as specified in the section 8 of the Security Policy with tamper evident labels contained in F5-ADD-BIG-FIPS140 kit and installed as indicated in the Security Policy section 4.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "F5® Device Cryptographic Module, Application Delivery Controller and Firewall software running on F5 BIG-IP." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3840", "Certificate Number": "3840", "Vendor Name": "NXP Semiconductors", "Module Name": "SE050", "Module Type": "Hardware", "Validation Date": "03/05/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3840.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3840", "detail_available": true, "module_name": "SE050", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "NXP Semiconductors offers the secure element EdgeLock™ SE050 as a turnkey solution for IoT security. It comes with JCOP4, a secure Java Card Operating System based on several independent 3rd party specifications, such as Java Card 3.0.4 specifications or the GlobalPlatform, and an applet optimized for IoT security use cases pre-installed. The solution is complemented by NXP’s Plug & Trust Middleware, enabling fast time to market & easy design in with host applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3839", "Certificate Number": "3839", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 8 NSS Cryptographic Module", "Module Type": "Software", "Validation Date": "03/04/202102/03/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3839.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3839", "detail_available": true, "module_name": "Red Hat Enterprise Linux 8 NSS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major Internet security standards. NSS is available free of charge under a variety of open source compatible licenses. See http://www.mozilla.org/projects/security/pki/nss/." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3838", "Certificate Number": "3838", "Vendor Name": "Intel Corporation", "Module Name": "Cryptographic Module for Intel® Platforms' Security Engine Chipset", "Module Type": "Firmware-Hybrid", "Validation Date": "03/04/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3838.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3838", "detail_available": true, "module_name": "Cryptographic Module for Intel® Platforms' Security Engine Chipset", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Sections 2.3 and 9.1 of the Security Policy. When entropy is externally loaded, no assurance of the minimum strength of generated keys.", "module_type": "Firmware-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The Cryptographic Module for Intel® CSME is a hardware-firmware hybrid module present on Intel® PCH platforms. The module performs crypto functions for CSME applications, including but are not limited to: PTT (Platform Trust Technology), AMT (Active Management Technology), and DAL (Dynamic Application Loader)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3837", "Certificate Number": "3837", "Vendor Name": "Landis+Gyr", "Module Name": "ESCRYPT's CycurLIB", "Module Type": "Software", "Validation Date": "03/03/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3837.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3837", "detail_available": true, "module_name": "ESCRYPT's CycurLIB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "CycurLIB is a software library providing a C-language Application Program Interfaces (APIs) for use by other processes that require cryptographic functionality." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3836", "Certificate Number": "3836", "Vendor Name": "Rancher Labs", "Module Name": "Rancher Kubernetes Cryptographic Library", "Module Type": "Software", "Validation Date": "03/03/202103/30/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3836.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3836", "detail_available": true, "module_name": "Rancher Kubernetes Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 9.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "A software library that contains cryptography to serve Rancher’s Kubernetes platform and its ecosystem of supported cloud-native tools written in the Go programming language.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3835", "Certificate Number": "3835", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 9200 Series Switches", "Module Type": "Hardware", "Validation Date": "03/03/202108/25/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3835.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3835", "detail_available": true, "module_name": "Cisco Catalyst 9200 Series Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 3 of the Security Policy. This module contains the embedded module 'ACT2Lite Cryptographic Module' validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "With full PoE+ capability, power and fan redundancy, stacking bandwidth up to 160 Gbps, modular uplinks, Layer 3 feature support, and cold patching, Catalyst 9200 Series switches are the industry’s unparalleled solution with differentiated resiliency and progressive architecture for cost-effective branch-office access. The switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. Advanced security feature supports IOS-XE software, MACsec encryption, hardware anchored secure boot, Secure Unique Device Identification (SUDI) support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3834", "Certificate Number": "3834", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 9400 Series Switches", "Module Type": "Hardware", "Validation Date": "03/03/202108/25/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3834.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3834", "detail_available": true, "module_name": "Cisco Catalyst 9400 Series Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 3 of the Security Policy. This module contains the embedded module 'ACT2Lite Cryptographic Module' validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Catalyst 9400 Series Switches are stackable enterprise switching platform built for security, IoT, mobility, and cloud. The switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. The modules include cryptographic algorithms implemented in IOS-XE software as well as hardware ASIC. Advanced security feature supports MACsec encryption, hardware anchored secure boot and Secure Unique Device Identification (SUDI) support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3833", "Certificate Number": "3833", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-1101E/2000E/2201E/2500E/3301E", "Module Type": "Hardware", "Validation Date": "03/03/202105/10/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3833.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3833", "detail_available": true, "module_name": "FortiGate-1101E/2000E/2201E/2500E/3301E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy with the tamper evident seals installed as indicated in the Security Policy. Authentication at level 3 is only applicable when identity-based authentication is enforced for the User role.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiGate-1101E, 2000E, 2201E, 2500E and 3301E are multiple chip, standalone cryptographic modules consisting of production grade components contained in a physically protected enclosure in accordance with FIPS 140-2 Level 2 requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3832", "Certificate Number": "3832", "Vendor Name": "Gigamon Inc.", "Module Name": "GigaVUE-HC3 Visibility Appliance", "Module Type": "Hardware", "Validation Date": "03/02/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3832.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3832", "detail_available": true, "module_name": "GigaVUE-HC3 Visibility Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and when installed, initialized, and configured as specified in Section 1.2 of the Security Policy”", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The GigaVUE-HC3 visibility node comes in a modular, mid-sized form factor to address complex network visibility requirements for both enterprise and service provider networks. With a broad spectrum of traffic management capabilities and a versatile, high-performance, multi-purpose design, GigaVUE-HC3 helps to future-proof IT." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3831", "Certificate Number": "3831", "Vendor Name": "Gigamon Inc.", "Module Name": "GigaVUE-HC2 Visibility Appliance", "Module Type": "Hardware", "Validation Date": "03/01/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3831.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3831", "detail_available": true, "module_name": "GigaVUE-HC2 Visibility Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The GigaVUE-HC2 visibility node comes in a modular, mid-sized form factor to address complex network visibility requirements for both enterprise and service provider networks. With a broad spectrum of traffic management capabilities and a versatile, high-performance, multi-purpose design, GigaVUE-HC2 helps to future-proof IT." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3830", "Certificate Number": "3830", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "X4i Hardware Security Module (HSM)", "Module Type": "Hardware", "Validation Date": "02/26/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3830.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3830", "detail_available": true, "module_name": "X4i Hardware Security Module (HSM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS Mode.", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The X4i HSM is a single chip cryptographic module using the Maxim MAX32590 hardware. The central purpose of the module is as a physical computing device that safeguards and manages cryptographic keys and provides cryptographic services to connected host devices. The module uses a number of strong identity-based authentication mechanisms to provide authentication, integrity, and (when necessary) non-repudiation.", "algorithms": [ "AES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3829", "Certificate Number": "3829", "Vendor Name": "SafeLogic Inc.", "Module Name": "CryptoComply for HSM", "Module Type": "Hardware", "Validation Date": "02/26/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3829.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3829", "detail_available": true, "module_name": "CryptoComply for HSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "SafeLogic's CryptoComply for HSM is designed to provide FIPS 140-2 validated cryptographic functionality and is available for licensing." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3828", "Certificate Number": "3828", "Vendor Name": "Honeywell International Inc.", "Module Name": "Honeywell Mobility Edge™ BoringCrypto", "Module Type": "Software", "Validation Date": "02/25/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3828.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3828", "detail_available": true, "module_name": "Honeywell Mobility Edge™ BoringCrypto", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 12.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Honeywell Mobility Edge™ Boring SSL cryptographic module is a library that provides FIPS 140-2 approved cryptographic algorithms for the BoringSSL and other user-space Android applications which require cryptographic functionality. The physical cryptographic boundary is Honeywell Android mobile computer on which this module is installed.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3827", "Certificate Number": "3827", "Vendor Name": "QSC, LLC", "Module Name": "CMS-5000", "Module Type": "Hardware", "Validation Date": "02/24/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3827.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3827", "detail_available": true, "module_name": "CMS-5000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The QSC CMS-5000 Cinema Media Server supports JPEG-2000 decoding of high frame rate 4K and 2K images with up to 6TB of advanced solid state storage. Two USB 3.0 ports and a 10Gb Ethernet port enable accelerated ingest of content. The CMS-5000 supports immersive audio formats with rendering of up to 64 channels. The CMS-5000 can be directly interfaced with Q-SYS, QSC’s network platform for integrated sound, picture, and control." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3826", "Certificate Number": "3826", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba AP-504, AP-505, AP-514, AP-515, AP-534, AP-535 and AP-555 Wireless Access Points with ArubaOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "02/24/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3826.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3826", "detail_available": true, "module_name": "Aruba AP-504, AP-505, AP-514, AP-515, AP-534, AP-535 and AP-555 Wireless Access Points with ArubaOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 13 of the Security Policy. The tamper evident labels installed as indicated in the security policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3825", "Certificate Number": "3825", "Vendor Name": "VMware, Inc.", "Module Name": "VMware’s Linux Cryptographic Module", "Module Type": "Software", "Validation Date": "02/24/202112/29/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3825.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3825", "detail_available": true, "module_name": "VMware’s Linux Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "VMware's Linux Cryptographic Module is a general purpose cryptographic implementation in the kernel of Photon OS that provides FIPS Approved functionalities to various applications.", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3824", "Certificate Number": "3824", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "02/24/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3824.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3824", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "module_type": "Hardware", "embodiment": "Multi-Chip Embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3823", "Certificate Number": "3823", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ASA and ISA Firepower Threat Defense Cryptographic Modules", "Module Type": "Hardware", "Validation Date": "02/23/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3823.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3823", "detail_available": true, "module_name": "Cisco ASA and ISA Firepower Threat Defense Cryptographic Modules", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed with the tamper evident seals and opacity shields, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Cisco Firepower Threat Defense (FTD) is a unified software image, which includes the Cisco ASA features and FirePOWER Services. This unified software is capable of offering the functions of ASA and FirePOWER deployed on Cisco Firepower 4100 Series and the Firepower 9300 appliances as well the FTD can be also be deployed on Cisco Firepower Threat Defense (FTD) ASA 5508-X, ASA 5516-X, ISA 3000-4C and ISA 3000-2C2F.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3822", "Certificate Number": "3822", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks EX4300-48MP Ethernet Switch", "Module Type": "Hardware", "Validation Date": "02/23/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3822.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3822", "detail_available": true, "module_name": "Juniper Networks EX4300-48MP Ethernet Switch", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 1.2 and 6 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "EX4300 line of Ethernet switches provide full suite of Layer2 and Layer 3 switching capabilities. EX4300-48MP supports 100 Mbps, 1Gbps, 2.5 Gbps, 5 Gbps and 10Gbps speeds on access ports and PoE++ devices.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3821", "Certificate Number": "3821", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Firepower Threat Defense on 4K/9K Cryptographic Module", "Module Type": "Hardware", "Validation Date": "02/23/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3821.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3821", "detail_available": true, "module_name": "Cisco Firepower Threat Defense on 4K/9K Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Cisco Firepower Threat Defense (FTD) is a unified software image, which includes the Cisco ASA features and FirePOWER Services. This unified software is capable of offering the function of ASA and FirePOWER in one platform. This consolidates next-generation firewall, including stateful firewalling, routing, Next-Generation Intrusion Prevention System (NGIPS), Application Visibility and Control (AVC), URL filtering, and Advanced Malware Protection (AMP).", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3820", "Certificate Number": "3820", "Vendor Name": "Dell Inc. BSAFE Team", "Module Name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module 6.2.5", "Module Type": "Software", "Validation Date": "02/17/202102/24/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3820.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3820", "detail_available": true, "module_name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module 6.2.5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3819", "Certificate Number": "3819", "Vendor Name": "Dell Inc, BSAFE Product Team", "Module Name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module 6.2.5", "Module Type": "Software", "Validation Date": "02/17/202102/24/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3819.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3819", "detail_available": true, "module_name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module 6.2.5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3818", "Certificate Number": "3818", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Network Convergence System 1004 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "02/09/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3818.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3818", "detail_available": true, "module_name": "Cisco Network Convergence System 1004 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco NCS 1000 Series offers three chassis variants to meet varying scale and space requirements. This Cisco Network Convergence System (NCS) Family of products provides an Evolved Programmable Network (EPN) which simplify network operations, reduce network costs, and make your network more dynamic and profitable. The Cisco Network Convergence System 1000 Series (NCS1000 Series) delivers agility, programmability, and massive scale across ultra-long-haul, metro, and enterprise optical networks.", "algorithms": [ "AES", "CVL", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3817", "Certificate Number": "3817", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Network Convergence System 1001 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "02/09/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3817.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3817", "detail_available": true, "module_name": "Cisco Network Convergence System 1001 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco NCS 1000 Series offers three chassis variants to meet varying scale and space requirements. This Cisco« Network Convergence System (NCS) Family of products provides an Evolved Programmable Network (EPN) which simplify network operations, reduce network costs, and make your network more dynamic and profitable. The Cisco Network Convergence System 1000 Series (NCS1000 Series) delivers agility, programmability, and massive scale across ultra-long-haul, metro, and enterprise optical networks.", "algorithms": [ "AES", "CVL", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3816", "Certificate Number": "3816", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Junos Space Network Management Platform, with or without Network Director and with or without Security Director in JA2500", "Module Type": "Hardware", "Validation Date": "02/09/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3816.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3816", "detail_available": true, "module_name": "Junos Space Network Management Platform, with or without Network Director and with or without Security Director in JA2500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 1.2 and 6 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FIPS enabled Junos Space platform and the NM applications (Network Director & Security Director) installed on this platform will provide secured environment for managing the Juniper Devices.", "algorithms": [ "AES", "CVL", "DRBG", "ECDH", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3815", "Certificate Number": "3815", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ISR 4000 Series Routers with MACSEC", "Module Type": "Hardware", "Validation Date": "02/09/202106/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3815.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3815", "detail_available": true, "module_name": "Cisco ISR 4000 Series Routers with MACSEC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 9 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Integrated Services Router (ISR) 4000 Series provide comprehensive security services including VPN for small businesses, enterprise small branch and teleworkers. The platforms are architected to enable the next phase of branch-office evolution, providing rich media collaboration and virtualization to the branch while offering a wide-range of connectivity options.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3814", "Certificate Number": "3814", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiOS 6.0 and 6.2", "Module Type": "Firmware", "Validation Date": "02/08/202108/23/202105/11/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3814.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3814", "detail_available": true, "module_name": "FortiOS 6.0 and 6.2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy. Authentication at level 3 is only applicable when identity-based authentication is enforced for the User role.", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiOS is a firmware based operating system that runs exclusively on Fortinet's FortiGate/FortiWiFi product family. The FortiOS provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering and traffic shaping and HA capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3813", "Certificate Number": "3813", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 8 GnuTLS Cryptographic Module", "Module Type": "Software", "Validation Date": "02/08/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3813.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3813", "detail_available": true, "module_name": "Red Hat Enterprise Linux 8 GnuTLS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "GnuTLS is a secure communications library implementing the TLS and DTLS protocols. It provides a simple C language application programming interface to access the secure communications protocols as well as APIs to parse and write X.509, PCKS#12, and other required structures which is shipped with Red Hat Enterprise Linux 7.6." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3812", "Certificate Number": "3812", "Vendor Name": "Palo Alto Networks", "Module Name": "Palo Alto Networks Cortex XSOAR Module", "Module Type": "Software", "Validation Date": "02/05/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3812.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3812", "detail_available": true, "module_name": "Palo Alto Networks Cortex XSOAR Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Cortex™ XSOAR by Palo Alto Networks is a comprehensive security orchestration, automation and response (SOAR) platform that unifies case management, automation, real-time collaboration and threat intel management to serve security teams across the incident lifecycle." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3811", "Certificate Number": "3811", "Vendor Name": "Apple Inc.", "Module Name": "Apple Secure Key Store Cryptographic Module, v10.0", "Module Type": "Hardware", "Validation Date": "02/05/202103/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3811.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3811", "detail_available": true, "module_name": "Apple Secure Key Store Cryptographic Module, v10.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The Apple Secure Key Store Cryptographic Module is a single-chip standalone hardware cryptographic module running on a multi-chip device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3810", "Certificate Number": "3810", "Vendor Name": "Hewlett Packard Enterprise Company", "Module Name": "HPE XP8 Encrypt Backend 4pk NVMe I/O Mod (eDKBN)", "Module Type": "Hardware", "Validation Date": "02/03/202105/25/202105/25/202307/30/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3810.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3810", "detail_available": true, "module_name": "HPE XP8 Encrypt Backend 4pk NVMe I/O Mod (eDKBN)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "algorithms": [ "AES", "HMAC", "KTS", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3809", "Certificate Number": "3809", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Firepower Next-Generation IPS Virtual (NGIPSv) Cryptographic Module", "Module Type": "Software", "Validation Date": "02/03/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3809.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3809", "detail_available": true, "module_name": "Cisco Firepower Next-Generation IPS Virtual (NGIPSv) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The virtualized offering of the Cisco FirePOWER next-generation IPS (NGIPS) solution providing the Industry-leading threat protection. Real-time contextual awareness. Full-stack visibility. Intelligent security automation. This virtualized highly effective intrusion prevention system provides reliable performance and a low total cost of ownership. Threat protection can be expanded with optional subscription licenses to provide Advanced Malware Protection (AMP), application visibility and control, and URL filtering capabilities.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3808", "Certificate Number": "3808", "Vendor Name": "Western Digital Corporation", "Module Name": "Ultrastar® DC SS540 TCG Enterprise SSD", "Module Type": "Hardware", "Validation Date": "02/02/202106/21/202110/24/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3808.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3808", "detail_available": true, "module_name": "Ultrastar® DC SS540 TCG Enterprise SSD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 2.1 and 7.2 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Western Digital's Ultrastar® Self-Encrypting TCG Enterprise drives meet or exceed the most demanding performance and security requirements. The Ultrastar DC SS540, Western Digital's 6th generation SAS SSD drive, leverages 96-layer 3D TLC NAND technology to deliver performance and a proven reliability track record. The Ultrastar DC SS540 is available in capacities from 400GB to 15.36TB and delivers up to 470K/240K Random Read/Random Wright IOPS. Desired features, power options and multiple endurance SKUs make it a best value for ultra high performance tier-0 enterprise storage, HPC and SDS.", "algorithms": [ "DRBG", "KDF" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3807", "Certificate Number": "3807", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ASA and ISA Cryptographic Modules", "Module Type": "Hardware", "Validation Date": "02/02/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3807.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3807", "detail_available": true, "module_name": "Cisco ASA and ISA Cryptographic Modules", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed with the tamper evident seals and opacity shields, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The core operating system for the Cisco ASA and ISA series appliances. From a small desktop form factor, rack mounted units, to ruggedized unit offering stateful firewall with a comprehensive range of next-generation network security services.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3806", "Certificate Number": "3806", "Vendor Name": "Laird Connectivity", "Module Name": "Summit Linux FIPS Core Crypto Module", "Module Type": "Software-Hybrid", "Validation Date": "02/02/202101/05/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3806.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3806", "detail_available": true, "module_name": "Summit Linux FIPS Core Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 10.1 of the Security Policy.", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "Laird's 60 Series SOM and WB50NBT bring all of Laird's industry competence and capabilities into one solution. The SOM provides superior enterprise-class Wi-Fi and Bluetooth connectivity. This solution is equipped with a Cortex A5 applications processor, wireless and wired connectivity, enterprise-grade security, LCD support for the 60 Series SOM, and comprehensive Linux board support package (BSP). The 60 SOM is the ideal system-on-module, and the WB50NBT, the ideal wireless bridge for devices that require superior connectivity.", "algorithms": [ "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3805", "Certificate Number": "3805", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Key Variable Loader (KVL) 4000 PIKE2", "Module Type": "Hardware", "Validation Date": "02/01/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3805.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3805", "detail_available": true, "module_name": "Key Variable Loader (KVL) 4000 PIKE2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The Key Variable Loader (KVL) 4000 PIKE2 provides security services for the KVL 4000. The KVL 4000 is a portable key distribution device that consists of a Personal Digital Assistant (PDA) and Security Adapter that connects to the PDA. The KVL 4000 allows programmers to generate, transport, and load encryption keys, securely and efficiently into secure communication products thereby enabling secure encrypted communications.", "algorithms": [ "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3804", "Certificate Number": "3804", "Vendor Name": "PreVeil, Inc.", "Module Name": "PreVeil Cryptographic Module", "Module Type": "Software", "Validation Date": "01/29/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3804.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3804", "detail_available": true, "module_name": "PreVeil Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "PreVeil Cryptographic module is a PreVeil code module that provides various cryptographic operations in a secure, uniform way to the other components in the PreVeil SaaS platform and client software that make up PreVeil's end-to-end encrypted messaging and file sharing service currently available for free individual and paid enterprise use.", "algorithms": [ "AES", "CVL", "DRBG", "ECDH", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3803", "Certificate Number": "3803", "Vendor Name": "Hitachi, Ltd.", "Module Name": "Hitachi Virtual Storage Platform (VSP) Encryption Module for NVMe", "Module Type": "Hardware", "Validation Date": "01/28/202104/13/202105/25/202307/30/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3803.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3803", "detail_available": true, "module_name": "Hitachi Virtual Storage Platform (VSP) Encryption Module for NVMe", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "algorithms": [ "AES", "HMAC", "KTS", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3802", "Certificate Number": "3802", "Vendor Name": "Juniper Networks, Inc", "Module Name": "Juniper Networks EX4650, QFX5120 and QFX5210 Ethernet Switches", "Module Type": "Hardware", "Validation Date": "01/27/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3802.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3802", "detail_available": true, "module_name": "Juniper Networks EX4650, QFX5120 and QFX5210 Ethernet Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 1.2 and 5 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Juniper Networks QFX series switches are high performance, high density data center switches. The QFX switches provide high performance, wire speed switching with low latency and jitter. The QFX series switches provide the universal building blocks for multiple data center fabric architectures.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3801", "Certificate Number": "3801", "Vendor Name": "Trellix", "Module Name": "Network Security Platform Sensor NS9500", "Module Type": "Hardware", "Validation Date": "01/26/202106/28/202106/29/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3801.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3801", "detail_available": true, "module_name": "Network Security Platform Sensor NS9500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3800", "Certificate Number": "3800", "Vendor Name": "Dell EMC", "Module Name": "VNX 6 Gb/s SAS I/O Module with Encryption", "Module Type": "Hardware", "Validation Date": "01/26/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3800.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3800", "detail_available": true, "module_name": "VNX 6 Gb/s SAS I/O Module with Encryption", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The VNX 6Gb/s SAS I/O Module with Encryption is an optimized solution for native SAS/SATA HBA applications. It is the heart of any VNX storage system, providing the interface to the physical storage media. Its benefits include cost and universal drive support for SAS and SATA disks. The VNX 6Gb/s SAS I/O Module with Encryption is a high-density SAS controller solution that significantly increases total system performance, diagnostics, scalability and manageability. It provides the highest density, lowest power/port SAS controller solution available." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3799", "Certificate Number": "3799", "Vendor Name": "Feitian Technologies Co., Ltd.", "Module Name": "ePass2003 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "01/26/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3799.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3799", "detail_available": true, "module_name": "ePass2003 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When installed, initialized, and configured as specified in the Security Policy Section 2.12. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The ePass2003 Cryptographic Module is designed to provide strong authentication and identification and to support network login, secure online transactions, digital signatures, and sensitive data protection.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3798", "Certificate Number": "3798", "Vendor Name": "Trellix", "Module Name": "Network Security Platform Sensor NS3500", "Module Type": "Hardware", "Validation Date": "01/25/202106/28/202106/29/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3798.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3798", "detail_available": true, "module_name": "Network Security Platform Sensor NS3500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3797", "Certificate Number": "3797", "Vendor Name": "SUSE, LLC", "Module Name": "SUSE Linux Enterprise Server OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "01/25/202111/28/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3797.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3797", "detail_available": true, "module_name": "SUSE Linux Enterprise Server OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "OpenSSL is an open-source library of various cryptographic algorithms written mainly in C.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3796", "Certificate Number": "3796", "Vendor Name": "Thales", "Module Name": "IDPrime 930 / 3930", "Module Type": "Hardware", "Validation Date": "01/25/202107/05/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3796.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3796", "detail_available": true, "module_name": "IDPrime 930 / 3930", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "IDPrime 930 & 3930 are Minidriver enabled PKI smartcards, contact (930) and dual interface (3930), offering all the necessary services (with either RSA up to 4096 key length or Elliptic curves algorithms) to secure an IT Security and ID access infrastructure. It's includes a re-initialization feature for customers who are not using a CMS.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "KAS", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3795", "Certificate Number": "3795", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Firepower 4100 and Cisco Firepower 9300 Series", "Module Type": "Hardware", "Validation Date": "01/21/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3795.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3795", "detail_available": true, "module_name": "Cisco Firepower 4100 and Cisco Firepower 9300 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed with the tamper evident seals and opacity shields, initialized and configured as specified in Section 3 of the Security Policy. This module contains the embedded module Cisco ASA Cryptographic Module validated to FIPS 140-2 under Cert. #3789 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "This Cisco Firepower eXtensible Operating System (FX-OS) is part of the Cisco Application Centric Infrastructure (ACI) Security Solution and provides an agile, open, built for scalability, consistent control, and simplified management. The FX-OS provides provides high performance, flexible input/output configurations, and scalability. A graphical user interface provides streamlined, visual representation of current chassis status and simplified configuration of chassis features. A command-based interface for configuring features, monitoring chassis status, and accessing advanced troublesho", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3794", "Certificate Number": "3794", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 8 Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "01/21/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3794.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3794", "detail_available": true, "module_name": "Red Hat Enterprise Linux 8 Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates random strings whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Linux kernel Crypto API implemented in Red Hat Enterprise Linux 8 provides services operating inside the Linux kernel with various ciphers, message digests and an approved random number generator." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3793", "Certificate Number": "3793", "Vendor Name": "iStorage Ltd.", "Module Name": "iStorage datAshur PRO² Level 3 Secure Storage Drive", "Module Type": "Hardware", "Validation Date": "01/20/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3793.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3793", "detail_available": true, "module_name": "iStorage datAshur PRO² Level 3 Secure Storage Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The iStorage datAshur PRO² Level 3 Secure Storage Drive is an encrypted storage device that provides a secure way to store and transfer data. User authentication is self-contained via an on-board keypad. User data is protected by hardware-based 256-bit AES encryption to secure sensitive information in the event that the drive is lost or stolen.", "algorithms": [ "AES", "DRBG", "HMAC", "KDF", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3792", "Certificate Number": "3792", "Vendor Name": "FP InovoLabs GmbH", "Module Name": "NRevenector 2018", "Module Type": "Hardware", "Validation Date": "01/13/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3792.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3792", "detail_available": true, "module_name": "NRevenector 2018", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Francotyp-Postalia Holding AG (FP) is one of the leading global suppliers of mail center solutions and increasingly a provider of Industrial Iot (IIoT) solutions. FP produces and supports equipment incorporating a hardware security module (HSM) that securely connects to network infrastructures. The HSM performs cryptographic functions and physically protects both Critical Security Parameters and Application Relevant Data Items from unauthorized access and substitution. The NRevenector 2018 provides strong protection for running and updating application-specific firmware inside the HSM." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3791", "Certificate Number": "3791", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung SCrypto Cryptographic Module", "Module Type": "Software", "Validation Date": "01/11/202102/10/202105/05/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3791.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3791", "detail_available": true, "module_name": "Samsung SCrypto Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SCrypto is secure library which is used to provide a standardized common cryptographic API to trusted applications for the secure world/TEE environment.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3790", "Certificate Number": "3790", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco FIPS Object Module", "Module Type": "Firmware", "Validation Date": "01/06/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3790.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3790", "detail_available": true, "module_name": "Cisco FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco FIPS Object Module (FOM) is a firmware library that provides cryptographic services to a vast array of Cisco's networking and collaboration products. The module provides FIPS 140 validated cryptographic algorithms for services such as IPSEC, SRTP, SSH, TLS, 802.1x, etc. The module does not directly implement any of these protocols, instead it provides the cryptographic primitives and functions to allow a developer to implement the various protocols.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3789", "Certificate Number": "3789", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ASA Cryptographic Module", "Module Type": "Hardware", "Validation Date": "01/06/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3789.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3789", "detail_available": true, "module_name": "Cisco ASA Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The market-leading Cisco ASA delivering robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA provides comprehensive security, performance, and reliability for network environments.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3788", "Certificate Number": "3788", "Vendor Name": "Marvell", "Module Name": "NITROXIII CNN35XX-NFBE HSM Family", "Module Type": "Hardware", "Validation Date": "01/05/202101/22/202102/12/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3788.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3788", "detail_available": true, "module_name": "NITROXIII CNN35XX-NFBE HSM Family", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized and configured per Section 10 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "CNN35XX-NFBE HSM Family is a high performance purpose built solution for key management and crypto acceleration compliance to FIPS 140-2 level 3. The module supports flexible key store that can be partitioned up to 32 individually managed and isolated partitions. This is a SRIOV capable PCIe adapter and can be used in a virtualization environment to extend services like virtual key management, offloading general and TLS specific crypto operations through dedicated logical I/O channels. This product is suitable for PKI users, vendors, TLS servers/load balancers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3787", "Certificate Number": "3787", "Vendor Name": "Qualcomm Technologies, Inc.", "Module Name": "Qualcomm® Secure Processing Unit (SPU)", "Module Type": "Hardware", "Validation Date": "12/31/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3787.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3787", "detail_available": true, "module_name": "Qualcomm® Secure Processing Unit (SPU)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The cryptographic module is implemented in the Secure Processing Unit (SPU) hardware, which resides in Qualcomm® Snapdragon ™ 865 Mobile Platform processors" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3786", "Certificate Number": "3786", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung SAS 12G TCG Enterprise SSC SEDs PM1643a/PM1645a Series", "Module Type": "Hardware", "Validation Date": "12/30/202011/30/202112/31/202102/03/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3786.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3786", "detail_available": true, "module_name": "Samsung SAS 12G TCG Enterprise SSC SEDs PM1643a/PM1645a Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Rules Section of the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Samsung SAS 12G TCG Enterprise SSC SEDs PM1643a/PM1645a Series are a high-performance Self-Encrypting SSDs supporting SAS 12G Interface that provides on-the-fly encryption/decryption of user data without performance loss. It implements AES256-XTS for user data encryption, RSA PSS-2048 for FW authentication, and Hash_DRBG for key generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3785", "Certificate Number": "3785", "Vendor Name": "Novachips Co., Ltd.", "Module Name": "NS361/NS371/NS561 (2.5\" & M.2) SSD", "Module Type": "Hardware", "Validation Date": "12/30/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3785.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3785", "detail_available": true, "module_name": "NS361/NS371/NS561 (2.5\" & M.2) SSD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The module is a SATA and PCIe data storage device which is based on NVS3800 ASIC controller and non-volatile memories. Within boundary, ASIC controller implements NDRNG, DRBG and AES-256 security functions with firmware integrity verification using SHA-256." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3784", "Certificate Number": "3784", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 8 libgcrypt Cryptographic Module", "Module Type": "Software", "Validation Date": "12/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3784.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3784", "detail_available": true, "module_name": "Red Hat Enterprise Linux 8 libgcrypt Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The libgcrypt FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the libgcrypt library delivered with RHEL 8." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3783", "Certificate Number": "3783", "Vendor Name": "Fujitsu Network Communications, Inc.", "Module Name": "1FINITY™ T600 Transport Blade", "Module Type": "Hardware", "Validation Date": "12/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3783.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3783", "detail_available": true, "module_name": "1FINITY™ T600 Transport Blade", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 10 of the Security Policy and operated in FIPS mode. The tamper evident seals installed as indicated in the security policy. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The T600 platform enables data center operators and cloud providers to support the demands of the hyperconnected digital economy and deliver highspeed transport at programmable data rates from 200, 300, 400, 500 or 600 Gbps over a single wavelength. Software-selectable DWDM modes enable deployment in networks that employ the ITU G.694.1 DWDM flexible grid options. This enables variable capacity from 12.8 Tbps to 38.4 Tbps per fiber." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3782", "Certificate Number": "3782", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung BoringSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "12/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3782.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3782", "detail_available": true, "module_name": "Samsung BoringSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Provides general purpose cryptographic services to user-space applications on the mobile platform for the protection of data.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3781", "Certificate Number": "3781", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 8 OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "12/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3781.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3781", "detail_available": true, "module_name": "Red Hat Enterprise Linux 8 OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The OpenSSL FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the OpenSSL library." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3780", "Certificate Number": "3780", "Vendor Name": "Redpine Signals, Inc.", "Module Name": "RS9113", "Module Type": "Hardware", "Validation Date": "12/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3780.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3780", "detail_available": true, "module_name": "RS9113", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When initialized and configured as specified in Section 5.2 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The RS9113 modules' family is based on Redpine Signals' RS9113 ultra-low-power Convergence SoC. These modules offer dual-band 1x1 802.11n in a single device. They are high performance, long range and ultra-low power modules. The modules provide guaranteed availability of connectivity at all locations within the defined zones, availability at all times, devices' mobility, security of data collection and transmission to backend database, low power for battery operated devices and bandwidth needs." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3779", "Certificate Number": "3779", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Junos Space Network Management Platform, with or without Network Director and with or without Security Director in Virtual Appliance", "Module Type": "Software", "Validation Date": "12/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3779.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3779", "detail_available": true, "module_name": "Junos Space Network Management Platform, with or without Network Director and with or without Security Director in Virtual Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 1.2 and 6 of the Security Policy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The FIPS enabled Junos Space platform and the NM applications (Network Director & Security Director) installed on this platform will provide secured environment for managing the Juniper Devices.", "algorithms": [ "AES", "CVL", "DRBG", "ECDH", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3778", "Certificate Number": "3778", "Vendor Name": "FP InovoLabs GmbH", "Module Name": "Postal NRevenector GB 2019", "Module Type": "Hardware", "Validation Date": "12/18/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3778.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3778", "detail_available": true, "module_name": "Postal NRevenector GB 2019", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "FP InovoLabs GmbH is a wholly-owned subsidiary of Francotyp-Postalia Holding AG (FP), one of the leading global suppliers of mail center solutions. A major component of FP’s business is the production and support of postal franking machines (postage meters). These postal franking machines incorporate a postal security device (PSD) that performs all postage meter cryptographic and postal security functions and which protects both Critical Security Parameters (CSPs) and Postal Relevant Data Items (PRDIs) from unauthorized access. The Postal NRevenector GB 2019 is FP’s latest generation of PSD." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3777", "Certificate Number": "3777", "Vendor Name": "Draeger Medical Systems, Inc.", "Module Name": "DRAEGER WCM9113 802.11ABGN VG2", "Module Type": "Hardware", "Validation Date": "12/18/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3777.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3777", "detail_available": true, "module_name": "DRAEGER WCM9113 802.11ABGN VG2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When initialized and configured as specified in Section 5.2 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Draeger WCM9113 802.11ABGN VG2 is a dual band 802.11n Wireless Communications Module used in a variety of Draeger products for wireless communications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3776", "Certificate Number": "3776", "Vendor Name": "Dolby Laboratories, Inc.", "Module Name": "IMS3-SM", "Module Type": "Hardware", "Validation Date": "12/18/202004/03/2026", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3776.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3776", "detail_available": true, "module_name": "IMS3-SM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The IMS3-SM is the module that contains the security manager present in the Dolby® IMS3000 (Product Model: CID1002) for hardware models IMS3-41, IMS3-42, IMS3-43, IMS3C-11, IMS3C-12, and IMS3C-13. The Dolby® IMS3000 can be hosted inside Digital Cinema DLP projectors (for hardware models IMS3-41, IMS3-42, and IMS3-43) or inside a LED display (for hardware models IMS3C-11, IMS3C-12, and IMS3C-13). It supports the highest JPEG-2000 decoding capabilities and also accepts alternative content." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3775", "Certificate Number": "3775", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ASR 1000 Series Routers with MACSEC", "Module Type": "Hardware", "Validation Date": "12/18/202006/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3775.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3775", "detail_available": true, "module_name": "Cisco ASR 1000 Series Routers with MACSEC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 9 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The ASR 1000 Routers accelerate services by offering performance and resiliency with optimized, intelligent services; establishing a benchmark for price-to-performance offerings in the enterprise routing, service provider edge, and broadband aggregation segments; facilitating significant network innovations in areas such as secure WAN aggregation, managed customer-premises-equipment services, and service provider edge services, and reducing operating expenses and capital expenditures by facilitating managed or hosted services over identical architectures and operating environments.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3774", "Certificate Number": "3774", "Vendor Name": "SUSE, LLC", "Module Name": "SUSE Linux Enterprise Server Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "12/18/202011/28/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3774.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3774", "detail_available": true, "module_name": "SUSE Linux Enterprise Server Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in section 10.1 of the Security Policy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SUSE Linux Enterprise Server Kernel Crypto API Module provides cryptographic services to the Linux operating system kernel." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3773", "Certificate Number": "3773", "Vendor Name": "Acronis SCS", "Module Name": "Acronis SCS Cryptographic Module", "Module Type": "Software", "Validation Date": "12/16/202011/22/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3773.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3773", "detail_available": true, "module_name": "Acronis SCS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Acronis SCS Cryptographic Module is a component of the Acronis Backup software solution (version 12.5 and later). It provides the underlying cryptographic functionality necessary to support the use of secure communications protocols, encrypted backups, and secure file sharing." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3772", "Certificate Number": "3772", "Vendor Name": "Ruckus Wireless, Inc.", "Module Name": "Virtual SmartZone (vSZ) WLAN Controller", "Module Type": "Software", "Validation Date": "12/16/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3772.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3772", "detail_available": true, "module_name": "Virtual SmartZone (vSZ) WLAN Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Sections 2 and 8 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Ruckus Virtual SmartZone (vSZ-E and vSZ-H hosted on a physical device) is an NFV-based WLAN controller for service providers and enterprises ready to elevate their WLAN deployment to the next level of flexibility, resiliency, and scale.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3771", "Certificate Number": "3771", "Vendor Name": "ICU Medical, Inc.", "Module Name": "LifeCare PCA™ Infusion Pump", "Module Type": "Hardware", "Validation Date": "12/15/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3771.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3771", "detail_available": true, "module_name": "LifeCare PCA™ Infusion Pump", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "LifeCare PCA™ is a Patient-Controlled Analgesia Infusion System with Full IV-EHR Interoperability.With the ICU Medical LifeCare PCA patient-controlled analgesia infusion system, you can be confident you are safely delivering the right drug at the right dose to the right patient in the right concentration. As the first and only PCA system with an integrated barcode reader and full IV-EHR interoperability, LifeCare PCA offers streamlined programming." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3770", "Certificate Number": "3770", "Vendor Name": "Qualcomm Technologies, Inc.", "Module Name": "Qualcomm® Trusted Execution Environment Software Cryptographic Library", "Module Type": "Software-Hybrid", "Validation Date": "12/14/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3770.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3770", "detail_available": true, "module_name": "Qualcomm® Trusted Execution Environment Software Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Qualcomm(R) Pseudo Random Number Generator validated to FIPS 140-2 under Cert. #3114 operating in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Single Chip", "description": "Qualcomm Trusted Execution Environment Software Cryptographic Library provides various software cryptographic functionalities to the 32/64 bit Qualcomm Trusted Execution Environment Trusted Applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3769", "Certificate Number": "3769", "Vendor Name": "Cambium Networks", "Module Name": "PTP 820C, PTP 820C-HP, PTP 820C 2E2SX, PTP 820S, PTP 820N, PTP 820A, PTP 820G, and PTP 820GX", "Module Type": "Hardware", "Validation Date": "12/14/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3769.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3769", "detail_available": true, "module_name": "PTP 820C, PTP 820C-HP, PTP 820C 2E2SX, PTP 820S, PTP 820N, PTP 820A, PTP 820G, and PTP 820GX", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "PTP 820 is a Point-to-Point wireless broadband solution for mission-critical communications in government, industrial and public safety spaces. Integrated with leading networking functionality with the industry most advanced microwave technologies, the platform creates a superior transport solution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3768", "Certificate Number": "3768", "Vendor Name": "REDCOM Laboratories, Inc.", "Module Name": "REDCOM OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "12/14/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3768.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3768", "detail_available": true, "module_name": "REDCOM OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "REDCOM OpenSSL Cryptographic Module is used with various REDCOM products. The module offloads functions for key management, data integrity, data at rest encryption, and communications to a trusted implementation. The module is a multi-chip standalone embodiment installed on a General-Purpose Device and relies on physical characteristics of the host. The physical cryptographic boundary is defined by the enclosure of the host platform. Operations occur via calls from host applications and their internal daemons/processes. As such there are no untrusted services calling the services of the module", "algorithms": [ "CVL", "DRBG", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3767", "Certificate Number": "3767", "Vendor Name": "GDC Technology (USA) LLC", "Module Name": "Standalone IMB", "Module Type": "Hardware", "Validation Date": "12/11/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3767.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3767", "detail_available": true, "module_name": "Standalone IMB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "A digital cinema standalone integrated media block that is compliant with DCI specifications and SMPTE digitial cinema standards. The supported features include JPEG2000 decoding, AES decryption, key management and logging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3766", "Certificate Number": "3766", "Vendor Name": "Entrust", "Module Name": "nShield Solo XC F3 & nShield Solo XC F3 for nShield Connect XC and for nShield HSMi", "Module Type": "Hardware", "Validation Date": "12/10/202002/25/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3766.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3766", "detail_available": true, "module_name": "nShield Solo XC F3 & nShield Solo XC F3 for nShield Connect XC and for nShield HSMi", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy. The protocol TLS shall not be used when operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The nShield XC F3 PCIe card, sold as nShield XC F3 PCIe server-embedded hardware security modules (HSMs) and also used in the nShield Connect XC and nShield HSMi network appliance HSMs, are multi-tasking HSMs optimized for symmetric and asymmetric operations on protected keys. The nShield modules are FIPS 140-2 Level 2 embedded devices for applications including but not limited to PKI, SSL/TLS, Secure Manufacturing, Data Protection, Key Management and Provisioning.", "algorithms": [ "CVL", "DRBG" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3765", "Certificate Number": "3765", "Vendor Name": "Entrust", "Module Name": "nShield Solo XC F2", "Module Type": "Hardware", "Validation Date": "12/10/202002/09/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3765.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3765", "detail_available": true, "module_name": "nShield Solo XC F2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy. The protocol TLS shall not be used when operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The nShield XC F2 PCIe card, sold as nShield XC F2 PCIe server-embedded hardware security modules (HSMs) are multi-tasking HSMs optimized for symmetric and asymmetric operations on protected keys. The nShield module is FIPS 140-2 Level 2 embedded devices for applications including but not limited to PKI, SSL/TLS, Secure Manufacturing, Data Protection, Key Management and Provisioning.", "algorithms": [ "CVL", "DRBG" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3764", "Certificate Number": "3764", "Vendor Name": "Hewlett Packard Enterprise", "Module Name": "Aruba 2930F, 2930M, 3810M and 5400R zl2 Switch Series", "Module Type": "Hardware", "Validation Date": "12/10/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3764.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3764", "detail_available": true, "module_name": "Aruba 2930F, 2930M, 3810M and 5400R zl2 Switch Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When initialized and configured as specified in Section 10 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Aruba 2930F, 2930M and 3810M Switch Series are designed for customers creating digital workplaces that are optimized for mobile users with an integrated wired and wireless approach. The 2930F is basic Layer 3 switch that supports 10GbE uplinks, PoE+, robust QoS, RIP Routing, Access OSPF, and IPV6, ACLs. The module delivers consistent wired/wireless user experience with unified management tools such as Aruba ClearPass Policy Manager and Aruba Airwave. The 2930M and 3810M are Layer 3 access switches that support 10GbE and 40GbE uplinks, Dual Modular Power Supplies, full PoE+, HPE Smart Rat" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3763", "Certificate Number": "3763", "Vendor Name": "Trusted Concepts, Inc.", "Module Name": "TrustedKeep Encryption Module", "Module Type": "Software", "Validation Date": "12/10/202008/10/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3763.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3763", "detail_available": true, "module_name": "TrustedKeep Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 12.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "TrustedKeep is a secure object storage and sharing platform designed from the ground up for object-level encryption. Each object stored is assigned one or more unique encryption keys that never leave the TrustedKeep boundary, preventing engineering mistakes resulting in leaks of key material or sensitive data.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3762", "Certificate Number": "3762", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung Flash Memory Protector V2.0", "Module Type": "Software-Hybrid", "Validation Date": "12/09/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3762.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3762", "detail_available": true, "module_name": "Samsung Flash Memory Protector V2.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The driver for the on-the-fly Hardware encryption module to flash memory for Disk/File Encryption solution. The hardware module supports AES with CBC mode and XTS-AES cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3761", "Certificate Number": "3761", "Vendor Name": "Domo Tactical Communications (DTC) Limited", "Module Name": "SOLSDR NETNode Security Module", "Module Type": "Firmware", "Validation Date": "12/09/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3761.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3761", "detail_available": true, "module_name": "SOLSDR NETNode Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Single Chip", "description": "The SOLSDR NETNode security module resides within the SOLSDR and NETNode IP Mesh Phase 5 product families onwards. It provides FIPS140-2 compliant AES128 and AES256 encryption and decryption functions and include two modes of operation both software only and hardware accelerated.", "algorithms": [ "AES", "HMAC", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3760", "Certificate Number": "3760", "Vendor Name": "Entrust", "Module Name": "nShield Solo XC F3 & nShield Solo XC F3 for nShield Connect XC and for nShield HSMi", "Module Type": "Hardware", "Validation Date": "12/09/202002/18/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3760.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3760", "detail_available": true, "module_name": "nShield Solo XC F3 & nShield Solo XC F3 for nShield Connect XC and for nShield HSMi", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The nShield XC F3 PCIe card, sold as nShield XC F3 PCIe server-embedded hardware security modules (HSMs) and also used in the nShield Connect XC and nShield HSMi network appliance HSMs, are multi-tasking HSMs optimized for symmetric and asymmetric operations on protected keys. The nShield modules are FIPS 140-2 Level 3 embedded devices for applications including but not limited to PKI, SSL/TLS, Secure Manufacturing, Data Protection, Key Management and Provisioning.", "algorithms": [ "CVL", "DRBG" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3759", "Certificate Number": "3759", "Vendor Name": "Qualcomm Technologies, Inc.", "Module Name": "Qualcomm® Crypto Engine Core", "Module Type": "Hardware", "Validation Date": "12/07/202010/16/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3759.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3759", "detail_available": true, "module_name": "Qualcomm® Crypto Engine Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Qualcomm® Crypto Engine Core is a general purpose cryptographic hardware engine capable of securely processing various confidentiality and integrity algorithms across multiple execution environments. Crypto Engine Core version 5.5.0 is supported by various Qualcomm platforms including Snapdragon® 865 Mobile Platform, QCM8250, and QCS8250." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3758", "Certificate Number": "3758", "Vendor Name": "Phison Electronics Corporation", "Module Name": "Phison TCG OPAL SSC SSD Series", "Module Type": "Hardware", "Validation Date": "12/07/202001/14/202205/17/202406/21/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3758.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3758", "detail_available": true, "module_name": "Phison TCG OPAL SSC SSD Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in the Security Rules Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Phison TCG Opal SSC SSD series are high-performance self-encrypting solid state drives with the support of NVMe and SATA interface. User data is protected by AES256-XTS on-the-fly hardware encryption/decryption without compromising transfer rates. This SSD series implement various FIPS approved cryptographic algorithms and FIPS approved services are provided through compliance with the industry-standard TCG Opal SSC protocol." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3757", "Certificate Number": "3757", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux 7 GnuTLS Cryptographic Module", "Module Type": "Software", "Validation Date": "12/07/202001/15/202110/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3757.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3757", "detail_available": true, "module_name": "Oracle Linux 7 GnuTLS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 10 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Oracle Linux 7 GnuTLS Cryptographic Module is a set of libraries implementing general purpose cryptographic algorithms and network protocols." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3756", "Certificate Number": "3756", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Key Variable Loader (KVL) 5000 PIKE2", "Module Type": "Hardware", "Validation Date": "12/03/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3756.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3756", "detail_available": true, "module_name": "Key Variable Loader (KVL) 5000 PIKE2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The Key Variable Loader (KVL) 5000 PIKE2 provides security services for the KVL 5000. The KVL 5000 is a portable key distribution device that consists of KVL Host Application processor and KVL 5000 PIKE2 Hardware Security Module (HSM). The KVL 5000 allows programmers to generate, transport, and load encryption keys, securely and efficiently into secure communication products thereby enabling secure encrypted communications.", "algorithms": [ "AES", "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3755", "Certificate Number": "3755", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung NVMe TCG Opal SSC SEDs PM1733 Series", "Module Type": "Hardware", "Validation Date": "12/03/202001/06/202103/10/202102/22/202207/05/202209/14/202307/11/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3755.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3755", "detail_available": true, "module_name": "Samsung NVMe TCG Opal SSC SEDs PM1733 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Rules Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Samsung NVMe TCG Opal SSC SEDs PM1733 Series are a high-performance Self-Encrypting SSDs supporting NVMe Interface that provides on-the-fly encryption/decryption of user data without performance loss. It implements AES256-XTS for user data encryption, RSA PSS 2048 for FW authentication, and Hash_DRBG for key generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3754", "Certificate Number": "3754", "Vendor Name": "Quantum Xchange", "Module Name": "Quantum Xchange FIPS Module", "Module Type": "Software", "Validation Date": "12/02/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3754.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3754", "detail_available": true, "module_name": "Quantum Xchange FIPS Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 3 of the Security Policy and operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Quantum Xchange FIPS Module provides FIPS 140-2 validated cryptography for the solutions delivered by Quantum Xchange.", "algorithms": [ "AES", "DES", "DSA", "ECDSA", "KDF", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3753", "Certificate Number": "3753", "Vendor Name": "Google, LLC.", "Module Name": "BoringCrypto Android", "Module Type": "Software", "Validation Date": "12/02/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3753.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3753", "detail_available": true, "module_name": "BoringCrypto Android", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 12.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "A software library that contains cryptographic functionality to serve BoringSSL and other user-space applications.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3752", "Certificate Number": "3752", "Vendor Name": "WatchGuard Technologies, Inc.", "Module Name": "WatchGuard Firebox M270[1], M370[2], M470[3], M570[4], M670[5]", "Module Type": "Hardware", "Validation Date": "12/01/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3752.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3752", "detail_available": true, "module_name": "WatchGuard Firebox M270[1], M370[2], M470[3], M570[4], M670[5]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper-evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "WatchGuard® Firebox appliances are built for enterprise-grade performance with blazing throughput and numerous connectivity options. Advanced networking features include clustering, high availability (active/active), VLAN support, multi-WAN load balancing and enhanced VoIP security, plus inbound and outbound HTTPS inspection, to give the strong security enterprises need. And the FIREBOX appliances are completely configurable - turn on or off components and services to fit different network security deployment requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3751", "Certificate Number": "3751", "Vendor Name": "WatchGuard Technologies, Inc.", "Module Name": "WatchGuard Firebox T15[1], T15-W[2], T35[3], T35-W[4], T55[5], T55-W[6], T70[7]", "Module Type": "Hardware", "Validation Date": "12/01/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3751.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3751", "detail_available": true, "module_name": "WatchGuard Firebox T15[1], T15-W[2], T35[3], T35-W[4], T55[5], T55-W[6], T70[7]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper-evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "WatchGuard® Firebox appliances are built for enterprise-grade performance with blazing throughput and numerous connectivity options. Advanced networking features include clustering, high availability (active/active), VLAN support, multi-WAN load balancing and enhanced VoIP security, plus inbound and outbound HTTPS inspection, to give the strong security enterprises need. And the FIREBOX appliances are completely configurable - turn on or off components and services to fit different network security deployment requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3750", "Certificate Number": "3750", "Vendor Name": "Memkor, Inc.", "Module Name": "Memkor MKD-O2F 2.5\"/M.2/U.2 SSD", "Module Type": "Hardware", "Validation Date": "11/30/202012/11/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3750.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3750", "detail_available": true, "module_name": "Memkor MKD-O2F 2.5\"/M.2/U.2 SSD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 6 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The module is a SATA and PCIe data storage device which is based on MK328F ASIC controller and non-volatile memories. Within boundary, ASIC controller implements NDRNG, DRBG and AES-256 security functions with firmware integrity verification using SHA-256." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3749", "Certificate Number": "3749", "Vendor Name": "Infinera Corporation", "Module Name": "mTera Universal Transport Platform", "Module Type": "Hardware", "Validation Date": "11/25/202008/15/202309/14/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3749.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3749", "detail_available": true, "module_name": "mTera Universal Transport Platform", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode; When installed, initialized and configured as specified in Section 11 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The mTera UTP is a flexible and scalable universal transport platform that can dynamically adapt to changing traffic patterns and address multiple use cases. Its capacity ranges from 2.8Tbps to 7.0Tbps." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3748", "Certificate Number": "3748", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu 18.04 Libgcrypt Cryptographic Module", "Module Type": "Software", "Validation Date": "11/24/202005/18/202109/21/202110/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3748.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3748", "detail_available": true, "module_name": "Ubuntu 18.04 Libgcrypt Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Section 9.1 of the Security Policy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Libgcrypt library implementation providing cryptographic services to Linux user space software components in general and to GnuPG in particular." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3747", "Certificate Number": "3747", "Vendor Name": "Infineon Technologies AG", "Module Name": "Trusted Platform Module 2.0 SLI / SLM 9670", "Module Type": "Hardware", "Validation Date": "11/24/202009/06/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3747.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3747", "detail_available": true, "module_name": "Trusted Platform Module 2.0 SLI / SLM 9670", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode, initialized, and configured as specified in Sections 8.1, 9 and 10 of the Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The TPM is a single chip module that provides computer manufacturers with the core components of a subsystem used to assure authenticity, integrity and confidentiality in e-commerce and internet communications within a Trusted Computing Platform. The TPM is a complete solution implementing the Trusted Platform Module Library Specification, Family \"2.0\", Level 00, Revision 01.38, September 2016 (ISO/IEC 11889:2015, Parts 1-4), Errata Version 1.4. See http://www.trustedcomputinggroup.org/ for further information on TCG and TPM.", "algorithms": [ "AES", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3746", "Certificate Number": "3746", "Vendor Name": "NXP Semiconductors", "Module Name": "JCOP4 P71", "Module Type": "Hardware", "Validation Date": "11/23/202010/07/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3746.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3746", "detail_available": true, "module_name": "JCOP4 P71", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "NXP Semiconductors offers JCOP, a secure Java Card Operating System based on several independent 3rd party specifications, such as Java Card 3.0.5 specifications, the GlobalPlatform card specifications, and a few International Organization for Standards (like ISO7816), EMV (Europay, Mastercard and VISA) and others. By adhering to these standards, JCOP4 P71 ensures large interoperability with third-party applets providers, card issuers as well as all existing Smart Card infrastructures." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3745", "Certificate Number": "3745", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung Kernel Cryptographic Module", "Module Type": "Software", "Validation Date": "11/23/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3745.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3745", "detail_available": true, "module_name": "Samsung Kernel Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Provides general purpose cryptographic services to services in the Linux kernel and user-space applications, intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3744", "Certificate Number": "3744", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks EX2300, EX2300-C and EX3400 Ethernet Switches", "Module Type": "Hardware", "Validation Date": "11/17/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3744.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3744", "detail_available": true, "module_name": "Juniper Networks EX2300, EX2300-C and EX3400 Ethernet Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 1.2 and 6 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Comprehensive, scalable and secure switching & routing solutions specifically designed to meet the needs of campus, enterprises and service providers. All of our switches & routers - core, Multiservice edge and edge Ethernet - run on one common operating system- Junos", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3743", "Certificate Number": "3743", "Vendor Name": "RSA Security, LLC", "Module Name": "RSA BSAFE® Crypto-C Micro Edition", "Module Type": "Software", "Validation Date": "11/16/202004/12/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3743.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3743", "detail_available": true, "module_name": "RSA BSAFE® Crypto-C Micro Edition", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When entropy is externally loaded, no assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Crypto-C Micro Edition (ME) Module is RSA's cryptographic library designed for securing mobile devices like wireless phones and personal digital assistants. It contains assembly-level optimizations on key wireless processors. Its functionality includes a wide range of data encryption and signing algorithms, including Triple-DES, the Advanced Encryption Standard (AES) algorithm, the RSA Public Key Cryptosystem, the DSA government signature algorithm, MD5 and SHA1 message digest routines, and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3742", "Certificate Number": "3742", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung NVMe TCG Opal SSC SEDs PM983 Series", "Module Type": "Hardware", "Validation Date": "11/13/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3742.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3742", "detail_available": true, "module_name": "Samsung NVMe TCG Opal SSC SEDs PM983 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Rules Section of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Samsung NVMe TCG Opal SSC SEDs PM983 Series are a high-performance Self-Encrypting SSDs supporting NVMe Interface that provides on-the-fly encryption/decryption of user data without performance loss. It implements AES256-XTS for user data encryption, ECDSA P-256 for FW authentication, and Hash_DRBG for key generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3741", "Certificate Number": "3741", "Vendor Name": "Marvell Semiconductor, Inc.", "Module Name": "NITROXIII CNN35XX-NFBE HSM Family", "Module Type": "Hardware", "Validation Date": "10/30/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3741.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3741", "detail_available": true, "module_name": "NITROXIII CNN35XX-NFBE HSM Family", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized and configured per Section 10 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security-relevant modification to Cert. #3254", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "CNN35XX-NFBE HSM Family is a high performance purpose built solution for key management and crypto acceleration compliance to FIPS 140-2. The module supports flexible key store that can be partitioned up to 32 individually managed and isolated partitions. This is a SRIOV capable PCIe adapter and can be used in a virtualization environment to extend services like virtual key management, crypto and TLS offloads to VMs in dedicated I/O channels. This product is suitable for PKI vendors, SSL servers/load balancers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3740", "Certificate Number": "3740", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Firepower Threat Defense Virtual (FTDv) Cryptographic Module", "Module Type": "Software", "Validation Date": "10/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3740.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3740", "detail_available": true, "module_name": "Cisco Firepower Threat Defense Virtual (FTDv) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Cisco Firepower Threat Defense (FTD) solution offers the combination of the industry's most deployed stateful firewall with a comprehensive range of next-generation network security services, intrusion prevention system (IPS), content security and secure unified communications. All running in a virtual environment.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3739", "Certificate Number": "3739", "Vendor Name": "Amazon Web Services, Inc.", "Module Name": "AWS Nitro Card Security Engine", "Module Type": "Firmware-Hybrid", "Validation Date": "10/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3739.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3739", "detail_available": true, "module_name": "AWS Nitro Card Security Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The AWS Nitro Card Security Engine is a multi-chip standalone firmware-hybrid module. The Approved cryptographic services provided by the module are: - Data encryption / decryption utilizing symmetric ciphers, i.e. AES algorithms. - Computation of hash values, i.e. SHA-256, SHA-512. - Message authentication utilizing HMAC-SHA256, HMAC-SHA512, hashing algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3738", "Certificate Number": "3738", "Vendor Name": "Ruckus Wireless, Inc.", "Module Name": "Ruckus Wireless, Inc. R710, R610, R720, T610 and T710 Wireless Access Points", "Module Type": "Hardware", "Validation Date": "10/27/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3738.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3738", "detail_available": true, "module_name": "Ruckus Wireless, Inc. R710, R610, R720, T610 and T710 Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy. This validation entry is a non-security-relevant modification to Cert. #3393", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Ruckus Wireless, Inc. Wi-Fi, switching and software portfolio builds on more than a decade's worth of patented technologies to offer better connections that enable awesome customer experiences-at a fraction of the cost of alternatives. Our indoor and outdoor wireless access points fit just about any budget, performance requirement or deployment scenario.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3737", "Certificate Number": "3737", "Vendor Name": "Juniper Networks, Inc", "Module Name": "Juniper Networks SRX300, SRX320, SRX340, SRX345, SRX345-DUAL-AC, SRX550M, SRX5400, SRX5600 and SRX5800 Services Gateways", "Module Type": "Hardware", "Validation Date": "10/27/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3737.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3737", "detail_available": true, "module_name": "Juniper Networks SRX300, SRX320, SRX340, SRX345, SRX345-DUAL-AC, SRX550M, SRX5400, SRX5600 and SRX5800 Services Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 1.2 and 5 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Juniper Networks SRX Series Services Gateways are a series of secure routers that provide essential capabilities to connect, secure, and manage work force locations sized from handfuls to hundreds of users. By consolidating fast, highly available switching, routing, security, and applications capabilities in a single device, enterprises can economically deliver new services, safe connectivity, and a satisfying end user experience.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3736", "Certificate Number": "3736", "Vendor Name": "Kemp Technologies Inc.", "Module Name": "LoadMaster FIPS Object Module", "Module Type": "Software", "Validation Date": "10/27/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3736.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3736", "detail_available": true, "module_name": "LoadMaster FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The LoadMaster is a family of load balancing appliances running a custom operating system developed by Kemp Technologies Inc.", "algorithms": [ "CVL", "DRBG", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3735", "Certificate Number": "3735", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba Mobility Controller Virtual Appliances with ArubaOS FIPS Firmware", "Module Type": "Firmware", "Validation Date": "10/27/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3735.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3735", "detail_available": true, "module_name": "Aruba Mobility Controller Virtual Appliances with ArubaOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 8 of the Security Policy", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's family of Mobility Controllers are network infrastructure devices providing secure, scalable solutions for enterprise Wi-Fi, network security policy enforcement, VPN services, and wireless intrusion detection and prevention. Mobility controllers serve as central points of authentication, encryption, access control, and network coordination for all mobile network services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3734", "Certificate Number": "3734", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba Virtual and Hardware Mobility Master Appliances with ArubaOS FIPS Firmware", "Module Type": "Firmware", "Validation Date": "10/27/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3734.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3734", "detail_available": true, "module_name": "Aruba Virtual and Hardware Mobility Master Appliances with ArubaOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 9 of the Security Policy", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's family of Mobility Masters simplify the management of multiple Aruba controllers running ArubaOS. Key features include a centralized dashboard to easily see and manage controllers, configuration hierarchy to customize deployments for various sites, and live firmware and feature upgrades to improve network reliability during active user sessions. The addition of licensing pools simplifies the transfer of licenses between different controllers to quickly address expanded deployment needs.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3733", "Certificate Number": "3733", "Vendor Name": "Fornetix LLC", "Module Name": "Fornetix® Key Orchestration(tm)", "Module Type": "Hardware", "Validation Date": "10/23/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3733.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3733", "detail_available": true, "module_name": "Fornetix® Key Orchestration(tm)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. This module contains the embedded module Red Hat Enterprise Linux 6.9 OpenSSL Module validated to FIPS 140-2 under Cert. #2441 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Fornetix Key Orchestration provides scalable, secure, and interoperable orchestration of cryptography and key lifecycle management for IoT, Datacenter and Cloud Applications. OpenSSL is used in the Key Orchestration Appliance is used as an exportable cryptography engine supporting cryptographic lifecycle operations executed by the appliance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3732", "Certificate Number": "3732", "Vendor Name": "Citrix Systems, Inc.", "Module Name": "Citrix ADC VPX", "Module Type": "Software", "Validation Date": "10/22/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3732.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3732", "detail_available": true, "module_name": "Citrix ADC VPX", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section [3.1.3] of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Citrix ADC VPX is a virtual application delivery controller that provides the best possible experience to users with flexible deployment options, intelligent global load balancing, centralized management from a single pane, and integrated application and API security." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3731", "Certificate Number": "3731", "Vendor Name": "Entrust", "Module Name": "nShield F3 10+ 500+ 6000+ & nShield F3 500+ 1500+ 6000+ for nShield Connect+, Connect CLX and HSMi", "Module Type": "Hardware", "Validation Date": "10/21/202002/17/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3731.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3731", "detail_available": true, "module_name": "nShield F3 10+ 500+ 6000+ & nShield F3 500+ 1500+ 6000+ for nShield Connect+, Connect CLX and HSMi", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy. The protocol TLS shall not be used when operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The nShield modules: nShield F3 10+ 500+ 6000+ & nShield F3 500+ 1500+ 6000+ for nShield Connect+, Connect CLX and HSMi are tamper evident and tamper responsive Hardware Security Modules which provide support for the widest range of cryptographic algorithms, application programming interfaces (APIs) and host operating systems, enabling the devices to be used with virtually any business application. The units are identical in operation and only vary in the processing speed.", "algorithms": [ "CVL", "DRBG" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3730", "Certificate Number": "3730", "Vendor Name": "Entrust", "Module Name": "nShield F3 10+ 500+ 6000+ & nShield F3 500+ 1500+ 6000+ for nShield Connect+, Connect CLX and HSMi", "Module Type": "Hardware", "Validation Date": "10/21/202002/17/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3730.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3730", "detail_available": true, "module_name": "nShield F3 10+ 500+ 6000+ & nShield F3 500+ 1500+ 6000+ for nShield Connect+, Connect CLX and HSMi", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The nShield modules: nShield F3 10+ 500+ 6000+ & nShield F3 500+ 1500+ 6000+ for nShield Connect+, Connect CLX and HSMi are tamper evident and tamper responsive Hardware Security Modules which provide support for the widest range of cryptographic algorithms, application programming interfaces (APIs) and host operating systems, enabling the devices to be used with virtually any business application. The units are identical in operation and only vary in the processing speed.", "algorithms": [ "CVL", "DRBG" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3729", "Certificate Number": "3729", "Vendor Name": "Symantec Corporation", "Module Name": "Symantec PGP Cryptographic Engine", "Module Type": "Software", "Validation Date": "10/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3729.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3729", "detail_available": true, "module_name": "Symantec PGP Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products. It includes a wide range of field-tested and standards-based encryption, digital signature, and encoding algorithms as well as a variety of secure network protocol implementations." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3728", "Certificate Number": "3728", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Firepower Management Center Virtual (FMCv) Cryptographic Module", "Module Type": "Software", "Validation Date": "10/20/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3728.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3728", "detail_available": true, "module_name": "Cisco Firepower Management Center Virtual (FMCv) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Firepower Management Center Virtual working like the Firepower Management Center appliance aggregates and correlates network traffic information and performance data, assessing the impact of events on particular hosts. You can monitor the information that your device reports, and assess and control the overall activity that occurs on your network. The FMCv also controls the network management features on your devices: switching, routing, NAT and VPN.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3727", "Certificate Number": "3727", "Vendor Name": "nCipher Security Limited", "Module Name": "MiniHSM, MiniHSM for nShield Edge F3, and MiniHSM for Time Stamp Master Clock", "Module Type": "Hardware", "Validation Date": "10/20/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3727.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3727", "detail_available": true, "module_name": "MiniHSM, MiniHSM for nShield Edge F3, and MiniHSM for Time Stamp Master Clock", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The MiniHSM, MiniHSM for nShield Edge F3 and MiniHSM for Time Stamp Master Clock are fully featured HSMs supplied in a single chip package. The MiniHSM Modules offer all the security and key management features of other nShield modules - but with reduced processing speed. The MiniHSM modules are OEM parts and will be included within other appliances or products, for example switches or routers. The MiniHSM modules have a real time clock which also makes them suitable for use as a time-stamping engine.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3726", "Certificate Number": "3726", "Vendor Name": "Entrust", "Module Name": "nShield F2 500+ & nShield F2 1500+ & nShield F2 6000+", "Module Type": "Hardware", "Validation Date": "10/19/202002/09/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3726.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3726", "detail_available": true, "module_name": "nShield F2 500+ & nShield F2 1500+ & nShield F2 6000+", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy. The protocol TLS shall not be used when operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The nShield modules: nShield F2 500+ & nShield F2 1500+ & nShield F2 6000+ family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed.", "algorithms": [ "CVL", "DRBG" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3725", "Certificate Number": "3725", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu 16.04 OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "10/09/202010/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3725.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3725", "detail_available": true, "module_name": "Ubuntu 16.04 OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Sections 9.1 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "OpenSSL is an open-source library of various cryptographic algorithms written mainly in C." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3724", "Certificate Number": "3724", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu 16.04 Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "10/07/202010/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3724.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3724", "detail_available": true, "module_name": "Ubuntu 16.04 Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Sections 9.1 of the Security Policy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Ubuntu 16.04 Kernel Crypto API module is a software module running as part of the operating system kernel that provides general purpose cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3723", "Certificate Number": "3723", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Systems 3504, 5520, and 8540 Wireless LAN Controllers, Version 8.10", "Module Type": "Hardware", "Validation Date": "10/06/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3723.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3723", "detail_available": true, "module_name": "Cisco Systems 3504, 5520, and 8540 Wireless LAN Controllers, Version 8.10", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Series Wireless Controllers, are a highly scalable and flexible platform that enables system-wide services for mission-critical wireless networking in medium-sized to large enterprises and campus environments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3722", "Certificate Number": "3722", "Vendor Name": "Ceragon Networks, Ltd.", "Module Name": "FibeAir® IP-20C, FibeAir® IP-20C-HP, FibeAir® IP-20C 2E2SX, FibeAir® IP-20S, FibeAir® IP-20N, FibeAir® IP-20A, FibeAir® IP-20G, and FibeAir® IP-20GX", "Module Type": "Hardware", "Validation Date": "10/06/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3722.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3722", "detail_available": true, "module_name": "FibeAir® IP-20C, FibeAir® IP-20C-HP, FibeAir® IP-20C 2E2SX, FibeAir® IP-20S, FibeAir® IP-20N, FibeAir® IP-20A, FibeAir® IP-20G, and FibeAir® IP-20GX", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "FibeAir IP-20 platform provides secured wireless backhaul solutions to deliver mission-critical multimedia services, 4G and other applications with high security and reliability. The platform provides multi gigabit wireless links in 4-86GHz frequency bands, supporting IP and TDM services in a wide range of topologies and network architectures." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3721", "Certificate Number": "3721", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung NVMe TCG Opal SSC SEDs PM1723b Series", "Module Type": "Hardware", "Validation Date": "10/02/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3721.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3721", "detail_available": true, "module_name": "Samsung NVMe TCG Opal SSC SEDs PM1723b Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Rules Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Samsung NVMe TCG Opal SSC SEDs PM1723b Series are a high-performance Self-Encrypting SSDs supporting NVMe Interface that provides on-the-fly encryption/decryption of user data without performance loss. It implements AES256-XTS for user data encryption, ECDSA P-224 for FW authentication, and Hash_DRBG for key generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3720", "Certificate Number": "3720", "Vendor Name": "Metaswitch Networks Ltd", "Module Name": "OpenSSH Server Cryptographic Module for Perimeta SBC", "Module Type": "Software", "Validation Date": "10/02/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3720.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3720", "detail_available": true, "module_name": "OpenSSH Server Cryptographic Module for Perimeta SBC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module OpenSSL Cryptographic Module for Perimeta SBC validated to FIPS 140-2 under Cert. #3657 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Perimeta is the first cloud native virtualized session border controller (vSBC) proven to deliver the Session Initiation Protocol (SIP) interworking and security performance demanded of large-scale rich communications services. The OpenSSH Server cryptographic module provides cryptographic services to the users of the Perimeta SBC." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3719", "Certificate Number": "3719", "Vendor Name": "Metaswitch Networks Ltd", "Module Name": "OpenSSH Client Cryptographic Module for Perimeta SBC", "Module Type": "Software", "Validation Date": "10/02/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3719.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3719", "detail_available": true, "module_name": "OpenSSH Client Cryptographic Module for Perimeta SBC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module OpenSSL Cryptographic Module for Perimeta SBC validated to FIPS 140-2 under Cert. #3657 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Perimeta is the first cloud native virtualized session border controller (vSBC) proven to deliver the Session Initiation Protocol (SIP) interworking and security performance demanded of large-scale rich communications services. The OpenSSH Client cryptographic module provides cryptographic services to the users of the Perimeta SBC." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3718", "Certificate Number": "3718", "Vendor Name": "Marvell Semiconductor Inc.", "Module Name": "NITROXIII CNN35XX-NFBE HSM Family", "Module Type": "Hardware", "Validation Date": "09/29/202011/10/202001/15/202108/30/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3718.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3718", "detail_available": true, "module_name": "NITROXIII CNN35XX-NFBE HSM Family", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "CNN35XX-NFBE HSM Family is a high performance purpose built solution for key management and crypto acceleration compliance to FIPS 140-2 level 3. The module supports flexible key store that can be partitioned up to 32 individually managed and isolated partitions. This is a SRIOV capable PCIe adapter and can be used in a virtualization environment to extend services like virtual key management, offloading general and TLS specific crypto operations through dedicated I/O channels. This product is suitable for PKI users, vendors, TLS servers/load balancers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3717", "Certificate Number": "3717", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks NFX150 Network Services Platform", "Module Type": "Hardware", "Validation Date": "09/28/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3717.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3717", "detail_available": true, "module_name": "Juniper Networks NFX150 Network Services Platform", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 1.2 and 6 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The NFX150 Network Services Platform provides multiple network connections and an open, standards-based architecture. It uses SRX Series next-generation firewall software for security. The NFX150 delivers business services, such as SD-WAN. It is for enterprise organizations and for service providers that deliver managed services to the enterprise.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3716", "Certificate Number": "3716", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Wireless LAN Access points 1702i, 2702e/i, 3702e/i/p, Version 8.10", "Module Type": "Hardware", "Validation Date": "09/28/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3716.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3716", "detail_available": true, "module_name": "Cisco Wireless LAN Access points 1702i, 2702e/i, 3702e/i/p, Version 8.10", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Cisco Aironet Series Wireless Access Points provide highly secure and reliable wireless connections for both indoor and outdoor environments.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3715", "Certificate Number": "3715", "Vendor Name": "Certicom Corp.", "Module Name": "Security Builder® FIPS Module", "Module Type": "Software", "Validation Date": "09/28/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3715.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3715", "detail_available": true, "module_name": "Security Builder® FIPS Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. This validation entry is a non-security-relevant modification to Cert. #1729", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Security Builder® FIPS Module is a standards-based cryptographic toolkit that supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into both mobile and server-based applications. The Security Builder FIPS Module is part of the Certicom Security Architecture, a comprehensive cross-platform security solution which supports multiple cryptographic software and hardware providers with a single common API." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3714", "Certificate Number": "3714", "Vendor Name": "Extron Electronics", "Module Name": "Extron FIPS Module", "Module Type": "Software", "Validation Date": "09/28/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3714.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3714", "detail_available": true, "module_name": "Extron FIPS Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode (built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy). Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Extron FIPS Module is a cryptographic module whose purpose is to provide FIPS 140-2 validated cryptographic functions.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3713", "Certificate Number": "3713", "Vendor Name": "Certicom Corp.", "Module Name": "Security Builder® FIPS Module", "Module Type": "Software", "Validation Date": "09/28/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3713.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3713", "detail_available": true, "module_name": "Security Builder® FIPS Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. This validation entry is a non-security-relevant modification to Cert. #1579", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Security Builder FIPS Module is a standards-based cryptographic toolkit that supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into both mobile and server-based applications. The Security Builder FIPS Module is part of the Certicom Security Architecture, a comprehensive cross-platform security solution which supports multiple cryptographic software and hardware providers with a single common API." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3712", "Certificate Number": "3712", "Vendor Name": "SonicWall, Inc.", "Module Name": "SonicWall Network Security Virtual Appliances", "Module Type": "Firmware", "Validation Date": "09/22/202009/30/202002/25/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3712.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3712", "detail_available": true, "module_name": "SonicWall Network Security Virtual Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 1.3.1 and 8 of the Security Policy", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The NSv series delivers the automated real-time breach detection and prevention organizations need by utilizing innovative deep learning technologies in the SonicWall Capture Cloud Platform. This platform delivers cloud-based threat prevention and network management plus reporting and analytics for organizations of any size." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3711", "Certificate Number": "3711", "Vendor Name": "Alteryx Inc.", "Module Name": "Alteryx Cryptographic Module", "Module Type": "Software", "Validation Date": "09/21/202012/01/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3711.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3711", "detail_available": true, "module_name": "Alteryx Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy and operated in FIPS mode. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security relevant modification to Cert. #3220.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Alteryx FIPS Module for OpenSSL is a general-purpose cryptographic module integrated in Alteryx’s products to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3710", "Certificate Number": "3710", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "09/14/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3710.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3710", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3709", "Certificate Number": "3709", "Vendor Name": "Amazon Web Services, Inc.", "Module Name": "Amazon Linux 2 Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "09/14/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3709.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3709", "detail_available": true, "module_name": "Amazon Linux 2 Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Amazon Linux 2 NSS Cryptographic Module validated to FIPS 140-2 under Cert. #3646 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Linux kernel Crypto API implemented in the Amazon Linux 2 provides services operating inside the Linux kernel with various ciphers, message digests and an approved random number generator." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3708", "Certificate Number": "3708", "Vendor Name": "AudioCodes Ltd.", "Module Name": "Mediant Session Border Controllers", "Module Type": "Hardware", "Validation Date": "09/08/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3708.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3708", "detail_available": true, "module_name": "Mediant Session Border Controllers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 3.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The AudioCodes Mediant family of Session Border Controllers (SBCs) offers a line of versatile IP communications platforms that connect VoIP and TDM networks, built on years of carrier-grade VoIP deployments and expertise.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDH", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3707", "Certificate Number": "3707", "Vendor Name": "nCipher Security Limited", "Module Name": "MiniHSM, MiniHSM for nShield Edge F2, and MiniHSM for Time Stamp Master Clock", "Module Type": "Hardware", "Validation Date": "09/08/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3707.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3707", "detail_available": true, "module_name": "MiniHSM, MiniHSM for nShield Edge F2, and MiniHSM for Time Stamp Master Clock", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy. The protocol TLS shall not be used when operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The MiniHSM, MiniHSM for nShield Edge F2 and MiniHSM for Time Stamp Master Clock are fully featured HSMs supplied in a single chip package. The MiniHSM Modules offer all the security and key management features of other nShield modules - but with reduced processing speed. The MiniHSM modules are OEM parts and will be included within other appliances or products, for example switches or routers. The MiniHSM modules have a real time clock which also makes them suitable for use as a time-stamping engine.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3706", "Certificate Number": "3706", "Vendor Name": "Enovate Medical LLC", "Module Name": "Enovate Medical FIPS Cryptographic Module for EcoFlex, Rhythm, Envoy, and Encore", "Module Type": "Software", "Validation Date": "09/08/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3706.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3706", "detail_available": true, "module_name": "Enovate Medical FIPS Cryptographic Module for EcoFlex, Rhythm, Envoy, and Encore", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Enovate Medical FIPS Cryptographic Module, based off of OpenSSL, is a general-purpose cryptographic module integrated in Enovate Medical's products such as EcoFlex, Rhythm, Envoy, and Encore to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3705", "Certificate Number": "3705", "Vendor Name": "Juniper Networks, Inc", "Module Name": "Juniper Networks SRX1500, SRX4100, SRX4200 and SRX4600 Services Gateways", "Module Type": "Hardware", "Validation Date": "09/01/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3705.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3705", "detail_available": true, "module_name": "Juniper Networks SRX1500, SRX4100, SRX4200 and SRX4600 Services Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 1.2 and 6 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The SRX1500, SRX4100, SRX4200 and SRX4600 Service Gateways offer outstanding protection, performance, scalability, availability, and integrated security services. Designed for high-performance security services architecture, and seamless integration of networking and security in a single platform, the SRX1500, SRX4100, SRX4200 and SRX 4600 are best suited for campuses, regional headquarters and enterprise data centers with a focus on application visibility and control, intrusion prevention, advanced threat protection, authentication, confidentiality of information, and integrated cloud-based security.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3704", "Certificate Number": "3704", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Aironet 1562e/i/d/ps, 2802e/i, 3802e/i/p, 4800 Wireless LAN Access points, Version 8.10, 16.12", "Module Type": "Hardware", "Validation Date": "08/29/202003/24/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3704.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3704", "detail_available": true, "module_name": "Cisco Aironet 1562e/i/d/ps, 2802e/i, 3802e/i/p, 4800 Wireless LAN Access points, Version 8.10, 16.12", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3. This module contains the embedded module 'ACT2Lite Cryptographic Module' validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Cisco Aironet Series Wireless Access Points provide highly secure and reliable wireless connections for both indoor and outdoor environments.", "algorithms": [ "AES", "CVL", "DRBG", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3703", "Certificate Number": "3703", "Vendor Name": "Apricorn", "Module Name": "Aegis Secure Key 3NX Cryptographic Module", "Module Type": "Hardware", "Validation Date": "08/24/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3703.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3703", "detail_available": true, "module_name": "Aegis Secure Key 3NX Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When configured as specified in Section 11.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Apricorn Aegis Secure Key 3NX is a FIPS 140-2 Level 3 validated hardware encrypted USB 3.1 memory key. Its software-free design allows interface to any host that supports USB and mass storage. Authentication is performed via the embedded keypad and all CSPs (PINs, encryption keys, etc) never leave the device boundary for improved security. The device supports 1 administrator and 1 user and offers a variety of features including forced enrollment, programmable brute force, recovery PINs, 7-16 digit PINs, auto lock, read only modes, and is compatible with Apricorn’s Aegis Configurator." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3702", "Certificate Number": "3702", "Vendor Name": "D2iQ Inc.", "Module Name": "D2iQ BoringCrypto Cryptographic Security Module", "Module Type": "Software", "Validation Date": "08/19/202011/25/202012/09/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3702.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3702", "detail_available": true, "module_name": "D2iQ BoringCrypto Cryptographic Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 12.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "D2iQ BoringCrypto Cryptographic Security Module is a general-purpose cryptographic library to serve BoringSSL and other user-space applications.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3701", "Certificate Number": "3701", "Vendor Name": "Ruckus Wireless, Inc.", "Module Name": "FastIron ICX™ 7650 Series Switch/Router", "Module Type": "Hardware", "Validation Date": "08/17/202011/27/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3701.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3701", "detail_available": true, "module_name": "FastIron ICX™ 7650 Series Switch/Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When assembled as per Security Policy Table 2, and configured in FIPS Approved Mode as per Security Policy Section 8", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Ruckus ICX 7650 Switch is designed to meet the new challenges of the multi-gigabit wireless era. It delivers non-blocking performance, high availability, and scalability with multi-gigabit Ethernet access (2.5/5/10GbE), high PoE output with 802.3bt** support as well as 10 Gigabit Ethernet Aggregation and 40/100GbE uplink options.", "algorithms": [ "AES", "DES", "DSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3700", "Certificate Number": "3700", "Vendor Name": "Ruckus Wireless, Inc.", "Module Name": "FastIron ICX™ 7450 Series Switch/Router", "Module Type": "Hardware", "Validation Date": "08/17/202011/27/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3700.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3700", "detail_available": true, "module_name": "FastIron ICX™ 7450 Series Switch/Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When assembled as per Security Policy Table 3, and configured in FIPS Approved Mode as per Security Policy Section 8", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Ruckus ICX 7450 delivers unprecedented scale-out density with enterprise-class availability. With SDN support, a service module for IPsec VPN, and 40 GbE ports for uplinks all in a stackable design, these switches enable services to be added anywhere in the network.", "algorithms": [ "AES", "DES", "DSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3699", "Certificate Number": "3699", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux 7 Libreswan Cryptographic Module", "Module Type": "Software", "Validation Date": "08/17/202009/16/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3699.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3699", "detail_available": true, "module_name": "Oracle Linux 7 Libreswan Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 10 of the Security Policy. When operated in FIPS mode with Oracle Linux 7 NSS Cryptographic Module validated to FIPS 140-2 under Cert. #3616 operating in FIPS mode and Oracle Linux 7 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #3474 operating in FIPS mode.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Oracle Linux 7 Libreswan Cryptographic Module is a framework for providing cryptographic services to other network entities implementing the IKEv1 and IKEv2 protocols." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3698", "Certificate Number": "3698", "Vendor Name": "Ruckus Wireless, Inc.", "Module Name": "FastIron ICX™ 7750, ICX™ 7250 and ICX™ 7150 Series Switch/Router", "Module Type": "Hardware", "Validation Date": "08/17/202011/27/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3698.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3698", "detail_available": true, "module_name": "FastIron ICX™ 7750, ICX™ 7250 and ICX™ 7150 Series Switch/Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When the ICX7750 is assembled as per Security Policy Table 7, and configured in FIPS Approved Mode as per Security Policy Section 10", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The ICX 7750 switch delivers leading 10/40 GbE port density, advanced high-availability capabilities, and flexible stacking architecture, making for a robust Ruckus aggregation and core distributed chassis switch offering for enterprise LANs. The ICX 7250 switch combines enterprise-class features, manageability and the flexibility and \"pay as you grow\" scalability of a stackable solution. The ICX 7150 family of stackable switches delivers the performance, flexibility, and scalability required for enterprise access deployment.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3697", "Certificate Number": "3697", "Vendor Name": "Western Digital Corporation", "Module Name": "Ultrastar® DC HC530 TCG Enterprise HDD", "Module Type": "Hardware", "Validation Date": "08/17/202004/22/202201/27/202309/19/202301/24/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3697.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3697", "detail_available": true, "module_name": "Ultrastar® DC HC530 TCG Enterprise HDD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 2.1 and 7.2 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Western Digital self-encrypting 14TB Ultrastar® DC HC530 TCG Enterprise Hard-Disk drives meet or exceed the most demanding performance and security requirements. The Ultrastar DC HC530, utilize fifth-generation HelioSeal technology. Designed to handle workloads up to 550TB per year, the CMR based Ultrastar DC HC530 provides drop-in simplicity in enterprise and cloud data centers. TDMR technology and a third-generation dual-stage microactuator work together to enhance head-positioning accuracy and deliver better performance, data integrity and overall drive reliability.", "algorithms": [ "DRBG", "HMAC", "KDF" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3696", "Certificate Number": "3696", "Vendor Name": "Ruckus Wireless, Inc.", "Module Name": "Ruckus Wireless Cloudpath Enrollment System", "Module Type": "Software", "Validation Date": "08/12/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3696.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3696", "detail_available": true, "module_name": "Ruckus Wireless Cloudpath Enrollment System", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When operated per the Security Policy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Cloudpath Enrollment System (ES) software is a security and policy management platform that enables any IT organization to protect the network by easily and definitively securing users and their wired and wireless devices.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3695", "Certificate Number": "3695", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Firepower Threat Defense Cryptographic Module", "Module Type": "Hardware", "Validation Date": "08/06/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3695.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3695", "detail_available": true, "module_name": "Cisco Firepower Threat Defense Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shield installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The 1K is a family of three platforms, 1010 for desktop and 1120 and 1140 for rack mount. While the 2K is a family of four threat-focused NGFW security rack mount platforms. These are all next generation security services platforms capable of running multiple (firewall (NGFW), traffic management) security services simultaneously.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3693", "Certificate Number": "3693", "Vendor Name": "Ruckus Wireless, Inc.", "Module Name": "FastIron ICX™ 7850 Series Switch/Router", "Module Type": "Hardware", "Validation Date": "07/28/202011/27/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3693.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3693", "detail_available": true, "module_name": "FastIron ICX™ 7850 Series Switch/Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When configured in FIPS Approved Mode as per Security Policy Section 8", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Ruckus ICX™ 7850 Switch is designed to meet the challenges of high performance campus and data centers. It delivers non­blocking line-rate performance on all ports concurrently, with a switching capacity up to 6.4 Tbps. It supports the next generation Ethernet speeds with 10/25 Gigabit Ethernet at the aggregation and 40/100 Gigabit Ethernet at the core to meet high volume of traffic driving from the edge into the core. It also supports a rich array of routing protocols and delivers a range of high-availability hardware and software features.", "algorithms": [ "AES", "DES", "DSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3692", "Certificate Number": "3692", "Vendor Name": "Raonsecure Co., Ltd.", "Module Name": "Key# crypto", "Module Type": "Software", "Validation Date": "07/28/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3692.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3692", "detail_available": true, "module_name": "Key# crypto", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Key# crypto cryptographic module is a C-based multi-chip standalone dynamic library for Microsoft Windows, based purely in software." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3691", "Certificate Number": "3691", "Vendor Name": "NXP Semiconductors Netherlands B.V.", "Module Name": "SXF1800", "Module Type": "Hardware", "Validation Date": "07/28/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3691.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3691", "detail_available": true, "module_name": "SXF1800", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode; When installed, initialized and configured as specified in Section 8 of the Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The NXP RoadLINK SXF1800 Secure Element is supporting tamper resistant cryptographic functionality as required by V2X standards and applications. The SXF1800 is designed for configurable support for North American and European V2X standards defined to protect the integrity of exchanged safety messages and to enable authentication of V2X participants.", "algorithms": [ "AES", "CVL", "DRBG", "ECDSA", "KDF", "KTS", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3690", "Certificate Number": "3690", "Vendor Name": "Microsoft Corporation", "Module Name": "Virtual TPM", "Module Type": "Software", "Validation Date": "07/27/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3690.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3690", "detail_available": true, "module_name": "Virtual TPM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with the modules Kernel Mode Cryptographic Primitives Library validated to FIPS 140-2 under Cert. #3196 operating in FIPS mode and Code Integrity validated to FIPS 140-2 under Cert. #3644 operating in FIPS mode or Secure Kernel Code Integrity validated to FIPS 140-2 under Cert. #3651 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Virtual Trusted Platform Module (Virtual TPM or VTPM) is a dynamically linked library, TPMEngUM.dll, that provides TPM 2.0 cryptographic services to virtual machines that are running in guest partitions on the host Windows operating system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3689", "Certificate Number": "3689", "Vendor Name": "QinetiQ Limited", "Module Name": "QinetiQ BRACER™ Handset", "Module Type": "Hardware", "Validation Date": "07/23/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3689.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3689", "detail_available": true, "module_name": "QinetiQ BRACER™ Handset", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The BRACER Push-To-Talk (PTT) satellite radio communications device and service provides end-to-end encrypted, beyond line of sight (BLOS) voice in one-to-many push-to-talk (PTT) radio mode, Position Location Information and SOS emergency alerting." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3688", "Certificate Number": "3688", "Vendor Name": "KIOXIA Corporation", "Module Name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX04S model) Type C1", "Module Type": "Hardware", "Validation Date": "07/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3688.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3688", "detail_available": true, "module_name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX04S model) Type C1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive is used for solid state drive data security. This Cryptographic Module (CM) provides various cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, cryptographic erase, independently protected user data LBA bands, and FW download." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3687", "Certificate Number": "3687", "Vendor Name": "CGI Federal Inc.", "Module Name": "CGI Momentum™ Java Cryptographic Module", "Module Type": "Software", "Validation Date": "07/20/202009/30/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3687.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3687", "detail_available": true, "module_name": "CGI Momentum™ Java Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3080", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "CGI Momentum™ Java Cryptographic Module implements a wide array of cryptographic algorithms including Suite B algorithms. CGI Momentum™ product suite uses this module as Java JCA/JCE provider thus providing data at rest encryption, transport level encryption, PKI key management, digital signature generation and other crypto operations through a trusted and verified implementation.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3686", "Certificate Number": "3686", "Vendor Name": "VMware, Inc.", "Module Name": "VMware's VPN Crypto Module", "Module Type": "Software", "Validation Date": "07/20/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3686.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3686", "detail_available": true, "module_name": "VMware's VPN Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module VMware OpenSSL FIPS Object Module validated to FIPS 140-2 under Cert. #2839 operating in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security-relevant modification to Cert. #3542", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "VMware's VPN Crypto Module is a software cryptographic module whose purpose is to provide FIPS 140-2 validated cryptographic functions to various VMware applications utilizing VPN capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3685", "Certificate Number": "3685", "Vendor Name": "Teledyne Webb Research", "Module Name": "MiniCrypt", "Module Type": "Firmware", "Validation Date": "07/15/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3685.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3685", "detail_available": true, "module_name": "MiniCrypt", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 11 of the Security Policy", "module_type": "Firmware", "embodiment": "Multi-Chip Embedded", "description": "MiniCrypt is a general purpose firmware cryptographic module, to provide symmetric encryption, hashing, and message authentication code creation for resource constrained embedded systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3684", "Certificate Number": "3684", "Vendor Name": "STMicroelectronics", "Module Name": "Trusted Platform Module ST33TPHF20SPI & ST33TPHF20I2C", "Module Type": "Hardware", "Validation Date": "07/15/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3684.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3684", "detail_available": true, "module_name": "Trusted Platform Module ST33TPHF20SPI & ST33TPHF20I2C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Section 1.7 of the Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The Trusted Platform Module ST33TPHF20SPI & ST33TPHF20I2C (TPM) is a hardware cryptographic module which implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography, as well as key and random number generation. The TPM is a complete solution implementing the Trusted Platform Module Library Specification, Family \"2.0\", Level 00, Revision 01.16, October 2014 (ISO/IEC 11889:2015, Parts 1-4). See www.trustedcomputinggroup.org for further information on TCG and TPM." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3683", "Certificate Number": "3683", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu 18.04 Azure Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "07/15/202010/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3683.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3683", "detail_available": true, "module_name": "Ubuntu 18.04 Azure Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Ubuntu 18.04 Azure Kernel Crypto API module is a software module running as part of the operating system kernel that provides general purpose cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3682", "Certificate Number": "3682", "Vendor Name": "STMicroelectronics", "Module Name": "Trusted Platform Module ST33TPHF20SPI & ST33TPHF20I2C", "Module Type": "Hardware", "Validation Date": "07/15/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3682.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3682", "detail_available": true, "module_name": "Trusted Platform Module ST33TPHF20SPI & ST33TPHF20I2C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Section 1.7 of the Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The Trusted Platform Module ST33TPHF20SPI & ST33TPHF20I2C (TPM) is a hardware cryptographic module which implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography, as well as key and random number generation. The TPM is a complete solution implementing the Trusted Platform Module Library Specification, Family \"2.0\", Level 00, Revision 01.38, September 2016. See www.trustedcomputinggroup.org for further information on TCG and TPM." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3681", "Certificate Number": "3681", "Vendor Name": "STMicroelectronics", "Module Name": "Trusted Platform Module ST33TPHF2ESPI & ST33TPHF2EI2C", "Module Type": "Hardware", "Validation Date": "07/14/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3681.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3681", "detail_available": true, "module_name": "Trusted Platform Module ST33TPHF2ESPI & ST33TPHF2EI2C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Section 1.7 of the Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "ST Microelectronics Trusted Platform Module is a hardware cryptographic module which implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography, as well as key generation and random number generation as defined by the Trusted Computing Group (TCG) version 1.2 and version 2.0 specification." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3680", "Certificate Number": "3680", "Vendor Name": "STMicroelectronics", "Module Name": "Trusted Platform Module ST33TPHF2ESPI & ST33TPHF2EI2C", "Module Type": "Hardware", "Validation Date": "07/14/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3680.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3680", "detail_available": true, "module_name": "Trusted Platform Module ST33TPHF2ESPI & ST33TPHF2EI2C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Section 1.7 of the Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "ST Microelectronics Trusted Platform Module is a hardware cryptographic module which implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography, as well as key generation and random number generation as defined by the Trusted Computing Group (TCG) version 1.2 and version 2.0 specification." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3679", "Certificate Number": "3679", "Vendor Name": "Ruckus Wireless, Inc.", "Module Name": "Ruckus Networks SmartZone 104 (SZ-104), SmartZone 124 (SZ-124) and SmartZone 300 (SZ-300) WLAN Controllers", "Module Type": "Hardware", "Validation Date": "07/13/202012/01/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3679.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3679", "detail_available": true, "module_name": "Ruckus Networks SmartZone 104 (SZ-104), SmartZone 124 (SZ-124) and SmartZone 300 (SZ-300) WLAN Controllers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Sections 2 and 8 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "SmartZone network controllers simplify network set-up and management, enhance security, minimize troubleshooting and ease upgrades for networks built on Ruckus access points and switches. It doesn't stop there. Whether you're building complex multi-geo networks or delivering multi-tier managed networking services, SmartZone network controllers deliver the scale, flexibility and openness to support the most sophisticated deployment scenarios.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3678", "Certificate Number": "3678", "Vendor Name": "Google, LLC", "Module Name": "BoringCrypto", "Module Type": "Software", "Validation Date": "07/13/202007/05/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3678.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3678", "detail_available": true, "module_name": "BoringCrypto", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 12.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "A software library that contains cryptographic functionality to serve BoringSSL and other user-space applications.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3677", "Certificate Number": "3677", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks vSRX 3.0 Virtual Firewall", "Module Type": "Software", "Validation Date": "07/07/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3677.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3677", "detail_available": true, "module_name": "Juniper Networks vSRX 3.0 Virtual Firewall", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The vSRX Virtual Firewall delivers a complete virtual firewall solution, including advanced security, robust networking, and automated virtual machine life cycle management capabilities for service providers and enterprises. vSRX empowers security professionals to deploy and scale firewall protection in highly dynamic environments.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3676", "Certificate Number": "3676", "Vendor Name": "Enova Technology Corporation", "Module Name": "X-Wall MX+", "Module Type": "Hardware", "Validation Date": "07/02/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3676.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3676", "detail_available": true, "module_name": "X-Wall MX+", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. This validation entry is a non-security-relevant modification to Cert. #3014", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The X-Wall MX+ chip is real-time SATA-to-SATA single chip crypto module. Both FIPS certified authentication method and in-line 6Gbps AES ECB/CBC/XTS 256-bit encryption capability are provided. The modules can be populated directly onto either the mainboard or SATA drive interface. The cryptographic operation is OS independent and doesn’t require host CPU and memory interventions. The Module supports a standard SATA interface and is compliant with the Trusted Computing Group (TCG) SSC specification Opal 2.0.", "algorithms": [ "AES", "DRBG", "HMAC", "KAS", "KDF", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3675", "Certificate Number": "3675", "Vendor Name": "Enova Technology Corporation", "Module Name": "X-Wall MX+", "Module Type": "Hardware", "Validation Date": "07/02/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3675.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3675", "detail_available": true, "module_name": "X-Wall MX+", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. This validation entry is a non-security-relevant modification to Cert. #3013", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The X-Wall MX+ chip is real-time SATA-to-SATA single chip crypto module. Both FIPS certified authentication method and in-line 6Gbps AES ECB/CBC/XTS 256-bit encryption capability are provided. The modules can be populated directly onto either the mainboard or SATA drive interface. The cryptographic operation is OS independent and doesn’t require host CPU and memory interventions. The Module supports a standard SATA interface and is compliant with the Trusted Computing Group (TCG) SSC specification Opal 2.0.", "algorithms": [ "AES", "DRBG", "HMAC", "KAS", "KDF", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3674", "Certificate Number": "3674", "Vendor Name": "FUJIFILM Business Innovation Corp.", "Module Name": "FUJIFILM BI Cryptographic Kernel Module for A57", "Module Type": "Software", "Validation Date": "06/23/202004/16/202104/28/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3674.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3674", "detail_available": true, "module_name": "FUJIFILM BI Cryptographic Kernel Module for A57", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The FUJIFILM BI Cryptographic Kernel Module for A57 is a kernel module which operates as callback functions of WindRiver® Linux CryptoAPI." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3673", "Certificate Number": "3673", "Vendor Name": "VMware, Inc.", "Module Name": "VMware's BC-FJA (Bouncy Castle FIPS Java API)", "Module Type": "Software", "Validation Date": "06/22/202005/14/202103/07/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3673.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3673", "detail_available": true, "module_name": "VMware's BC-FJA (Bouncy Castle FIPS Java API)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "VMware’s BC-FJA (Bouncy Castle FIPS Java API) is a software cryptographic module that provides cryptographic functions and services to various VMware applications via a well-defined Java-language application programming interface (API).", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3672", "Certificate Number": "3672", "Vendor Name": "Treasure Cloud Pte.Ltd", "Module Name": "Treasure Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "06/18/202006/26/202005/21/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3672.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3672", "detail_available": true, "module_name": "Treasure Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Sections 5.2 and 11 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The Treasure Cryptographic Module is the cryptographic component of Treasure's Treasure Vault product, which provides HSM-grade security for managing cryptographic keys and protecting sensitive data. This solution leverages on Intel ® SGX technology and allows enterprises to protect data at all states: at rest, in motion and in use" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3671", "Certificate Number": "3671", "Vendor Name": "Infinera", "Module Name": "Infinera Cloud Xpress CX-1200F", "Module Type": "Hardware", "Validation Date": "06/16/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3671.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3671", "detail_available": true, "module_name": "Infinera Cloud Xpress CX-1200F", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 12 of the Security Policy and the tamper evident seals and accessories installed as indicated in the Security Policy Section 11.1", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Infinera Cloud Xpress CX-1200F incorporates Infinera’s Infinite Capacity Engine to deliver a 1.2 Tb/s wavelength-division multiplexing (WDM) super-channel in only 1 rack unit (1RU). Flexible 10/40/100 GbE support enables a smooth transition from 10 GbE and 40 GbE clients to 100 GbE. Multiple Cloud Xpress CX-1200F units can be racked, stacked and managed as a single unit in order to scale capacity up to 27.6 Tb/s per fiber pair. Data center operators can start by using a fraction of the platform’s capacity and scale up as needed without requiring any new installation or configuration." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3670", "Certificate Number": "3670", "Vendor Name": "Thales", "Module Name": "IDPrime 930 / 3930", "Module Type": "Hardware", "Validation Date": "06/16/202007/05/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3670.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3670", "detail_available": true, "module_name": "IDPrime 930 / 3930", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "IDPrime 930 & 3930 are Minidriver enabled PKI smartcards, contact (930) and dual interface (3930), offering all the necessary services (with either RSA up to 4096 key length or Elliptic curves algorithms) to secure an IT Security and ID access infrastructure. It's includes a re-initialization feature for customers who are not using a CMS.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "KAS", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3669", "Certificate Number": "3669", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-5001E1 Blade with FortiGate-5144C Chassis", "Module Type": "Hardware", "Validation Date": "06/12/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3669.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3669", "detail_available": true, "module_name": "FortiGate-5001E1 Blade with FortiGate-5144C Chassis", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy with the tamper evident seals installed as indicated in the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiGate-5001E1 is an ATCA, blade based, multiple chip, standalone cryptographic module consisting of production grade components contained in a physically protected enclosure in accordance with FIPS 140-2 Level 2 requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3668", "Certificate Number": "3668", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks MX204 3D Universal Edge Router and EX9251 Ethernet Switch", "Module Type": "Hardware", "Validation Date": "06/11/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3668.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3668", "detail_available": true, "module_name": "Juniper Networks MX204 3D Universal Edge Router and EX9251 Ethernet Switch", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 1.2, 1.3 and 6 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Juniper MX and EX9200 Series are comprehensive, Scalable and secure switching and routing solutions specifically designed to meet the needs of campus, enterprises and service providers. They deliver high performance, reliability and scale to enable a cost-effective solution.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3667", "Certificate Number": "3667", "Vendor Name": "Trend Micro Inc.", "Module Name": "Deep Discovery Analyzer OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "06/04/202009/06/202209/27/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3667.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3667", "detail_available": true, "module_name": "Deep Discovery Analyzer OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "This validation entry is a non-security-relevant modification to Cert. #2398. When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Deep Discovery Analyzer OpenSSL Cryptographic Module is a software library providing a C-language application program interface (API) for use by other processes that require cryptographic functionality.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3666", "Certificate Number": "3666", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "06/03/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3666.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3666", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3665", "Certificate Number": "3665", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "06/02/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3665.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3665", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3664", "Certificate Number": "3664", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu 18.04 AWS Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "06/01/202010/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3664.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3664", "detail_available": true, "module_name": "Ubuntu 18.04 AWS Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Ubuntu 18.04 AWS Kernel Crypto API module is a software module running as part of the operating system kernel that provides general purpose cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3663", "Certificate Number": "3663", "Vendor Name": "Cloudian, Inc.", "Module Name": "Cloudian cryptographic module", "Module Type": "Software", "Validation Date": "05/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3663.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3663", "detail_available": true, "module_name": "Cloudian cryptographic module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security-relevant modification to Cert. #2398.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Cloudian cryptographic module is an element of Cloudian HyperStore. Cloudian HyperStore is a software-defined object storage platform that provides a secure multi-tenant data store for unstructured data. HyperStore object storage can be deployed and scaled out as a global cluster of nodes to deliver capacity storage which scales seamlessly. It's the industry's most compatible S3 API based object storage solution.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3662", "Certificate Number": "3662", "Vendor Name": "SK hynix NAND Product Solutions Corp, DBA Solidigm", "Module Name": "Solidigm DC SSD D7-D4512", "Module Type": "Hardware", "Validation Date": "05/29/202006/22/202007/24/202110/28/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3662.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3662", "detail_available": true, "module_name": "Solidigm DC SSD D7-D4512", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper-evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Solidigm SSD D7-D4512 Series is a PCIe* Gen3 SSD architected with a dual-port, NVMe* (Non-Volatile Memory Express*) controller delivering leading performance, low latency, and high availability. Matching the performance with world-class reliability and endurance, Solidigm SSD D7-D4512 Series offers a range of capacities - 1.92 TB, 3.84 TB, 7.68 TB, and 15.36 TB. With PCIe Gen 3 support and NVMe specification 1.2b implementation, the Solidigm SSD D7-D4512 Series is designed to support active/active dual port and recovery during fail over when one of the hosts becomes unavailable.", "algorithms": [ "AES", "DRBG", "HMAC", "KDF", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3661", "Certificate Number": "3661", "Vendor Name": "Rambus Global Inc., Finnish branch", "Module Name": "SafeZone FIPS Cryptographic Module", "Module Type": "Software", "Validation Date": "05/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3661.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3661", "detail_available": true, "module_name": "SafeZone FIPS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Inside Secure FIPS Cryptographic Module is a FIPS 140-2 Security Level 1 validated software cryptographic module from INSIDE Secure. The module is a toolkit which provides the most commonly needed cryptographic primitives for a large variety of applications, including but not limited to, primitives needed for DAR, DRM, TLS, and VPN on mobile devices.", "algorithms": [ "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3660", "Certificate Number": "3660", "Vendor Name": "Barco n.v.", "Module Name": "Barco ICMP", "Module Type": "Hardware", "Validation Date": "05/27/202006/21/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3660.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3660", "detail_available": true, "module_name": "Barco ICMP", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. The protocol TLS shall not be used when operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "DCI compliant Barco integrated Image Media Block." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3659", "Certificate Number": "3659", "Vendor Name": "Apricorn", "Module Name": "Apricorn FIPS 140-2 Encryption System Gen 2", "Module Type": "Hardware", "Validation Date": "05/27/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3659.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3659", "detail_available": true, "module_name": "Apricorn FIPS 140-2 Encryption System Gen 2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 11.1 of the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The AFESG2 is a FIPS 140-2 Level 2 validated complete encryption system. Its software-free design allows interface to any host that supports USB and mass storage. All CSPs (PINs, encryption keys, etc.) are protected and never leave the module boundary for improved security. The device supports 1 Admin, 4 Users and offers a variety of features including forced enrollment, programmable brute force, recovery PINs, 7-16 digit PINs, auto lock, read-only modes, and is compatible with Apricorn’s Aegis Configurator. The AFESG2 is used in the Aegis Fortress, Padlock DT FIPS and Padlock SSD." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3658", "Certificate Number": "3658", "Vendor Name": "SonicWall, Inc.", "Module Name": "SonicWALL TZ 300/TZ 300W, TZ 300P, TZ 350/TZ 350W, TZ 400/TZ 400W, TZ 500/TZ 500W, TZ 600, TZ 600P, SOHO W, SOHO 250/SOHO 250W, SM 9200, SM 9400, SM 9600 and NSa 2650, NSa 3600, NSa 3650, NSa 4600, NSa 4650, NSa 5600, NSa 5650, NSa 6600, NSa 6650, NSa 9250, NSa 9450, NSa 9650", "Module Type": "Hardware", "Validation Date": "05/26/202005/17/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3658.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3658", "detail_available": true, "module_name": "SonicWALL TZ 300/TZ 300W, TZ 300P, TZ 350/TZ 350W, TZ 400/TZ 400W, TZ 500/TZ 500W, TZ 600, TZ 600P, SOHO W, SOHO 250/SOHO 250W, SM 9200, SM 9400, SM 9600 and NSa 2650, NSa 3600, NSa 3650, NSa 4600, NSa 4650, NSa 5600, NSa 5650, NSa 6600, NSa 6650, NSa 9250, NSa 9450, NSa 9650", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The SonicWall family of firewalls tightly integrates intrusion prevention, malware protection, Application Intelligence and Control with real-time Visualization. Dell SonicWALL Reassembly-Free Deep Packet Inspection engine scans 100% of traffic and massively scales to meet needs of the most high-performance networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3657", "Certificate Number": "3657", "Vendor Name": "Metaswitch Networks Ltd", "Module Name": "OpenSSL Cryptographic Module for Perimeta SBC", "Module Type": "Software", "Validation Date": "05/26/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3657.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3657", "detail_available": true, "module_name": "OpenSSL Cryptographic Module for Perimeta SBC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Perimeta is the first cloud native virtualized session border controller (vSBC) proven to deliver the Session Initiation Protocol (SIP) interworking and security performance demanded of large-scale rich communications services. The OpenSSL cryptographic module provides cryptographic services to the users of the Perimeta SBC." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3656", "Certificate Number": "3656", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 9800 Wireless Controllers running IOS-XE 16.10", "Module Type": "Hardware", "Validation Date": "05/20/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3656.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3656", "detail_available": true, "module_name": "Cisco Catalyst 9800 Wireless Controllers running IOS-XE 16.10", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 11 and operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Series Wireless Controllers, are a highly scalable and flexible platform that enables system-wide services for mission-critical wireless networking in medium-sized to large enterprises and campus environments.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3655", "Certificate Number": "3655", "Vendor Name": "Identity Automation", "Module Name": "RapidIdentity FIPS Cryptographic Module", "Module Type": "Software", "Validation Date": "05/20/202007/13/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3655.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3655", "detail_available": true, "module_name": "RapidIdentity FIPS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #2792.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The RapidIdentity FIPS Cryptographic Module for Windows is a cryptographic engine for Windows Server. The module delivers core cryptographic functions to Identity Automation’s RapidIdentity MFA server, providing a multitude of authentication methods. The RapidIdentity FIPS Cryptographic Module leverages industry leading, FIPS approved cryptographic algorithms provided by the Bouncy Castle FIPS .NET and Java APIs.", "algorithms": [ "AES", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3654", "Certificate Number": "3654", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-6301F/6501F", "Module Type": "Hardware", "Validation Date": "05/19/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3654.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3654", "detail_available": true, "module_name": "FortiGate-6301F/6501F", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy with the tamper evident seals and entropy token installed as indicated in the Security Policy. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiGate-6301F and FortiGate-6501F are multiple chip, standalone cryptographic modules consisting of production grade components contained in a physically protected enclosure in accordance with FIPS 140-2 Level 2 requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3653", "Certificate Number": "3653", "Vendor Name": "Gigamon Inc.", "Module Name": "GigaVUE-HC2 Visibility Appliance", "Module Type": "Hardware", "Validation Date": "05/18/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3653.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3653", "detail_available": true, "module_name": "GigaVUE-HC2 Visibility Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The GigaVUE-HC2 visibility node comes in a modular, mid-sized form factor to address complex network visibility requirements for both enterprise and service provider networks. With a broad spectrum of traffic management capabilities and a versatile, high-performance, multi-purpose design, GigaVUE-HC2 helps to future-proof IT." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3652", "Certificate Number": "3652", "Vendor Name": "Amazon Web Services, Inc.", "Module Name": "Amazon Linux 2 Libreswan Cryptographic Module", "Module Type": "Software", "Validation Date": "05/08/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3652.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3652", "detail_available": true, "module_name": "Amazon Linux 2 Libreswan Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Amazon Linux 2 NSS Cryptographic Module validated to FIPS 140-2 under Cert. #3646 operating in FIPS mode and Amazon Linux 2 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #3553 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Amazon Linux 2 Libreswan Cryptographic Module implements IKE protocol version 1 and version 2." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3651", "Certificate Number": "3651", "Vendor Name": "Microsoft Corporation", "Module Name": "Secure Kernel Code Integrity", "Module Type": "Software", "Validation Date": "05/07/202010/05/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3651.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3651", "detail_available": true, "module_name": "Secure Kernel Code Integrity", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Windows OS Loader validated to FIPS 140-2 under Cert. #3615 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Secure Kernel Code Integrity (SKCI) running in the Virtual Secure Mode (VSM) of the Hyper-V hypervisor will only grant execute access to physical pages in the kernel that have been successfully verified. Executable pages will not have write permission outside of Hyper-V. Therefore, only verified code can be executed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3650", "Certificate Number": "3650", "Vendor Name": "STMicroelectronics", "Module Name": "Trusted Platform Module ST33TPHF2XSPI [A], ST33TPHF2XI2C [B], ST33GTPMASPI [C], ST33GTPMAI2C [D], ST33GTPMISPI [E] & ST33GTPMII2C [F]", "Module Type": "Hardware", "Validation Date": "05/06/202008/20/202012/11/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3650.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3650", "detail_available": true, "module_name": "Trusted Platform Module ST33TPHF2XSPI [A], ST33TPHF2XI2C [B], ST33GTPMASPI [C], ST33GTPMAI2C [D], ST33GTPMISPI [E] & ST33GTPMII2C [F]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Section 1.7 of the Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The Trusted Platform Module ST33TPHF2XSPI, ST33TPHF2XI2C, ST33GTPMASPI & ST33GTPMAI2C (TPM) is a hardware cryptographic module which implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography, as well as key and random number generation. The TPM is a complete solution implementing the Trusted Platform Module Library Specification, Family \"2.0\", Level 00, Revision 01.38, September 2016. See www.trustedcomputinggroup.org for further information on TCG and TPM." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3649", "Certificate Number": "3649", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "05/05/202006/25/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3649.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3649", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3648", "Certificate Number": "3648", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu 18.04 Strongswan Cryptographic Module", "Module Type": "Software", "Validation Date": "04/29/202011/30/202009/21/202110/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3648.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3648", "detail_available": true, "module_name": "Ubuntu 18.04 Strongswan Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Section 9.1 of the Security Policy with module Ubuntu OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #3622 operating in FIPS mode and with module Ubuntu Kernel Crypto API Cryptographic Module validated to FIPS140-2 under Cert. #3647 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Ubuntu 18.04 Strongswan Cryptographic Module provides cryptographic services for the Internet Key Exchange (IKE) protocol in the Ubuntu Operating System user space." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3647", "Certificate Number": "3647", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu 18.04 Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "04/24/202006/17/202009/21/202110/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3647.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3647", "detail_available": true, "module_name": "Ubuntu 18.04 Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Ubuntu 18.04 Kernel Crypto API module is a software module running as part of the operating system kernel that provides general purpose cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3646", "Certificate Number": "3646", "Vendor Name": "Amazon Web Services, Inc.", "Module Name": "Amazon Linux 2 NSS Cryptographic Module", "Module Type": "Software", "Validation Date": "04/20/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3646.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3646", "detail_available": true, "module_name": "Amazon Linux 2 NSS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 10.2 of the Security Policy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Amazon Linux 2 NSS Cryptographic Module is a set of libraries designed to support cross-platform development of security-enabled applications. These applications may support the TLS protocol, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards supporting FIPS 140-2 validated cryptographic algorithms.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3645", "Certificate Number": "3645", "Vendor Name": "SideChannel Inc.", "Module Name": "SideChannel Polymorphic Encryption Module - Mobile", "Module Type": "Software", "Validation Date": "04/20/202003/09/202205/15/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3645.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3645", "detail_available": true, "module_name": "SideChannel Polymorphic Encryption Module - Mobile", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #1938", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The SideChannel Polymorphic Encryption Module - Mobile (PEM-M) provides FIPS 140-2 validated encryption for mobile devices and is deployed with SideChannel’s next-gen Polymorphic Key Progression Algorithm (PKPA) solution to enhance standard encryption through the process of polymorphism. The PEM-M features robust algorithm support, suitable for the latest cryptography suites (Suite B, CNSA and beyond).", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3644", "Certificate Number": "3644", "Vendor Name": "Microsoft Corporation", "Module Name": "Code Integrity", "Module Type": "Software", "Validation Date": "04/20/202010/05/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3644.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3644", "detail_available": true, "module_name": "Code Integrity", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Windows OS Loader validated to FIPS 140-2 under Cert. #3615 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Code Integrity (ci.dll) verifies the integrity of executable files, including kernel mode drivers, critical system components, and user mode cryptographic modules as they are loaded into memory from the disk." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3643", "Certificate Number": "3643", "Vendor Name": "Amazon Web Services, Inc.", "Module Name": "Amazon Linux 2 GnuTLS Cryptographic Module", "Module Type": "Software", "Validation Date": "04/20/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3643.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3643", "detail_available": true, "module_name": "Amazon Linux 2 GnuTLS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 10.1 of the Security Policy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Amazon Linux 2 GnuTLS Cryptographic Module implements general purpose cryptographic algorithms and network protocols.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3642", "Certificate Number": "3642", "Vendor Name": "Leonovus Inc.", "Module Name": "Leonovus Cryptographic Module", "Module Type": "Software", "Validation Date": "04/20/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3642.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3642", "detail_available": true, "module_name": "Leonovus Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Whether data is in-flight or at rest, whether it is whole and in one place or fragmented and distributed across the infrastructure, the Leonovus Cryptographic Module ensures the critical data elements are secured with state-of-the-art encryption and decryption algorithms. Because of the Leonovus Cryptographic Module, the IT organization retains control over the keys independent of the storage infrastructure and services. In this manner, IT regains its control over the data while greatly improving the flexibility on where it flows and resides.", "algorithms": [ "AES", "DSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3641", "Certificate Number": "3641", "Vendor Name": "General Dynamics Mission Systems", "Module Name": "GD Crypto Core Shared Library", "Module Type": "Software", "Validation Date": "04/08/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3641.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3641", "detail_available": true, "module_name": "GD Crypto Core Shared Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The GD Crypto Core is a C language shared library which is dynamically linked to the calling application and is loaded into memory for execution by the operating system loader. The GD Crypto Core provides a C language Application Program Interface (API) for use by applications that require authenticated encryption and integrity." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3640", "Certificate Number": "3640", "Vendor Name": "GDC Technology (USA) LLC", "Module Name": "Standalone IMB", "Module Type": "Hardware", "Validation Date": "04/07/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3640.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3640", "detail_available": true, "module_name": "Standalone IMB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "A digital cinema standalone integrated media block that is compliant with DCI specifications and SMPTE digitial cinema standards. The supported features include JPEG2000 decoding, AES decryption, key management and logging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3639", "Certificate Number": "3639", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiOS 5.6", "Module Type": "Firmware", "Validation Date": "04/02/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3639.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3639", "detail_available": true, "module_name": "FortiOS 5.6", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiOS is a firmware based operating system that runs exclusively on Fortinet's FortiGate/FortiWiFi product family. The FortiOS provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering and traffic shaping and HA capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3638", "Certificate Number": "3638", "Vendor Name": "Super Micro Computer, Inc.", "Module Name": "Supermicro FIPS Object Module for OpenSSL", "Module Type": "Software", "Validation Date": "03/31/202007/10/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3638.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3638", "detail_available": true, "module_name": "Supermicro FIPS Object Module for OpenSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security relevant modification to Cert. #3503.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Supermicro FIPS Object Module for OpenSSL is a general-purpose cryptographic module integrated in Supermicro products to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3637", "Certificate Number": "3637", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "ACT2Lite Cryptographic Module", "Module Type": "Hardware", "Validation Date": "03/23/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3637.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3637", "detail_available": true, "module_name": "ACT2Lite Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "ACT2-Lite (Anti-Counterfeit Technology 2 Lite) is the ACT family (ACT 1T, Quack 1 and 2) next generation. It is an ancillary security device containing product identity information and assertion functionality to support product identity for various usages including anti-counterfeit functionality as well as other security functionality to be used across many different hardware platforms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3636", "Certificate Number": "3636", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Cloud Infrastructure Cryptographic Library for Kubernetes", "Module Type": "Software", "Validation Date": "03/23/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3636.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3636", "detail_available": true, "module_name": "Oracle Cloud Infrastructure Cryptographic Library for Kubernetes", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 11.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "A Software cryptographic library that contains FIPS Approved cryptography to serve Kubernetes and the Google Go programing language and application ecosystem.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3635", "Certificate Number": "3635", "Vendor Name": "Crown Sterling Limited, LLC", "Module Name": "Crown Sterling Cryptographic Module", "Module Type": "Software", "Validation Date": "03/23/202005/07/202005/08/202003/16/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3635.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3635", "detail_available": true, "module_name": "Crown Sterling Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3273.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Crown Sterling Cryptographic Module is a standards-based “Drop-in Compliance” cryptographic engine for servers, desktops, and digital device appliances. The module delivers core cryptographic functions to platforms and features robust algorithm support, including some Suite B algorithms. Crown Sterling Cryptographic Module offloads functions for secure key management, data integrity, data at rest encryption, data in motion encryption, and secure communication to a trusted implementations.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3634", "Certificate Number": "3634", "Vendor Name": "GE MDS LLC", "Module Name": "Orbit MCR and Orbit ECR", "Module Type": "Hardware", "Validation Date": "03/20/202007/05/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3634.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3634", "detail_available": true, "module_name": "Orbit MCR and Orbit ECR", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The GE MDS Orbit Multiservice Connect Router (MCR) and Edge Connect Router (ECR) modules are secure wireless communications devices, which operate on cellular bands (2G/3G/4G LTE), licensed and unlicensed bands, and 802.11 Wi-Fi. The modules are available in two form factors (MCR and ECR), with different port/interface configurations available for each.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3633", "Certificate Number": "3633", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu 18.04 OpenSSH Client Cryptographic Module", "Module Type": "Software", "Validation Date": "03/12/202009/14/202009/21/202110/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3633.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3633", "detail_available": true, "module_name": "Ubuntu 18.04 OpenSSH Client Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Section 9.1 of the Security Policy with module Ubuntu 18.04 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #3622 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Ubuntu 18.04 OpenSSH Client cryptographic module provides the client-side component for an SSH protocol version 2 protected communication channel. Its cryptographic mechanisms use the OpenSSL library in FIPS 140-2 mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3632", "Certificate Number": "3632", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu 18.04 OpenSSH Server Cryptographic Module", "Module Type": "Software", "Validation Date": "03/12/202009/14/202009/21/202110/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3632.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3632", "detail_available": true, "module_name": "Ubuntu 18.04 OpenSSH Server Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Section 9.1 of the Security Policy with module Ubuntu 18.04 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #3622 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Ubuntu 18.04 OpenSSH Server cryptographic module provides the server-side component for an SSH protocol version 2 protected communication channel. Its cryptographic mechanisms use the OpenSSL library in FIPS 140-2 mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3631", "Certificate Number": "3631", "Vendor Name": "Canon Inc.", "Module Name": "Canon MFP Security Chip", "Module Type": "Hardware", "Validation Date": "03/12/202003/15/202112/14/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3631.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3631", "detail_available": true, "module_name": "Canon MFP Security Chip", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys per Note *1 to Table 7 of the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Canon MFP Security Chip handles cryptography for the storage device of the Canon MFP/printer. The Canon MFP Security Chip realizes high-speed data encryption/decryption through a serial ATA interface, using AES XTS mode. This allows the Canon MFP/printer's storage device to be protected against the risk of information leakage, without compromising objectives such as extensibility, flexibility, usability, and high performance.", "algorithms": [ "AES", "DRBG", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3630", "Certificate Number": "3630", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll)", "Module Type": "Software", "Validation Date": "03/06/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3630.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3630", "detail_available": true, "module_name": "Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Microsoft Windows Cryptographic Primitives Library is a general purpose, software-based, cryptographic module. The primitive provider functionality is offered through one cryptographic module, BCRYPT.DLL (version 8.00.6273), subject to FIPS 140-2 validation. BCRYPT.DLL provides cryptographic services, through its documented interfaces, to Windows Embedded Compact 2013 components and applications running on Windows Embedded Compact 2013." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3629", "Certificate Number": "3629", "Vendor Name": "F5 Networks", "Module Name": "F5® Device Cryptographic Module", "Module Type": "Hardware", "Validation Date": "03/04/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3629.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3629", "detail_available": true, "module_name": "F5® Device Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS Mode and configured as specified in the section 8 of the Security Policy with tamper evident labels contained in F5-ADD-BIG-FIPS140 kit and installed as indicated in the Security Policy section 4.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "F5® Device Cryptographic Module, Application Delivery Controller and Firewall software running on F5 BIG-IP and VIPRION hardware." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3628", "Certificate Number": "3628", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiProxy-400E/2000E/4000E", "Module Type": "Hardware", "Validation Date": "03/04/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3628.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3628", "detail_available": true, "module_name": "FortiProxy-400E/2000E/4000E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "FortiProxy is a secure web/application proxy that protects users against internet-borne attacks by incorporating multiple detection techniques such as web filtering, DNS filtering, data loss prevention, antivirus, intrusion prevention and advanced threat protection. It helps enterprises enforce internet compliance using granular application control." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3627", "Certificate Number": "3627", "Vendor Name": "Digital Guardian, LLC", "Module Name": "Verdasys Secure Cryptographic Module", "Module Type": "Software", "Validation Date": "03/03/202003/20/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3627.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3627", "detail_available": true, "module_name": "Verdasys Secure Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Verdasys Secure Cryptographic Module, VSEC.SYS, is a software module that provides cryptographic services for Digital Guardian's DG Agent for Windows endpoint products. The Verdasys Secure Cryptographic Module is leveraged in a variety of functions including securing communication, protecting agent components, and file encryption.", "algorithms": [ "AES", "DRBG", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3626", "Certificate Number": "3626", "Vendor Name": "Veritas Technologies LLC", "Module Name": "Veritas Cryptographic Module for Java", "Module Type": "Software", "Validation Date": "03/02/202003/06/202006/12/202006/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3626.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3626", "detail_available": true, "module_name": "Veritas Cryptographic Module for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3080.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Veritas Cryptographic Module delivers core cryptographic functions for use in various products from Veritas. It provides secure key management for Information Studio users and services, secure communications for clients that are making API calls to Information Studio, secure internal communication between the Information Studio components, secure at-rest encryption for confidential user data and secure communications for Information Studio services transmitting data to and from external services.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3625", "Certificate Number": "3625", "Vendor Name": "Darktrace Limited", "Module Name": "Darktrace Cryptographic Module", "Module Type": "Software", "Validation Date": "03/02/202003/16/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3625.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3625", "detail_available": true, "module_name": "Darktrace Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3273.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Darktrace Cryptographic Module provides cryptographic functionality within the Darktrace Cyber AI Platform, a self-learning cyber AI technology that detects and responds to novel attacks and insider threats at an early stage across various parts of an enterprise including within IT, email, industrial and cloud environments.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3624", "Certificate Number": "3624", "Vendor Name": "Socionext Inc.", "Module Name": "Socionext Secure Module", "Module Type": "Hardware", "Validation Date": "02/26/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3624.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3624", "detail_available": true, "module_name": "Socionext Secure Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The Socionext Secure Module is a hardware module implemented as a sub-chip cryptographic subsystem running on a single-chip standalone processor. The module provides services such as Encryption/Decryption, MAC Generation, Generation of Hash Values, Signature Generation/Verification, Key Derivation, Key Wrapping, Key Management and so on." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3623", "Certificate Number": "3623", "Vendor Name": "F5 Networks", "Module Name": "F5® vCMP Cryptographic Module", "Module Type": "Firmware", "Validation Date": "02/26/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3623.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3623", "detail_available": true, "module_name": "F5® vCMP Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed and configured as specified in the section 8 of the Security Policy with tamper evident labels contained in F5-ADD-BIG-FIPS140 kit and affixed as indicated in the Security Policy section 4.", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "F5® vCMP Cryptographic Module, Application Delivery Controller and Firewall software running on F5 BIG-IP and VIPRION hardwares." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3622", "Certificate Number": "3622", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu 18.04 OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "02/25/202010/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3622.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3622", "detail_available": true, "module_name": "Ubuntu 18.04 OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Sections 9.1 of the Security Policy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "OpenSSL is an open-source library of various cryptographic algorithms written mainly in C." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3621", "Certificate Number": "3621", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks MX80, MX104, MX240, MX480, MX960 3D Universal Edge Routers with RE-S-X6-64G/RE-S-X6-128G Routing Engine and MIC-MACSEC-20GE MACSec Card", "Module Type": "Hardware", "Validation Date": "02/24/202003/23/202003/12/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3621.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3621", "detail_available": true, "module_name": "Juniper Networks MX80, MX104, MX240, MX480, MX960 3D Universal Edge Routers with RE-S-X6-64G/RE-S-X6-128G Routing Engine and MIC-MACSEC-20GE MACSec Card", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 1.2 and 6 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Juniper Networks MX Series is a robust portfolio of SDN enabled routing and switching platforms that provide industry leading system capacity, density, security and performance. MX80 and MX104 are fixed configuration platforms that support modular interfaces. MIC-MACSEC-20GE provides GCM-AES-256 MACSEC encryption.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3620", "Certificate Number": "3620", "Vendor Name": "Hypori Inc.", "Module Name": "Hypori Cryptographic Module for BoringSSL", "Module Type": "Software", "Validation Date": "02/21/202002/17/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3620.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3620", "detail_available": true, "module_name": "Hypori Cryptographic Module for BoringSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 12.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security-relevant modification to Cert. #3318", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "A software library that contains cryptographic functionality to serve BoringSSL and other user-space applications.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3619", "Certificate Number": "3619", "Vendor Name": "Cyphre Security Solutions, LLC", "Module Name": "Cyphre Crypto Core", "Module Type": "Software-Hybrid", "Validation Date": "02/20/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3619.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3619", "detail_available": true, "module_name": "Cyphre Crypto Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "This OpenSSL library implementation provides services for the Cyphre Crypto Core appliance that enables the BlackTIE hardware cryptographic engine for all secure communication solutions, including but not limited to SSL/TLS, Data Protection, Encryption Gateways, PKI and Certificate/Key lifecycle management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3618", "Certificate Number": "3618", "Vendor Name": "Amazon Web Services, Inc.", "Module Name": "Amazon Linux 2 Libgcrypt Cryptographic Module", "Module Type": "Software", "Validation Date": "02/19/202003/25/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3618.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3618", "detail_available": true, "module_name": "Amazon Linux 2 Libgcrypt Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Amazon Linux 2 Libgcrypt Cryptographic Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for the applications running on Amazon Linux 2.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3617", "Certificate Number": "3617", "Vendor Name": "Amazon Web Services, Inc.", "Module Name": "AWS Key Management Service HSM", "Module Type": "Hardware", "Validation Date": "02/19/202006/08/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3617.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3617", "detail_available": true, "module_name": "AWS Key Management Service HSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Amazon AWS Key Management Service HSM is a multi-chip standalone hardware cryptographic appliance designed to provide dedicated cryptographic functions to meet the security and scalability requirements of the AWS Key Management Service (KMS). The cryptographic boundary is defined as the secure chassis of the appliance. All key materials are maintained exclusively in volatile memory in the appliance and are erased immediately upon detection of physical tampering.", "algorithms": [ "AES", "CVL", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3616", "Certificate Number": "3616", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux 7 NSS Cryptographic Module", "Module Type": "Software", "Validation Date": "02/19/202005/06/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3616.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3616", "detail_available": true, "module_name": "Oracle Linux 7 NSS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Oracle Linux is a set of cryptographic libraries, services, and user level cryptographic applications that are validated at FIPS 140-2 level 1, providing a secure foundation for vendor use in developing dependent services, applications, and even purpose built appliances that may be FIPS 140-2 validated." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3615", "Certificate Number": "3615", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows OS Loader", "Module Type": "Software", "Validation Date": "02/06/202003/23/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3615.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3615", "detail_available": true, "module_name": "Windows OS Loader", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Boot Manager validated to FIPS 140-2 under Cert. #3089 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The BitLocker® Windows OS Loader loads the boot-critical driver and OS kernel image files." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3614", "Certificate Number": "3614", "Vendor Name": "KRYPTUS S.A.", "Module Name": "ASI-HSM AHX5 KNET Cryptographic Module", "Module Type": "Hardware", "Validation Date": "02/04/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3614.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3614", "detail_available": true, "module_name": "ASI-HSM AHX5 KNET Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The module exists to provide cryptographic services to applications running on behalf of its users which communicate with it via a standard Ethernet interface using IP protocols. In order to provide these services, the module also requires a power supply. The module is usually sold embedded within a stand-alone network appliance. That appliance is typically used in large-scale cloud infrastructures, where ease of remote configuration and operation is required." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3613", "Certificate Number": "3613", "Vendor Name": "Trend Micro, Inc.", "Module Name": "Trend Micro NSS Crypto Module", "Module Type": "Software", "Validation Date": "01/31/202012/09/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3613.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3613", "detail_available": true, "module_name": "Trend Micro NSS Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security relevant modification to Cert. #2997", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Trend Micro NSS Crypto Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for Trend Micro components.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3612", "Certificate Number": "3612", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung NVMe TCG Opal SSC SEDs PM1723b Series", "Module Type": "Hardware", "Validation Date": "01/29/202006/09/202003/30/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3612.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3612", "detail_available": true, "module_name": "Samsung NVMe TCG Opal SSC SEDs PM1723b Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Rules Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Samsung NVMe TCG Opal SSC SEDs PM1723b Series are a high-performance Self-Encrypting SSDs supporting NVMe Interface that provides on-the-fly encryption/decryption of user data without performance loss. It implements AES256-XTS for user data encryption, ECDSA P-224 for FW authentication, and Hash_DRBG for key generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3611", "Certificate Number": "3611", "Vendor Name": "RSA", "Module Name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module", "Module Type": "Software", "Validation Date": "01/28/202002/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3611.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3611", "detail_available": true, "module_name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3610", "Certificate Number": "3610", "Vendor Name": "Thales Group", "Module Name": "Thales Advanced Security Platform (TASP)", "Module Type": "Hardware", "Validation Date": "01/24/202001/29/202001/28/202102/24/202110/01/202110/06/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3610.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3610", "detail_available": true, "module_name": "Thales Advanced Security Platform (TASP)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Thales Advanced Security Platform is a Thales Group (Thales) multi-chip embedded FIPS 140-2 Validated cryptographic module inside the payShield 10000 family of hardware security modules used in the Banking and Finance sector to secure card-based payment transactions. TASP provides functionality for secure loading and/or upgrading of applications used in a range of Thales products. The module ensures tamper resistance and that only applications that have been cryptographically signed by Thales can be loaded into the module.", "algorithms": [ "ECDSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3609", "Certificate Number": "3609", "Vendor Name": "Raytheon Company", "Module Name": "Raytheon Cryptographic Module for Java", "Module Type": "Software", "Validation Date": "01/24/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3609.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3609", "detail_available": true, "module_name": "Raytheon Cryptographic Module for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3080.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Raytheon Cryptographic Module for Java is a standards-based cryptographic engine for native Java environments. The module delivers core cryptographic functions to server platforms and features robust algorithm support, including Suite B algorithms. Raytheon Cryptographic Module for Java offloads secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3608", "Certificate Number": "3608", "Vendor Name": "Wickr Inc.", "Module Name": "Wickr FIPS Object Module for OpenSSL", "Module Type": "Software", "Validation Date": "01/24/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3608.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3608", "detail_available": true, "module_name": "Wickr FIPS Object Module for OpenSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security relevant modification to Cert. #2398. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Wickr FIPS Object Module for OpenSSL is a general purpose cryptographic module compiled from the source code for the OpenSSL FIPS Object Module 2.0.16.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3607", "Certificate Number": "3607", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks MX240, MX480, MX960 3D Universal Edge Routers and EX9204, EX9208, EX9214 Ethernet Switches with RE-S-X6-64G/RE-S-X6-128G/EX9200-RE2 Routing Engine and MPC7E-10G/EX9200-40XS MACSec Card", "Module Type": "Hardware", "Validation Date": "01/23/202003/23/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3607.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3607", "detail_available": true, "module_name": "Juniper Networks MX240, MX480, MX960 3D Universal Edge Routers and EX9204, EX9208, EX9214 Ethernet Switches with RE-S-X6-64G/RE-S-X6-128G/EX9200-RE2 Routing Engine and MPC7E-10G/EX9200-40XS MACSec Card", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 1.2 and 6 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Juniper Networks MX and EX9200 Series is a robust portfolio of SDN enabled routing and switching platforms that provide industry leading system capacity,density,security and performance. MPC7E-10G/EX9200-40XS supports 40 ports of 10gbps with GCM-AES-256 MACSEC encryption.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3606", "Certificate Number": "3606", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung SCrypto Cryptographic Module", "Module Type": "Software", "Validation Date": "01/22/202002/14/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3606.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3606", "detail_available": true, "module_name": "Samsung SCrypto Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SCrypto is secure library which is used to provide a standardized common cryptographic API to trusted applications for the secure world/TEE environment.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3605", "Certificate Number": "3605", "Vendor Name": "KIOXIA Corporation", "Module Name": "KIOXIA TCG OPAL SSC Self-Encrypting Solid State Drive CD5 Series", "Module Type": "Hardware", "Validation Date": "01/22/202002/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3605.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3605", "detail_available": true, "module_name": "KIOXIA TCG OPAL SSC Self-Encrypting Solid State Drive CD5 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The KIOXIA TCG OPAL SSC Self-Encrypting Solid State Drive is used for solid state drive data security. This Cryptographic Module (CM) provides various cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, cryptographic erase, independently protected user data LBA bands, and FW download." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3604", "Certificate Number": "3604", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux 7 libgcrypt Cryptographic Module", "Module Type": "Software", "Validation Date": "01/21/202005/06/202010/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3604.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3604", "detail_available": true, "module_name": "Oracle Linux 7 libgcrypt Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed and configured per security policy section 10 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Oracle Linux 7 libgcrypt Cryptographic Module is a software library implementing general purpose cryptographic algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3603", "Certificate Number": "3603", "Vendor Name": "Apricorn", "Module Name": "Aegis Fortress L3 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "01/17/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3603.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3603", "detail_available": true, "module_name": "Aegis Fortress L3 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When configured as specified in Section 11.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Aegis Fortress L3 is a FIPS 140-2 Level 3 validated hardware encrypted USB 3.1 external storage drive. Its software free design allows interface to any host that supports USB and mass storage. Authentication is performed via the embedded keypad and all CSPs (PINs, encryption keys, etc) never leave the device boundary for improved security. The device supports 1 administrator and 1 user and offers a variety of features including forced enrollment, programmable brute force, recovery PINs, 7-16 digit PINs, auto lock, read only modes, and is compatible with Apricorn’s Aegis Configurator." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3602", "Certificate Number": "3602", "Vendor Name": "Hypersecu Information Systems Inc", "Module Name": "HYP2003 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "01/17/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3602.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3602", "detail_available": true, "module_name": "HYP2003 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When installed, initialized, and configured as specified in the Security Policy Section 2.12. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The HYP2003 Cryptographic Module is designed to provide strong authentication and identification and to support network login, secure online transactions, digital signatures, and sensitive data protection.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3601", "Certificate Number": "3601", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "µMACE", "Module Type": "Hardware", "Validation Date": "01/14/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3601.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3601", "detail_available": true, "module_name": "µMACE", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Sections 2 and 9 of the Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The µMACE cryptographic processor is used in security modules embedded in Motorola Solutions security products.", "algorithms": [ "AES", "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3600", "Certificate Number": "3600", "Vendor Name": "McAfee, LLC", "Module Name": "Network Security Platform Sensor NS7150, NS7250 and NS7350", "Module Type": "Hardware", "Validation Date": "01/13/202003/23/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3600.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3600", "detail_available": true, "module_name": "Network Security Platform Sensor NS7150, NS7250 and NS7350", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3599", "Certificate Number": "3599", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 9300 Series Switches", "Module Type": "Hardware", "Validation Date": "01/10/202006/08/202008/25/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3599.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3599", "detail_available": true, "module_name": "Cisco Catalyst 9300 Series Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Catalyst 9300 Series Switches are stackable enterprise switching platform built for security, IoT, mobility, and cloud. The switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. The modules include cryptographic algorithms implemented in IOS-XE software as well as hardware ASIC. Advanced security feature supports MACsec encryption, hardware anchored secure boot and Secure Unique Device Identification (SUDI) support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3598", "Certificate Number": "3598", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "KMF/Wave/Traffic CryptR", "Module Type": "Hardware", "Validation Date": "01/10/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3598.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3598", "detail_available": true, "module_name": "KMF/Wave/Traffic CryptR", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to overall Level 2 per Sections 2.1 and 9.2 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The KMF/Wave/Traffic CryptR provides cryptographic services for secure key management, Over-the-Air-Rekeying (OTAR), secure data traffics, and secure voice traffics for the Motorola’s Key Management Facility (KMF) and the Motorola's Wave Systems. The KMF and KMF CryptR combine to provide cryptographic services for Motorola’s APCO-25 compliant Astro™ radio systems.", "algorithms": [ "AES", "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3597", "Certificate Number": "3597", "Vendor Name": "SonicWall, Inc.", "Module Name": "SonicWALL SMA Series v12.1 SMA 6210, SMA 7210", "Module Type": "Hardware", "Validation Date": "01/10/202004/19/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3597.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3597", "detail_available": true, "module_name": "SonicWALL SMA Series v12.1 SMA 6210, SMA 7210", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "SonicWall Software SMA 6210 and SMA 7210 are part of the SonicWall Security Solution Enterprise product family. They provide hardware appliance based VPN Virtual Private Network mobile access solutions to a wide variety of end user devices including Microsoft Windows, Apple OSX, Linux, Apple iOS, Google Android and Google Chromebook among others." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3596", "Certificate Number": "3596", "Vendor Name": "F5 Networks", "Module Name": "Cryptographic Module for BIG-IP ®", "Module Type": "Software", "Validation Date": "01/09/202006/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3596.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3596", "detail_available": true, "module_name": "Cryptographic Module for BIG-IP ®", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Cryptographic library offering various cryptographic mechanisms to BIG-IP Virtual Edition." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3595", "Certificate Number": "3595", "Vendor Name": "Raytheon Company", "Module Name": "Raytheon Cryptographic Module", "Module Type": "Software", "Validation Date": "01/08/202003/16/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3595.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3595", "detail_available": true, "module_name": "Raytheon Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3273.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Raytheon Cryptographic Module is used in Raytheon products to provide robust algorithm support for secure network communication.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3594", "Certificate Number": "3594", "Vendor Name": "KeyNexus, Inc.", "Module Name": "Key Management Security Module (KMSM) Cryptographic Module", "Module Type": "Software", "Validation Date": "01/07/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3594.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3594", "detail_available": true, "module_name": "Key Management Security Module (KMSM) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The KeyNexus Inc. KMSM cryptographic module is a software library which provides cryptographic functionality to the KeyNexus Key Management Service. KeyNexus Unified Key Manager (UKM) allows enterprises to leverage a single, central key management server to support many different encryption and security use cases. KeyNexus UKM can be deployed as a hosted service, on-premise in any virtual environment, in public or private clouds and embedded in a variety of chipset compute environments.", "algorithms": [ "AES", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3593", "Certificate Number": "3593", "Vendor Name": "BAE Systems", "Module Name": "STOP 8 Kernel Cryptographic Module", "Module Type": "Software", "Validation Date": "01/07/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3593.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3593", "detail_available": true, "module_name": "STOP 8 Kernel Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode. When installed, initialized, and configured as specified in the Security Policy Sections 2.1.2 and 3.1. The output of the DRBG may not be used to generate keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The STOP 8 Kernel Cryptographic Module is a statically linked library that is linked into the monolithic kernel. The module provides the cryptographic functionality required by the kernel to perform data protection functionality of the STOP 8's encrypted filesystem." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3592", "Certificate Number": "3592", "Vendor Name": "FP InovoLabs GmbH", "Module Name": "Postal NRevenector US 2018", "Module Type": "Hardware", "Validation Date": "01/06/202003/06/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3592.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3592", "detail_available": true, "module_name": "Postal NRevenector US 2018", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "FP InovoLabs GmbH is a wholly-owned subsidiary of Francotyp-Postalia Holding AG (FP), one of the leading global suppliers of mail center solutions. A major component of FP’s business is the production and support of postal franking machines (postage meters). These postal franking machines incorporate a postal security device (PSD) that performs all postage meter cryptographic and postal security functions and which protects both Critical Security Parameters (CSPs) and Postal Relevant Data Items (PRDIs) from unauthorized access. The Postal NRevenector US 2018 is FP’s latest generation of PSD." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3591", "Certificate Number": "3591", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 9500 Series Switches", "Module Type": "Hardware", "Validation Date": "01/06/202006/08/202003/30/202102/18/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3591.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3591", "detail_available": true, "module_name": "Cisco Catalyst 9500 Series Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 3 of the Security Policy. This module contains the embedded module 'ACT2Lite Cryptographic Module' validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Catalyst 9500 Series Switches are stackable enterprise switching platform built for security, IoT, mobility, and cloud. The switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. The modules include cryptographic algorithms implemented in IOS-XE software as well as hardware ASIC. Advanced security feature supports MACsec encryption, hardware anchored secure boot and Secure Unique Device Identification (SUDI) support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3590", "Certificate Number": "3590", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux 7 OpenSSH Server Cryptographic Module", "Module Type": "Software", "Validation Date": "01/06/202004/24/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3590.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3590", "detail_available": true, "module_name": "Oracle Linux 7 OpenSSH Server Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Oracle Linux OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #3474 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Oracle Linux OpenSSH Cryptographic Module is a software module that supplies cryptographic support for the SSH protocol." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3589", "Certificate Number": "3589", "Vendor Name": "AKEYLESS Security Ltd", "Module Name": "AKEYLESS FIPS Cryptographic Module for Distributed Fragments Cryptography", "Module Type": "Software", "Validation Date": "01/02/202008/17/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3589.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3589", "detail_available": true, "module_name": "AKEYLESS FIPS Cryptographic Module for Distributed Fragments Cryptography", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The AKEYLESS FIPS Cryptographic Module for Distributed Fragments Cryptography (\"DFC\") is a cryptographic module integrated in AKEYLESS products to provide FIPS 140-2 validated cryptography for the protection of sensitive data, such as Secrets, Keys, Documents and more.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3588", "Certificate Number": "3588", "Vendor Name": "Dell EMC", "Module Name": "Unity/Unity XT 12 Gb/s SAS I/O Module with Encryption", "Module Type": "Hardware", "Validation Date": "01/02/202010/26/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3588.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3588", "detail_available": true, "module_name": "Unity/Unity XT 12 Gb/s SAS I/O Module with Encryption", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Dell EMC Unity/Unity XT 12 Gb/s SAS I/O Module with Encryption is a high-density SAS controller chipset executing specialized firmware that provides Data At Rest Encryption (D@RE) for Dell EMC Unity/Unity XT storage arrays. It implements 256-bit AES-XTS encryption/decryption to encrypt and decrypt data as it is being written to or read from a SAS drive.", "algorithms": [ "AES", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3587", "Certificate Number": "3587", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "X4i Postal Security Device (PSD)", "Module Type": "Hardware", "Validation Date": "12/30/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3587.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3587", "detail_available": true, "module_name": "X4i Postal Security Device (PSD)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS Mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The X4i PSD is a single chip cryptographic module using the Maxim MAX32590 hardware that provides security services to support the creation of digital postage evidence in the form of an indicium.", "algorithms": [ "AES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3586", "Certificate Number": "3586", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba AP-203R, AP-203RP, and AP-303H Wireless Access Points", "Module Type": "Hardware", "Validation Date": "12/20/201903/11/202004/09/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3586.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3586", "detail_available": true, "module_name": "Aruba AP-203R, AP-203RP, and AP-303H Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 13 of the Security Policy. The tamper evident labels installed as indicated in the security policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's 802.11ac Wi-Fi access points operate at gigabit speeds, offering extreme performance for mobile devices. In FIPS 140-2 mode, Aruba APs in conjunction with a Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also support wireless intrusion detection/prevention services and wireless mesh topologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3585", "Certificate Number": "3585", "Vendor Name": "Legion of the Bouncy Castle Inc.", "Module Name": "BC-FJA (Bouncy Castle FIPS Java API)", "Module Type": "Software", "Validation Date": "12/17/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3585.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3585", "detail_available": true, "module_name": "BC-FJA (Bouncy Castle FIPS Java API)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well.", "algorithms": [ "AES", "CVL", "DES", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3584", "Certificate Number": "3584", "Vendor Name": "Hewlett Packard Enterprise Development LP", "Module Name": "HPE SimpliVity OmniStack Crypto Library", "Module Type": "Software", "Validation Date": "12/17/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3584.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3584", "detail_available": true, "module_name": "HPE SimpliVity OmniStack Crypto Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The module consists of a cryptographic library based on the OpenSSL FIPS Canister (OpenSSL FIPS Object Module version 2.0.13). It is compiled into object form (fipscanister.o for Linux-based systems, fipscanister.lib on Windows-based systems) and then statically linked to an instance of the OpenSSL version 1.0.2k libcrypto library at build-time. The OpenSSL libcrypto library is then linked to the calling application (dynamically linked on Linux, statically linked on Windows), which is loaded into memory for execution by the operating system loader." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3583", "Certificate Number": "3583", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung BoringSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "12/13/201912/23/201912/23/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3583.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3583", "detail_available": true, "module_name": "Samsung BoringSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Provides general purpose cryptographic services to user-space applications on the mobile platform for the protection of data.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3582", "Certificate Number": "3582", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux 7 OpenSSH Client Cryptographic Module", "Module Type": "Software", "Validation Date": "12/12/201905/06/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3582.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3582", "detail_available": true, "module_name": "Oracle Linux 7 OpenSSH Client Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Oracle Linux OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #3474 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Oracle Linux OpenSSH Cryptographic Module is a software module that supplies cryptographic support for the SSH protocol." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3581", "Certificate Number": "3581", "Vendor Name": "Accellion USA, LLC", "Module Name": "Accellion Cryptographic Module", "Module Type": "Software", "Validation Date": "12/11/201905/08/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3581.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3581", "detail_available": true, "module_name": "Accellion Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Accellion Secure File Sharing and Governance Platform offers a secure data transfer channel that protects customersÆ sensitive information in transit and at rest. It provides granular policy controls and a full audit trail to comply with regulations such as HIPAA, SOC 2, NIST 800-53 and -171, ITAR and EAR. Users share files in folders, SFTP and secure email, via plugins, web, and mobile interfaces. The Accellion Cryptographic Module is a component of the Accellion Secure File Sharing and Governance Platform (kiteworks).", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3580", "Certificate Number": "3580", "Vendor Name": "McAfee, LLC", "Module Name": "Network Security Platform Sensor NS9100 and NS9200", "Module Type": "Hardware", "Validation Date": "12/09/201903/23/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3580.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3580", "detail_available": true, "module_name": "Network Security Platform Sensor NS9100 and NS9200", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3579", "Certificate Number": "3579", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung SAS 12G TCG Enterprise SSC SEDs PM1643/PM1645 Series", "Module Type": "Hardware", "Validation Date": "12/09/201903/25/202012/01/202012/27/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3579.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3579", "detail_available": true, "module_name": "Samsung SAS 12G TCG Enterprise SSC SEDs PM1643/PM1645 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Rules Section of the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Samsung SAS 12G TCG Enterprise SSC SEDs PM1643 Series are a high-performance Self-Encrypting SSDs supporting SAS 12G Interface that provides on-the-fly encryption/decryption of user data without performance loss. It implements AES256-XTS for user data encryption, RSA PSS-2048 for FW authentication, and Hash_DRBG for key generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3578", "Certificate Number": "3578", "Vendor Name": "Extreme Networks", "Module Name": "Extreme Networks FIPS Object Module", "Module Type": "Software", "Validation Date": "12/04/201908/26/202112/08/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3578.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3578", "detail_available": true, "module_name": "Extreme Networks FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Extreme Networks FIPS Object Module is a general-purpose cryptographic module integrated into Extreme Networks’ products to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3577", "Certificate Number": "3577", "Vendor Name": "McAfee, LLC", "Module Name": "Network Security Platform Sensor NS9300P", "Module Type": "Hardware", "Validation Date": "12/04/201903/23/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3577.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3577", "detail_available": true, "module_name": "Network Security Platform Sensor NS9300P", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3576", "Certificate Number": "3576", "Vendor Name": "McAfee, LLC", "Module Name": "Network Security Platform Sensor NS7100, NS7200 and NS7300", "Module Type": "Hardware", "Validation Date": "12/04/201903/23/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3576.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3576", "detail_available": true, "module_name": "Network Security Platform Sensor NS7100, NS7200 and NS7300", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3575", "Certificate Number": "3575", "Vendor Name": "McAfee, LLC", "Module Name": "Network Security Platform Sensor NS9300 S", "Module Type": "Hardware", "Validation Date": "12/04/201903/23/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3575.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3575", "detail_available": true, "module_name": "Network Security Platform Sensor NS9300 S", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3574", "Certificate Number": "3574", "Vendor Name": "McAfee, LLC", "Module Name": "Network Security Platform Sensor NS3100, NS3200, NS5100 and NS5200", "Module Type": "Hardware", "Validation Date": "12/03/201903/23/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3574.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3574", "detail_available": true, "module_name": "Network Security Platform Sensor NS3100, NS3200, NS5100 and NS5200", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3573", "Certificate Number": "3573", "Vendor Name": "Hewlett PackardR, Enterprise", "Module Name": "XP8 Encryption Backend SAS I/O Module", "Module Type": "Hardware", "Validation Date": "11/25/201906/24/202002/18/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3573.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3573", "detail_available": true, "module_name": "XP8 Encryption Backend SAS I/O Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The XP8 Encryption Backend SAS I/O Module provides high speed data at rest encryption for HPE storage.", "algorithms": [ "AES", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3572", "Certificate Number": "3572", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-51E [1], FortiGate-61E [2], FortiWifi-61E [3], FortiWifi-90D [4] and FortiGateRugged-60D [5]", "Module Type": "Hardware", "Validation Date": "11/25/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3572.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3572", "detail_available": true, "module_name": "FortiGate-51E [1], FortiGate-61E [2], FortiWifi-61E [3], FortiWifi-90D [4] and FortiGateRugged-60D [5]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiOS is a firmware based operating system that runs exclusively on Fortinet's FortiGate/FortiWiFi product family. The FortiOS provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering and traffic shaping and HA capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3571", "Certificate Number": "3571", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux GnuTLS Cryptographic Module", "Module Type": "Software", "Validation Date": "11/25/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3571.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3571", "detail_available": true, "module_name": "Red Hat Enterprise Linux GnuTLS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "GnuTLS is a secure communications library implementing the TLS and DTLS protocols. It provides a simple C language application programming interface to access the secure communications protocols as well as APIs to parse and write X.509, PCKS#12, and other required structures which is shipped with Red Hat Enterprise Linux 7.6." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3570", "Certificate Number": "3570", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco NCS 5500 Series Routers", "Module Type": "Hardware", "Validation Date": "11/22/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3570.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3570", "detail_available": true, "module_name": "Cisco NCS 5500 Series Routers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 9 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Network Convergence System 5500 Series is a family of routing platforms including fixed and modular chassis. The platform offers high port density, high performance forwarding, low jitter and the lowest power consumption per Gigabits/sec at a very cost-effective price point. The routers meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. The modules include cryptographic algorithms implemented in IOS-XR software.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "HMAC", "KAS", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3569", "Certificate Number": "3569", "Vendor Name": "Quantum Xchange", "Module Name": "Quantum Xchange FIPS Object Module", "Module Type": "Software", "Validation Date": "11/21/201907/19/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3569.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3569", "detail_available": true, "module_name": "Quantum Xchange FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3503.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Quantum Xchange FIPS Object Module provides FIPS 140-2 validated cryptography for the solutions delivered by Quantum Xchange.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3568", "Certificate Number": "3568", "Vendor Name": "Hill-Rom Holdings, Inc.", "Module Name": "Hillrom Cryptographic Security Module", "Module Type": "Software", "Validation Date": "11/21/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3568.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3568", "detail_available": true, "module_name": "Hillrom Cryptographic Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy and operated in FIPS mode. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security relevant modification to Cert. #2473", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Hillrom Cryptographic Security Module is an implementation of the OpenSSL FIPS Object Module 2.0. It is designed for ease of use with the popular OpenSSL cryptographic library and toolkit and is available for use without charge for a wide variety of platforms. The basic validation can also be extended quickly and affordably to accommodate new platforms and many types of modifications.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3567", "Certificate Number": "3567", "Vendor Name": "Amazon Web Services, Inc.", "Module Name": "Amazon Linux 2 OpenSSH Client Cryptographic Module", "Module Type": "Software", "Validation Date": "11/20/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3567.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3567", "detail_available": true, "module_name": "Amazon Linux 2 OpenSSH Client Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Amazon Linux 2 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #3553 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Amazon Linux 2 OpenSSH Client Cryptographic Module is a software module implementing the SSH protocol and acts as a client application." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3566", "Certificate Number": "3566", "Vendor Name": "UTC Fire & Security Americas Corporation, Inc.", "Module Name": "Lenel OnGuard Access Control Cryptographic Module", "Module Type": "Software", "Validation Date": "11/18/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3566.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3566", "detail_available": true, "module_name": "Lenel OnGuard Access Control Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub validated to FIPS 140-2 under Cert. #2606 operating in FIPS mode or Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 validated to FIPS 140-2 under Cert. #2937 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Lenel open platform security system integrates seamlessly with video, intrusion, access and fire products and offers remote access and management functionality, and is constantly evolving to meet changing mandates and guidelines. FICAM Architecture options include onboard authentication, ideal for new installations, or an add-on authentication module, perfect for retrofits and architectures where onboard authentication is not available. The OnGuard FICAM security management solution consists of Lenel OnGuard software, Lenel access and door controllers, and HID pivCLASS® software and readers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3565", "Certificate Number": "3565", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "11/15/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3565.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3565", "detail_available": true, "module_name": "Red Hat Enterprise Linux Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Red Hat Enterprise Linux NSS Cryptographic Module validated to FIPS 140-2 under Cert. #3270 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Linux kernel Crypto API implemented in Red Hat Enterprise Linux 7 provides services operating inside the Linux kernel with various ciphers, message digests and an approved random number generator." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3564", "Certificate Number": "3564", "Vendor Name": "Gemalto", "Module Name": "ProtectServer Internal Express 2 (PSI-E2)", "Module Type": "Hardware", "Validation Date": "11/15/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3564.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3564", "detail_available": true, "module_name": "ProtectServer Internal Express 2 (PSI-E2)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the Security Policy Section 3. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The SafeNet PSI-E 2 is a high-end intelligent PCI adapter card, used either standalone or in the SafeNet PSE 2 appliance, that provides a wide range of cryptographic functions using firmware and dedicated hardware processors. The module provides key management (e.g., generation, storage, deletion, and backup), an extensive suite of cryptographic mechanisms, and process management including separation between operators. The PSI-E 2 also features non-volatile tamper protected memory for key storage, a hardware random number generator, and an RTC." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3563", "Certificate Number": "3563", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 7 Libreswan Cryptographic Module", "Module Type": "Software", "Validation Date": "11/15/201906/04/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3563.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3563", "detail_available": true, "module_name": "Red Hat Enterprise Linux 7 Libreswan Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "With module Red Hat Enterprise Linux NSS Cryptographic Module validated to FIPS 140-2 under Cert. #3270[1] and Red Hat Enterprise Linux 7 NSS Cryptographic Module validated to FIPS 140-2 under Cert. #3860[2] and Red Hat Enterprise Linux OpenSSL Module validated to FIPS140-2 under Cert. #3538[1] and Red Hat Enterprise Linux 7 OpenSSL Module validated to FIPS 140-2 under Cert. #3867[2] operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Red Hat Enterprise Linux Libreswan Cryptographic Module is a software only cryptographic module that provides the IKE protocol version 1 and version 2 key agreement services required for IPSec." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3562", "Certificate Number": "3562", "Vendor Name": "Amazon Web Services, Inc.", "Module Name": "Amazon Linux 2 OpenSSH Server Cryptographic Module", "Module Type": "Software", "Validation Date": "11/14/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3562.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3562", "detail_available": true, "module_name": "Amazon Linux 2 OpenSSH Server Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Amazon Linux 2 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #3553 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Amazon Linux 2 OpenSSH Server Cryptographic Module is a software module implementing the SSH protocol and acts as a server daemon." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3561", "Certificate Number": "3561", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Aironet 1572 EAC, 1702i, 2702e/i, 3702e/i/p Wireless LAN Access Points", "Module Type": "Hardware", "Validation Date": "11/12/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3561.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3561", "detail_available": true, "module_name": "Cisco Aironet 1572 EAC, 1702i, 2702e/i, 3702e/i/p Wireless LAN Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Cisco Aironet Series Wireless Access Points provide highly secure and reliable wireless connections for both indoor and outdoor environments.", "algorithms": [ "AES", "KTS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3560", "Certificate Number": "3560", "Vendor Name": "Sonus Networks, Inc.", "Module Name": "SBC 5400 Session Border Controller", "Module Type": "Hardware", "Validation Date": "11/05/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3560.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3560", "detail_available": true, "module_name": "SBC 5400 Session Border Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The SBC 5400 Session Border Controller is a high-performance air-cooled, 2U, IP encryption appliance that provides secure SIP-based communications with robust security, reduced latency, real-time encryption (VOIP signaling and media traffic), media transcoding, flexible SIP session routing, and policy management.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDH", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3559", "Certificate Number": "3559", "Vendor Name": "Qualcomm Technologies, Inc.", "Module Name": "Qualcomm® Trusted Execution Environment Software Cryptographic Library", "Module Type": "Software-Hybrid", "Validation Date": "11/01/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3559.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3559", "detail_available": true, "module_name": "Qualcomm® Trusted Execution Environment Software Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Qualcomm(R) Pseudo Random Number Generator validated to FIPS 140-2 under Cert. #3114 operating in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Single Chip", "description": "Qualcomm Trusted Execution Environment Software Cryptographic Library provides various software cryptographic functionalities to the 32/64 bit Qualcomm Trusted Execution Environment Trusted Applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3558", "Certificate Number": "3558", "Vendor Name": "Aviat Networks, Inc.", "Module Name": "Aviat Networks Eclipse Cryptographic Module", "Module Type": "Hardware", "Validation Date": "10/28/201912/18/201901/22/202108/20/202112/20/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3558.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3558", "detail_available": true, "module_name": "Aviat Networks Eclipse Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. Installation of components shall be configured per Section 2.2.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Aviat Networks' Eclipse is an all-in-one next generation dual hybrid and packet microwave radio. Eclipse provides superior networking features to address cost-optimized mobile backhaul, public, and private networking applications, along with high performance RF and Carrier Ethernet capabilities. Aviat Eclipse delivers a \"complete\" set of microwave nodal networking capabilities. Eclipse delivers multi-directional integrated microwave switching within a single system, supporting up to 6 RF or up to 45 Ethernet radios in a single rack unit." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3557", "Certificate Number": "3557", "Vendor Name": "IBM Corporation", "Module Name": "IBM® z/OS® Version 2 Release 3 System SSL Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "10/25/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3557.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3557", "detail_available": true, "module_name": "IBM® z/OS® Version 2 Release 3 System SSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules IBM(R) z/OS(R) Version 2 Release 3 Security Server RACF(R) Signature Verification Module validated to FIPS 140-2 under Cert. #2691 operating in FIPS mode and IBM(R) z/OS(R) Version 2 Release 3 ICSF PKCS #11 Cryptographic Module validated to FIPS 140-2 under Cert. #3555 operating in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "z/OS® System SSL provides a rich set of C based application programming interfaces that allow applications to protect data using the SSL/TLS protocols and through PKCS#7 cryptographic messages. z/OS System SSL also enables applications to create and manage X.509 V3 certificates and keys within key database files and PKCS#11 tokens." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3556", "Certificate Number": "3556", "Vendor Name": "Autotalks Ltd.", "Module Name": "CRATON2/SECTON embedded V2X HSM", "Module Type": "Hardware", "Validation Date": "10/24/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3556.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3556", "detail_available": true, "module_name": "CRATON2/SECTON embedded V2X HSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Autotalks Embedded Hardware Security Module (eHSM) provides a hardened, tamper-resistant environment for secure cryptographic processing needed for Automotive Vehicle-to-Everything communication systems including: ECC Public Key cryptography, Symmetric key cryptography, Key protection, and TRNG/DRBG." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3555", "Certificate Number": "3555", "Vendor Name": "IBM Corporation", "Module Name": "IBM® z/OS® Version 2 Release 3 ICSF PKCS #11 Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "10/23/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3555.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3555", "detail_available": true, "module_name": "IBM® z/OS® Version 2 Release 3 ICSF PKCS #11 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module IBM(R) z/OS(R) Version 2 Release 3 Security Server RACF(R) Signature Verification Module validated to FIPS 140-2 under Cert. #2691 operating in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "ICSF is a software element of z/OS that works with hardware cryptographic features and the Security Server (RACF) to provide secure, high-speed cryptographic services in the z/OS environment. ICSF, which runs as a started task, provides the application programming interfaces by which applications request the cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3554", "Certificate Number": "3554", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Systems NSS Module", "Module Type": "Software", "Validation Date": "10/23/201911/08/201903/15/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3554.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3554", "detail_available": true, "module_name": "Cisco Systems NSS Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "The module generates keys whose strengths are modified by available entropy. When Operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Cisco Systems NSS Module is a software library supporting FIPS 140-2 approved cryptographic algorithms.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3553", "Certificate Number": "3553", "Vendor Name": "Amazon Web Services, Inc.", "Module Name": "Amazon Linux 2 OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "10/23/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3553.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3553", "detail_available": true, "module_name": "Amazon Linux 2 OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Amazon Linux 2 OpenSSL Crypto Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for the applications running on Amazon Linux 2." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3552", "Certificate Number": "3552", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba 7XXX Series Controllers with ArubaOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "10/21/201903/24/202005/17/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3552.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3552", "detail_available": true, "module_name": "Aruba 7XXX Series Controllers with ArubaOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's family of Mobility Controllers are network infrastructure devices providing secure, scalable solutions for enterprise Wi-Fi, network security policy enforcement, VPN services, and wireless intrusion detection and prevention. Mobility controllers serve as central points of authentication, encryption, access control, and network coordination for all mobile network services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3551", "Certificate Number": "3551", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba AP-304, AP-305, AP-314, AP-315, AP-334, AP-335, AP-365, and AP-367 Wireless Access Points", "Module Type": "Hardware", "Validation Date": "10/21/201902/21/202004/09/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3551.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3551", "detail_available": true, "module_name": "Aruba AP-304, AP-305, AP-314, AP-315, AP-334, AP-335, AP-365, and AP-367 Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 13 of the Security Policy. The tamper evident labels installed as indicated in the security policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's 802.11ac Wi-Fi access points operate at gigabit speeds, offering extreme performance for mobile devices. In FIPS 140-2 mode, Aruba APs in conjunction with a Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also support wireless intrusion detection/prevention services and wireless mesh topologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3550", "Certificate Number": "3550", "Vendor Name": "VMware, Inc.", "Module Name": "VMware's OpenSSL FIPS Object Module", "Module Type": "Software", "Validation Date": "10/18/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3550.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3550", "detail_available": true, "module_name": "VMware's OpenSSL FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "VMware's OpenSSL FIPS Object Module v2.0.20-vmw is a general-purpose cryptographic module that provides FIPS-Approved cryptographic functions and services to various VMware's products and components.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3549", "Certificate Number": "3549", "Vendor Name": "Qualcomm Technologies, Inc.", "Module Name": "Qualcomm® Secure Processing Unit (SPU)", "Module Type": "Hardware", "Validation Date": "10/10/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3549.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3549", "detail_available": true, "module_name": "Qualcomm® Secure Processing Unit (SPU)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The cryptographic module is implemented in the Secure Processing Unit (SPU) hardware, which resides in Qualcomm® Snapdragon ™ 855 processors" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3548", "Certificate Number": "3548", "Vendor Name": "Harris Corporation", "Module Name": "RF-7800W Integrated Radio/PA", "Module Type": "Hardware", "Validation Date": "10/09/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3548.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3548", "detail_available": true, "module_name": "RF-7800W Integrated Radio/PA", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 3.1 of the Security Policy and the tamper evident seals installed as indicated in Section 2.4 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The RF-7800W(-RP50x,-RP47x) Broadband Ethernet Radio(BER) is designed for High Capacity Line of Sight (HCLOS) networks with broadband Ethernet requirements. The radio can be mounted on a mast for quick deployment or on a tower system and is designed for long haul backbone systems. The BER operates in the 4.4 - 5.8 GHz frequency band. The BER is an ideal wireless networking solution for public safety, first responders, training and simulation networks and long haul/short haul battlefield communications. The RF-7800W operates in Point-to-Point and Point to Multipoint in the same platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3547", "Certificate Number": "3547", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung Flash Memory Protector V1.5", "Module Type": "Software-Hybrid", "Validation Date": "10/08/201911/05/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3547.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3547", "detail_available": true, "module_name": "Samsung Flash Memory Protector V1.5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The driver for the on-the-fly Hardware encryption module to flash memory for Disk/File Encryption solution. The hardware module supports AES with CBC mode and XTS-AES cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3546", "Certificate Number": "3546", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung Kernel Cryptographic Module", "Module Type": "Software", "Validation Date": "10/08/201910/29/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3546.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3546", "detail_available": true, "module_name": "Samsung Kernel Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Provides general purpose cryptographic services to services in the Linux kernel and user-space applications, intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3545", "Certificate Number": "3545", "Vendor Name": "Fortanix, Inc.", "Module Name": "Fortanix SDKMS Appliance", "Module Type": "Hardware", "Validation Date": "10/04/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3545.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3545", "detail_available": true, "module_name": "Fortanix SDKMS Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Fortanix SDKMS appliance is the building block for running Fortanix Self-Defending Key Management Service (SDKMS), a unified HSM and Key Management solution. With SDKMS, you can securely generate, store, and use cryptographic keys and certificates, as well as secrets, such as passwords, API keys, tokens, or any blob of data.", "algorithms": [ "AES", "CVL", "DRBG", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3544", "Certificate Number": "3544", "Vendor Name": "Microsoft Corporation", "Module Name": "Cryptographic Primitives Library", "Module Type": "Software", "Validation Date": "10/03/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3544.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3544", "detail_available": true, "module_name": "Cryptographic Primitives Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules Kernel Mode Cryptographic Primitives Library validated to FIPS 140-2 under Cert. #3527 operating in FIPS mode and Code Integrity validated to FIPS 140-2 under Cert. #3093 operating in FIPS mode or Secure Kernel Code Integrity validated to FIPS 140-2 under Cert. #3096 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Cryptographic Primitives Library (bcryptprimitives.dll) provides cryptographic services to Windows components and applications. It includes cryptographic algorithms in an easy-to-use cryptographic module via the Cryptography Next Generation (CNG) API. It can be dynamically linked into applications for the use of general-purpose FIPS 140-2 validated cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3543", "Certificate Number": "3543", "Vendor Name": "Netskope Inc.", "Module Name": "Netskope Cryptographic Security Module", "Module Type": "Software", "Validation Date": "10/02/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3543.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3543", "detail_available": true, "module_name": "Netskope Cryptographic Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy and operated in FIPS mode. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security relevant modification to Cert. #2398", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "FIPS 140-2 compliant.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3542", "Certificate Number": "3542", "Vendor Name": "VMware, Inc.", "Module Name": "VMware's VPN Crypto Module", "Module Type": "Software", "Validation Date": "10/02/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3542.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3542", "detail_available": true, "module_name": "VMware's VPN Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module VMware OpenSSL FIPS Object Module validated to FIPS 140-2 under Cert. #2839 operating in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "VMware's VPN Crypto Module is a software cryptographic module whose purpose is to provide FIPS 140-2 validated cryptographic functions to various VMware applications utilizing VPN capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3541", "Certificate Number": "3541", "Vendor Name": "Nutanix, Inc.", "Module Name": "Nutanix Cryptographic Module for BoringSSL", "Module Type": "Software", "Validation Date": "10/01/201911/14/201905/26/202006/02/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3541.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3541", "detail_available": true, "module_name": "Nutanix Cryptographic Module for BoringSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Nutanix Cryptographic Module for BoringSSL is a suite of FIPS Approved algorithms used for TLS and other cryptographic functions.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3540", "Certificate Number": "3540", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SRX300, SRX340, SRX345, SRX550-M, SRX5400, SRX5600 and SRX5800 Services Gateways with Junos 17.4R1-S1", "Module Type": "Hardware", "Validation Date": "09/30/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3540.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3540", "detail_available": true, "module_name": "Juniper Networks SRX300, SRX340, SRX345, SRX550-M, SRX5400, SRX5600 and SRX5800 Services Gateways with Junos 17.4R1-S1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with tamper-evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Juniper Networks SRX Series Services Gateways are a series of secure routers that provide essential capabilities to connect, secure, and manage work force locations sized from handfuls to hundreds of users. By consolidating fast, highly available switching, routing, security, and applications capabilities in a single device, enterprises can economically deliver new services, safe connectivity, and a satisfying end user experience.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3539", "Certificate Number": "3539", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SRX320 Services Gateway with JUNOS 17.4R1-S1", "Module Type": "Hardware", "Validation Date": "09/30/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3539.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3539", "detail_available": true, "module_name": "Juniper Networks SRX320 Services Gateway with JUNOS 17.4R1-S1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Juniper Networks SRX Series Services Gateways are a series of secure routers that provide essential capabilities to connect, secure, and manage work force locations sized from handfuls to hundreds of users. By consolidating fast, highly available switching, routing, security, and applications capabilities in a single device, enterprises can economically deliver new services, safe connectivity, and a satisfying end user experience.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3538", "Certificate Number": "3538", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "09/26/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3538.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3538", "detail_available": true, "module_name": "Red Hat Enterprise Linux OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The OpenSSL FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the OpenSSL library." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3537", "Certificate Number": "3537", "Vendor Name": "Chunghwa Telecom Co., Ltd. and Taisys Technologies Co., Ltd.", "Module Name": "Chunghwa Mobile ID Applet on TAISYS Technologies JUISE-S2", "Module Type": "Hardware", "Validation Date": "09/26/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3537.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3537", "detail_available": true, "module_name": "Chunghwa Mobile ID Applet on TAISYS Technologies JUISE-S2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated with module TAISYS JUISE-S2 validated to FIPS 140-2 under Cert. #3441 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The TAISYS JUISE-S2 is a module available in contact/contactless form factors with the Chunghwa Mobile ID Applet. The Mobile ID Applet is a Javacard applet that provides security for stored user data and credentials for Mobile ID services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3536", "Certificate Number": "3536", "Vendor Name": "Palo Alto Networks", "Module Name": "PA-200, PA-220, PA-220R, PA-500, PA-800 Series, PA-3000 Series, PA-3200 Series, PA-5000 Series, PA-5200 Series and PA-7000 Series Firewalls", "Module Type": "Hardware", "Validation Date": "09/25/201902/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3536.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3536", "detail_available": true, "module_name": "PA-200, PA-220, PA-220R, PA-500, PA-800 Series, PA-3000 Series, PA-3200 Series, PA-5000 Series, PA-5200 Series and PA-7000 Series Firewalls", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Palo Alto Networks PA-200, PA-220, PA-220R, PA-500 Series, PA-800 Series, PA-3000 Series, PA-3200 Series, PA-5000 Series, PA-5200 Series and PA-7000 Series Firewalls are multi-chip standalone modules that provide network security by enabling enterprises to see and control applications, users, and content using three unique identification technologies: App-ID, User-ID, and Content-ID. These identification technologies enable enterprises to create business-relevant security policies to safely enabling organizations to adopt new applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3535", "Certificate Number": "3535", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Systems Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "11/07/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3535.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3535", "detail_available": true, "module_name": "Cisco Systems Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Cisco Systems NSS Module validated to FIPS 140-2 under Cert. #3554 operating in FIPS mode.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Systems Kernel Crypto API Cryptographic Module is a software only cryptographic module that provides general-purpose cryptographic services to the Linux kernel." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3534", "Certificate Number": "3534", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Systems Libreswan Cryptographic Module", "Module Type": "Software", "Validation Date": "11/02/201912/09/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3534.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3534", "detail_available": true, "module_name": "Cisco Systems Libreswan Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Cisco Systems NSS Module validated to FIPS 140-2 under Cert. #3554 operating in FIPS mode and Cisco FIPS Object Module validated to FIPS 140-2 under Cert. #2984 in FIPS mode.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Systems Libreswan Cryptographic Module is a software library implementing the cryptographic algorithms. The module provides key derivation for the IKEv1 and IKEv2 protocols." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3533", "Certificate Number": "3533", "Vendor Name": "WISeKey Semiconductors", "Module Name": "VAULTIC 420 [1], 460 [2]", "Module Type": "Hardware", "Validation Date": "09/24/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3533.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3533", "detail_available": true, "module_name": "VAULTIC 420 [1], 460 [2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The VaultIC420 and VaultIC460 are ASSPs designed to secure various systems against counterfeiting, cloning or identity theft. It is a hardware security module that can be used in many applications such as IP protection, access control or hardware protection." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3532", "Certificate Number": "3532", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-VM Virtual Appliances", "Module Type": "Software", "Validation Date": "09/20/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3532.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3532", "detail_available": true, "module_name": "FortiGate-VM Virtual Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and configured according to the Entropy Token Section of the Security Policy. There is no assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiGate-VM appliances are software modules designed to execute on a General Purpose Computer (GPC) hardware platform running the VMware hypervisor and FortiOS 5.4. The FortiOS provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering and traffic shaping and HA capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3531", "Certificate Number": "3531", "Vendor Name": "Palo Alto Networks", "Module Name": "Panorama Virtual Appliance 8.1", "Module Type": "Software", "Validation Date": "09/19/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3531.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3531", "detail_available": true, "module_name": "Panorama Virtual Appliance 8.1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Panorama Virtual Appliance 8.1 module provides centralized management and visibility of multiple Palo Alto Networks next-generation firewalls and supports distributed management and logging functions. It allows you to oversee all applications, users, and content traversing the network and then create application enablement policies that protect and control the entire network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3530", "Certificate Number": "3530", "Vendor Name": "Palo Alto Networks", "Module Name": "Panorama 8.1 M-100, M-200, M-500 and M-600", "Module Type": "Hardware", "Validation Date": "09/19/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3530.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3530", "detail_available": true, "module_name": "Panorama 8.1 M-100, M-200, M-500 and M-600", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Panorama on the M-100, M-200, M-500 and M-600 provides centralized management and visibility of multiple Palo Alto Networks next-generation firewalls and supports distributed management and logging functions. It allows you to oversee all applications, users, and content traversing the network and then create application enablement policies that protect and control the entire network. The M-500 and M-600 provide an additional service, the PAN-DB private cloud, which is an on-premise solution suitable for organizations that prohibit or restrict the use of the PAN-DB public cloud service." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3529", "Certificate Number": "3529", "Vendor Name": "PacketLight Networks Ltd.", "Module Name": "PL-2000M, PL-2000AD and PL-2000ADS", "Module Type": "Hardware", "Validation Date": "09/18/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3529.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3529", "detail_available": true, "module_name": "PL-2000M, PL-2000AD and PL-2000ADS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 10 and operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "PacketLight's PL-2000M, PL-2000AD and PL-2000ADS Layer-1 encryption solutions ensure the confidentiality and integrity of data, based on GCM-AES-256 encryption standards, supporting Diffie-Hellman (DH) key exchange up to every 1-minute. In addition, the solutions support multiple protocols including 10G/40G/100G Ethernet, 8G/16G/32G Fibre Channel, OTU2/OTU2e/OTU3/OTU4 and STM-64/OC-192" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3528", "Certificate Number": "3528", "Vendor Name": "SECUREDATA, Inc.", "Module Name": "SecureUSB BT", "Module Type": "Hardware", "Validation Date": "09/18/201903/05/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3528.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3528", "detail_available": true, "module_name": "SecureUSB BT", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Hardware encrypted USB 3.0 SATA drive with Bluetooth interface for authentication and configuration." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3527", "Certificate Number": "3527", "Vendor Name": "Microsoft Corporation", "Module Name": "Kernel Mode Cryptographic Primitives Library", "Module Type": "Software", "Validation Date": "09/16/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3527.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3527", "detail_available": true, "module_name": "Kernel Mode Cryptographic Primitives Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules Windows OS Loader validated to FIPS 140-2 under Cert. #3090 operating in FIPS mode or Windows Resume validated to FIPS 140-2 under Cert. #3091 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Kernel Mode Cryptographic Primitives Library (cng.sys) runs as a kernel mode export driver, and provides cryptographic services, through their documented interfaces, to Windows kernel components. It supports several cryptographic algorithms accessible via a FIPS function table request IRP (I/O request packet)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3526", "Certificate Number": "3526", "Vendor Name": "Ciena® Corporation", "Module Name": "Ciena Waveserver Ai WCS-2 Module", "Module Type": "Hardware", "Validation Date": "09/16/201902/21/202005/22/202008/28/202010/01/202112/14/202105/10/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3526.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3526", "detail_available": true, "module_name": "Ciena Waveserver Ai WCS-2 Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 12 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Ciena Waveserver Ai, with WCS2 and Encryption cards, offers a Layer 1 AES-256-GCM encryption solution for 100GE clients supporting 100Gbs to 400Gb/s wirespeed encryption per line port for enterprises, datacenters and government deployments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3525", "Certificate Number": "3525", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung NVMe TCG Opal SSC SEDs PM1723b Series", "Module Type": "Hardware", "Validation Date": "09/12/201909/26/201908/28/202006/15/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3525.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3525", "detail_available": true, "module_name": "Samsung NVMe TCG Opal SSC SEDs PM1723b Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Rules Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Samsung NVMe TCG Opal SSC SEDs PM1723b Series are a high-performance Self-Encrypting SSDs supporting NVMe Interface that provides on-the-fly encryption/decryption of user data without performance loss. It implements AES256-XTS for user data encryption, ECDSA P-224 for FW authentication, and Hash_DRBG for key generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3524", "Certificate Number": "3524", "Vendor Name": "Poly Inc.", "Module Name": "Poly Voice Common Cryptographic Module", "Module Type": "Software", "Validation Date": "09/10/201909/18/202010/20/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3524.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3524", "detail_available": true, "module_name": "Poly Voice Common Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy and operated in FIPS mode. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security relevant modification to Cert. #3220", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Poly Voice Common Cryptographic Module is a general-purpose cryptographic module integrated in Poly Inc. products to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3523", "Certificate Number": "3523", "Vendor Name": "Apple Inc.", "Module Name": "Apple Secure Key Store Cryptographic Module, v9.0", "Module Type": "Hardware", "Validation Date": "09/10/201903/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3523.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3523", "detail_available": true, "module_name": "Apple Secure Key Store Cryptographic Module, v9.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The Apple Secure Key Store Cryptographic Module, v9.0 is a single-chip standalone hardware cryptographic module running on a multi-chip device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3522", "Certificate Number": "3522", "Vendor Name": "SECUREDATA, Inc.", "Module Name": "SecureUSB KP", "Module Type": "Hardware", "Validation Date": "09/09/201901/28/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3522.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3522", "detail_available": true, "module_name": "SecureUSB KP", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Hardware-encrypted USB 3.0 flash drive with integrated keypad for authentication and configuration." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3521", "Certificate Number": "3521", "Vendor Name": "Marvell Semiconductor, Inc.", "Module Name": "NITROXIII CNN35XX-NFBE HSM Family", "Module Type": "Hardware", "Validation Date": "09/08/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3521.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3521", "detail_available": true, "module_name": "NITROXIII CNN35XX-NFBE HSM Family", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security-relevant modification to Cert. #3108", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "CNN35XX-NFBE HSM Family is a high performance purpose built solution for key management and crypto acceleration compliance to FIPS 140-2. The module supports flexible key store that can be partitioned up to 32 individually managed and isolated partitions. This is a SRIOV capable PCIe adapter and can be used in a virtualization environment to extend services like virtual key management, crypto and TLS offloads to VMs in dedicated I/O channels. This product is suitable for PKI vendors, SSL servers/load balancers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3520", "Certificate Number": "3520", "Vendor Name": "Thales", "Module Name": "SafeNet Cryptovisor K7+ Cryptographic Module", "Module Type": "Hardware", "Validation Date": "09/05/201909/19/201911/04/201903/02/202005/04/202011/01/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3520.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3520", "detail_available": true, "module_name": "SafeNet Cryptovisor K7+ Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The SafeNet Cryptovisor K7+ Cryptographic Module is a high-assurance, Hardware Security Module with a tamper-active physical enclosure targeted at the service provider market. The cryptographic module secures sensitive data and critical applications by storing, protecting and managing cryptographic keys. It provides end users with industry-leading security and performance, and can quickly be embedded directly into servers and security appliances for FIPS 140-2 validated key security for elastic deployments particularly in support of cloud applications. The module meets compliance and audit ne", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3519", "Certificate Number": "3519", "Vendor Name": "Thales", "Module Name": "SafeNet Cryptovisor K7 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "09/05/201909/19/201911/04/201903/02/202005/04/202012/12/202101/28/202204/29/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3519.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3519", "detail_available": true, "module_name": "SafeNet Cryptovisor K7 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The SafeNet Cryptovisor K7 Cryptographic Module is a high-assurance, tamper-resistant Hardware Security Module targeted at the service provider market. The cryptographic module secures sensitive data and critical applications by storing, protecting and managing cryptographic keys. It provides end users with industry-leading security and performance, and can quickly be embedded directly into servers and security appliances for FIPS 140-2 validated key security for elastic deployments, particularly in support of cloud applications. The module meets compliance and audit needs for FIPS 140, HIPA", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3518", "Certificate Number": "3518", "Vendor Name": "DocuSign, Inc.", "Module Name": "DocuSign Signature Appliance", "Module Type": "Hardware", "Validation Date": "09/05/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3518.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3518", "detail_available": true, "module_name": "DocuSign Signature Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. This module contains the embedded module eToken 5105 validated to FIPS 140-2 under Cert. #1883 operating in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The DocuSign Signature Appliance is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization's end-users. End-users will connect securely to the appliance from their PC for the purpose of signing documents and data. The DocuSign Signature Appliance also enables organization using AES based encryption keys for encrypting/decrypting data." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3517", "Certificate Number": "3517", "Vendor Name": "Yubico, Inc.", "Module Name": "YubiKey 4 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "09/03/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3517.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3517", "detail_available": true, "module_name": "YubiKey 4 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and configured as specified in Section 1.3 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The Yubikey 4 cryptographic module is a secure element that supports multiple protocols designed to be embedded in USB security tokens. The module can generate, store, and perform cryptographic operations for sensitive data and can be utilized via an external touch-button for Test of User Presence in addition to PIN for smart card authentication.The module implements five major functions - Yubico One Time Password (OTP), FIDO Universal 2nd Factor (U2F), PIV-compatible smart card, OpenPGP smart card and OATH OTP authentication." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3516", "Certificate Number": "3516", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-2000E/2500E", "Module Type": "Hardware", "Validation Date": "08/30/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3516.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3516", "detail_available": true, "module_name": "FortiGate-2000E/2500E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiOS is a firmware based operating system that runs exclusively on Fortinet's FortiGate/FortiWiFi product family. The FortiOS provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering and traffic shaping and HA capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3515", "Certificate Number": "3515", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Network Convergence System 2000 Series Cryptographic Module", "Module Type": "Hardware", "Validation Date": "08/29/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3515.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3515", "detail_available": true, "module_name": "Cisco Network Convergence System 2000 Series Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco NCS 2000 Series offers three chassis variants to meet varying scale and space requirements. This Cisco« Network Convergence System (NCS) Family of products provides an Evolved Programmable Network (EPN) which simplify network operations, reduce network costs, and make your network more dynamic and profitable. The Cisco Network Convergence System 2000 Series (NCS 2000 Series) delivers agility, programmability, and massive scale across ultra-long-haul, metro, and enterprise optical networks.", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3514", "Certificate Number": "3514", "Vendor Name": "Legion of the Bouncy Castle Inc.", "Module Name": "BC-FJA (Bouncy Castle FIPS Java API)", "Module Type": "Software", "Validation Date": "08/23/201904/18/202102/08/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3514.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3514", "detail_available": true, "module_name": "BC-FJA (Bouncy Castle FIPS Java API)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3513", "Certificate Number": "3513", "Vendor Name": "Microsoft Corporation", "Module Name": "Secure Kernel Code Integrity (skci.dll) in Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016", "Module Type": "Software", "Validation Date": "08/22/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3513.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3513", "detail_available": true, "module_name": "Secure Kernel Code Integrity (skci.dll) in Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with the module Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 under Cert. #3510 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Secure Kernel Code Integrity (SKCI) running in the Virtual Secure Mode (VSM) of the Hyper-V hypervisor will only grant execute access to physical pages in the kernel that have been successfully verified. Executable pages will not have write permission outside of Hyper-V. Therefore, only verified code can be executed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3512", "Certificate Number": "3512", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "ASTRO CDEM Motorola Advanced Crypto Engine (MACE)", "Module Type": "Hardware", "Validation Date": "08/21/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3512.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3512", "detail_available": true, "module_name": "ASTRO CDEM Motorola Advanced Crypto Engine (MACE)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode as specified in Security Policy Section 3", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The ASTRO CDEM MACE provides secure key management and data encryption for the Astro System." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3511", "Certificate Number": "3511", "Vendor Name": "Intel Corporation", "Module Name": "Optane™ SSD DC D4800X", "Module Type": "Hardware", "Validation Date": "08/12/201908/28/201912/06/201912/23/201903/20/202008/31/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3511.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3511", "detail_available": true, "module_name": "Optane™ SSD DC D4800X", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and the tamper evident seals installed as indicated in the security policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Intel® Optane™ SSD DC D4800X module is a PCIe dual-port Gen3 x 2 NVMe SSD with industry leading 3DXP delivering power-efficient performance with enterprise ready security and remote manageability capabilities.", "algorithms": [ "AES", "DRBG", "HMAC", "KDF" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3510", "Certificate Number": "3510", "Vendor Name": "Microsoft Corporation", "Module Name": "Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016", "Module Type": "Software", "Validation Date": "08/09/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3510.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3510", "detail_available": true, "module_name": "Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules BitLocker(R) Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 validated to FIPS 140-2 under Cert. #3502 operating in FIPS mode or BitLocker(R) Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 validated to FIPS 140-2 under Cert. #3501 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Code Integrity (ci.dll) verifies the integrity of executable files, including kernel mode drivers, critical system components, and user mode cryptographic modules as they are loaded into memory from the disk." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3509", "Certificate Number": "3509", "Vendor Name": "KIOXIA Corporation", "Module Name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX04S model) Type B1", "Module Type": "Hardware", "Validation Date": "08/09/201910/02/201909/13/202009/30/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3509.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3509", "detail_available": true, "module_name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX04S model) Type B1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive is used for solid state drive data security. This Cryptographic Module (CM) provides various cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, cryptographic erase, independently protected user data LBA bands, and FW download." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3508", "Certificate Number": "3508", "Vendor Name": "KIOXIA Corporation", "Module Name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX04S model) Type A1", "Module Type": "Hardware", "Validation Date": "08/09/201910/02/201909/16/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3508.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3508", "detail_available": true, "module_name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX04S model) Type A1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive is used for solid state drive data security. This Cryptographic Module (CM) provides various cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, cryptographic erase, independently protected user data LBA bands, and FW download." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3507", "Certificate Number": "3507", "Vendor Name": "Riverbed Technology, Inc.", "Module Name": "Riverbed XD Series Wi-Fi Products", "Module Type": "Hardware", "Validation Date": "08/08/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3507.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3507", "detail_available": true, "module_name": "Riverbed XD Series Wi-Fi Products", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in Sections 9 and 10 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Wireless LAN Access Points" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3506", "Certificate Number": "3506", "Vendor Name": "Dell EMC", "Module Name": "PowerMax NVMe and VMAX 12G SAS Module", "Module Type": "Hardware", "Validation Date": "08/08/201902/25/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3506.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3506", "detail_available": true, "module_name": "PowerMax NVMe and VMAX 12G SAS Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Dell EMC Data at Rest Encryption (DARE) provides hardware-based, on-array, encryption for storage systems, including VMAX and PowerMax. DARE protects against unauthorized access when drives are physically removed. Encryption (AES-XTS 256-bit) occurs in the I/O module, allowing support for all back end drive types. Dell EMC Efficient Encryption leverages the same hardware module as DARE. Host encrypted data (AES-XTS 256-bit) is decrypted using shared keys, for the sole purpose of allowing Data Reduction capabilities to be applied before data is securely stored on drive." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3505", "Certificate Number": "3505", "Vendor Name": "RSA", "Module Name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module", "Module Type": "Software", "Validation Date": "08/08/201903/02/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3505.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3505", "detail_available": true, "module_name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3504", "Certificate Number": "3504", "Vendor Name": "Asigra Inc.", "Module Name": "AsigraEncModule Encryption Library", "Module Type": "Software", "Validation Date": "08/08/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3504.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3504", "detail_available": true, "module_name": "AsigraEncModule Encryption Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The AsigraEncModule (\"Cryptographic Module\" or \"Module\") is a cryptographic library for C++ language users providing hash algorithms, AES symmetric encryption algorithms and random number generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3503", "Certificate Number": "3503", "Vendor Name": "KeyPair Consulting Inc.", "Module Name": "KeyPair FIPS Object Module for OpenSSL", "Module Type": "Software", "Validation Date": "08/01/201911/14/201907/10/202004/06/202104/27/202108/13/202103/09/202206/27/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3503.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3503", "detail_available": true, "module_name": "KeyPair FIPS Object Module for OpenSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3335.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The KeyPair FIPS Object Module for OpenSSL is a software library replacement for applications that use OpenSSL 1.0.2 and require FIPS 140-2 validated cryptography (including FIPS 186-4 RSA KeyGen). Please contact KeyPair Consulting to include your desired operating system as a Tested Configuration on a FIPS 140-2 certificate branded in your company's name.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3502", "Certificate Number": "3502", "Vendor Name": "Microsoft Corporation", "Module Name": "BitLocker® Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016", "Module Type": "Software", "Validation Date": "08/01/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3502.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3502", "detail_available": true, "module_name": "BitLocker® Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Boot Manager in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 validated to FIPS 140-2 under Cert. #3487 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The BitLocker® Windows OS Loader loads the boot-critical driver and OS kernel image files." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3501", "Certificate Number": "3501", "Vendor Name": "Microsoft Corporation", "Module Name": "BitLocker® Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016", "Module Type": "Software", "Validation Date": "08/01/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3501.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3501", "detail_available": true, "module_name": "BitLocker® Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Boot Manager in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 validated to FIPS 140-2 under Cert. #3487 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "BitLocker® Windows Resume is an operating system loader which loads the Windows OS kernel (ntoskrnl.exe) and other boot stage binary image files, as well as previous operating system state information, when Windows has been previously put into a sleep or hibernate power state." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3500", "Certificate Number": "3500", "Vendor Name": "Totemo AG", "Module Name": "totemo Cryptographic Module (TCM)", "Module Type": "Software", "Validation Date": "07/31/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3500.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3500", "detail_available": true, "module_name": "totemo Cryptographic Module (TCM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The totemo Cryptographic Module (TCM) supplies the cryptographic services required by the totemo Security Platform (TSP) and the totemo products which provides secure email, file transfer, and mobile messaging solutions. These solutions secure all types of communication without any infrastructure prerequisites.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3499", "Certificate Number": "3499", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks EX4600, QFX5100 and QFX5200 Ethernet Switches", "Module Type": "Hardware", "Validation Date": "07/30/201909/19/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3499.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3499", "detail_available": true, "module_name": "Juniper Networks EX4600, QFX5100 and QFX5200 Ethernet Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "QFX and EX Series switches provide the universal building blocks for multiple data center fabric architectures, including Junos Fusion, Virtual Chassis Fabric (VCF), Ethernet VPN (EVPN)-Virtual Extensible LAN (VXLAN), and IP Fabric. With throughput of up to 6 Tbps per slot, QFX Series switches provide sustained wire-speed switching with low latency and jitter for virtualized data center environments. Redundant fabrics, power, and cooling, combined with separate control and data planes, ensure maximum system availability", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3498", "Certificate Number": "3498", "Vendor Name": "Ciena® Corporation", "Module Name": "Ciena Waveserver Ai Encryption Module", "Module Type": "Hardware", "Validation Date": "07/24/201912/26/201902/21/202009/08/202012/13/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3498.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3498", "detail_available": true, "module_name": "Ciena Waveserver Ai Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 12 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Ciena Waveserver Ai, with WCS2 and Encryption cards, offers a Layer 1 AES-256-GCM encryption solution for 100GE clients supporting 100Gbs to 400Gb/s wirespeed encryption per line port for enterprises, datacenters and government deployments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3497", "Certificate Number": "3497", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "07/23/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3497.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3497", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3496", "Certificate Number": "3496", "Vendor Name": "Persistent Systems, LLC", "Module Name": "Embedded Module and Embedded Module Lite", "Module Type": "Hardware", "Validation Date": "07/19/201911/24/202008/30/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3496.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3496", "detail_available": true, "module_name": "Embedded Module and Embedded Module Lite", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 3.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Embedded Module, Embedded Module Lite, and Wave Relay® MANET provide wireless network connectivity between highly mobile users in a true peer-to­peer topology without requiring additional infrastructure. The Embedded Module and Embedded Module Lite are designed to be integrated into many types of systems, including UGVs, UAVs, and sensors." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3495", "Certificate Number": "3495", "Vendor Name": "Panzura, Inc.", "Module Name": "Panzura CloudFS™ FIPS Cryptographic Module", "Module Type": "Software", "Validation Date": "07/19/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3495.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3495", "detail_available": true, "module_name": "Panzura CloudFS™ FIPS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security relevant modification to Cert. #2398.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Cryptographic module for use with Panzura products.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3494", "Certificate Number": "3494", "Vendor Name": "Siemens Canada Ltd.", "Module Name": "RUGGEDCOM Ethernet Switches and RUGGEDCOM Serial Device Server", "Module Type": "Hardware", "Validation Date": "07/17/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3494.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3494", "detail_available": true, "module_name": "RUGGEDCOM Ethernet Switches and RUGGEDCOM Serial Device Server", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3. The tamper evident seals and baffles installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The RUGGEDCOM Ethernet Switches and RUGGEDCOM Serial Device Server are utility-grade, fully-managed Ethernet devices designed to operate reliably in electrically harsh and climatically demanding environments. The devices’ rugged hardware design, coupled with the embedded Rugged Operating System (ROS®) version 4.2.2.F, provides improved system reliability and advanced cybersecurity and networking features. This makes them ideally suited for creating secure Ethernet networks for mission-critical, real-time control applications.", "algorithms": [ "AES", "CVL", "DRBG", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3493", "Certificate Number": "3493", "Vendor Name": "LogRhythm", "Module Name": "LogRhythm FIPS Object Module for OpenSSL", "Module Type": "Software", "Validation Date": "07/17/201901/24/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3493.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3493", "detail_available": true, "module_name": "LogRhythm FIPS Object Module for OpenSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security-relevant modification to Cert. #2398.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The LogRhythm FIPS Object Module for OpenSSL is a general purpose cryptographic module. It is designed for ease of use with the popular OpenSSL cryptographic library and toolkit and is available for use without charge for a wide variety of platforms. The basic validation can also be extended quickly and affordably to accommodate new platforms and many types of modifications.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3492", "Certificate Number": "3492", "Vendor Name": "Infineon Technologies AG", "Module Name": "Trusted Platform Module 2.0 SLB 9670", "Module Type": "Hardware", "Validation Date": "07/16/201909/06/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3492.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3492", "detail_available": true, "module_name": "Trusted Platform Module 2.0 SLB 9670", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When initialized and configured as specified in Sections 8.1, 9 and 10 of the Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The TPM is a single chip module that provides computer manufacturers with the core components of a subsystem used to assure authenticity, integrity and confidentiality in e-commerce and internet communications within a Trusted Computing Platform. The TPM is a complete solution implementing the Trusted Platform Module Library Specification, Family \"2.0\", Level 00, Revision 01.38, September 2016 (ISO/IEC 11889:2015, Parts 1-4), Errata Version 1.4. See http://www.trustedcomputinggroup.org/ for further information on TCG and TPM.", "algorithms": [ "AES", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3491", "Certificate Number": "3491", "Vendor Name": "Oracle Communications", "Module Name": "Acme Packet VME", "Module Type": "Software", "Validation Date": "07/15/201912/09/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3491.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3491", "detail_available": true, "module_name": "Acme Packet VME", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Acme Packet VME appliance are specifically designed to meet the unique price performance and manageability requirements of the small to medium sized enterprise and remote office/ branch office. Ideal for small site border control and Session Initiation Protocol (SIP) trunking service termination applications, the Acme Packet VME appliance delivers Oracle’s industry leading ESBC capabilities in a small form factor appliance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3490", "Certificate Number": "3490", "Vendor Name": "Oracle Communications", "Module Name": "Acme Packet 1100 [1] and Acme Packet 3900 [2]", "Module Type": "Hardware", "Validation Date": "07/15/201912/18/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3490.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3490", "detail_available": true, "module_name": "Acme Packet 1100 [1] and Acme Packet 3900 [2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 9 and operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Acme Packet 1100 and Acme Packet 3900 appliances are specifically designed to meet the unique price performance and manageability requirements of the small to medium sized enterprise and remote office/ branch office. Ideal for small site border control and Session Initiation Protocol (SIP) trunking service termination applications, the Acme Packet 1100 and Acme Packet 3900 appliances delivers Oracle’s industry leading ESBC capabilities in a small form factor appliance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3489", "Certificate Number": "3489", "Vendor Name": "Oracle Communications", "Module Name": "Acme Packet 4600 [1] and Acme Packet 6300 [2] and Acme Packet 6350 [3]", "Module Type": "Hardware", "Validation Date": "07/15/201912/18/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3489.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3489", "detail_available": true, "module_name": "Acme Packet 4600 [1] and Acme Packet 6300 [2] and Acme Packet 6350 [3]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 9 and operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Acme Packet 4600, 6300 and 6350 appliances is specifically designed to meet the unique price performance and manageability requirements of the small to medium sized enterprise and remote office/ branch office. Ideal for small site border control and Session Initiation Protocol (SIP) trunking service termination applications, the Acme Packet 4600, 6300 and 6350 appliances delivers Oracle’s industry leading ESBC capabilities in a small form factor appliance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3488", "Certificate Number": "3488", "Vendor Name": "ColorTokens", "Module Name": "ColorTokens OpenSSL FIPS Object Module", "Module Type": "Software", "Validation Date": "07/15/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3488.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3488", "detail_available": true, "module_name": "ColorTokens OpenSSL FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy and operated in FIPS mode. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security relevant modification to Cert. #2398", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Module is a software cryptographic module that is built from the OpenSSL. The module is a software library that provides C-language application program interface (API) for use by other processes that require cryptographic functionality to various modules of the ColorTokens application.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3487", "Certificate Number": "3487", "Vendor Name": "Microsoft Corporation", "Module Name": "Boot Manager in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016", "Module Type": "Software", "Validation Date": "07/11/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3487.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3487", "detail_available": true, "module_name": "Boot Manager in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Windows system boot manager is called by the bootstrapping code that resides in the boot sector. It checks its own integrity, checks the integrity of the Windows OS Loader, and then launches it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3486", "Certificate Number": "3486", "Vendor Name": "Utimaco Inc.", "Module Name": "Enterprise Secure Key Manager", "Module Type": "Hardware", "Validation Date": "07/10/201904/22/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3486.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3486", "detail_available": true, "module_name": "Enterprise Secure Key Manager", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Utimaco Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3485", "Certificate Number": "3485", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba AP-214, AP-215, AP-224, AP-225, AP-228, AP-274, AP-275, AP-277, AP-324, and AP-325 Wireless Access Points", "Module Type": "Hardware", "Validation Date": "07/09/201903/11/202004/09/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3485.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3485", "detail_available": true, "module_name": "Aruba AP-214, AP-215, AP-224, AP-225, AP-228, AP-274, AP-275, AP-277, AP-324, and AP-325 Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 13 of the Security Policy. The tamper evident labels installed as indicated in the security policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's 802.11ac Wi-Fi access points operate at gigabit speeds, offering extreme performance for mobile devices. In FIPS 140-2 mode, Aruba APs in conjunction with a Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also support wireless intrusion detection/prevention services and wireless mesh topologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3484", "Certificate Number": "3484", "Vendor Name": "Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)", "Module Name": "CN9000 Series Encryptors", "Module Type": "Hardware", "Validation Date": "07/09/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3484.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3484", "detail_available": true, "module_name": "CN9000 Series Encryptors", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and installed, activated, and configured per Security Policy section 8.3", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The CN9000 Series are high-speed hardware encryption platforms that secure data over optical Ethernet networks. The models included are the CN9100 and CN9120 100G Ethernet Encryptors, operating at line rates of 100Gb/s with pluggable transceivers to support a variety of optical network interfaces. Data privacy is provided by FIPS approved AES CTR algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3483", "Certificate Number": "3483", "Vendor Name": "Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)", "Module Name": "CN6000 Series Encryptors", "Module Type": "Hardware", "Validation Date": "07/09/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3483.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3483", "detail_available": true, "module_name": "CN6000 Series Encryptors", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and installed, activated, and configured per Security Policy section 8.3", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The CN6000 Series are high-speed hardware encryption platforms that secure data over optical and twisted-pair Ethernet and Fibre Channel networks. Models included are the CN6100 10G Ethernet; operating at a line rate of 10Gb/s and the CN6040 Ethernet and FC selectable model, operating at data rates up to 4Gb/s. Data privacy is provided by FIPS approved AES CFB and CTR algorithms. GCM is also available for applications that demand authentication. TRANSEC (aka Traffic Flow Security or TFS) can be used to remove patterns in network traffic and prevent traffic analysis." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3482", "Certificate Number": "3482", "Vendor Name": "Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet) and ID Quantique SA", "Module Name": "CN8000 Multi-slot Encryptor", "Module Type": "Hardware", "Validation Date": "07/09/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3482.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3482", "detail_available": true, "module_name": "CN8000 Multi-slot Encryptor", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and installed, activated, and configured per Security Policy section 8.3", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The CN8000 is a high-speed multi-slot hardware encryption platform that secures data over optical Ethernet and Fibre Channel networks. The CN8000 supports up to 10 high speed encryption slots. Each slot can be configured by the user to support 1-10Gb/s Ethernet or 1-4Gb/s Fibre Channel. The CN8000 module contains removable SFP+ transceivers to provide flexibility in connecting to the physical network. Data privacy is provided by FIPS approved AES CFB and CTR algorithms. GCM is also available for applications that demand authentication." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3481", "Certificate Number": "3481", "Vendor Name": "Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)", "Module Name": "CN Series Ethernet Encryptors", "Module Type": "Hardware", "Validation Date": "07/09/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3481.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3481", "detail_available": true, "module_name": "CN Series Ethernet Encryptors", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and installed, activated, and configured per Security Policy section 8.3", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The CN4010, CN4020, CN6010 and CN6140 are high-speed hardware encryption platforms that secure data over twisted-pair and optical Ethernet networks. The modules support line rates from 10Mb/s to 10Gb/s. The CN4020, CN6010 and CN6140 are equipped with pluggable transceivers to support a variety of optical network interfaces. Data privacy is provided by FIPS approved AES algorithms in CFB, CTR and GCM modes. Additional transmission security is provided via TRANSEC (Traffic Flow Security) which can be used to remove patterns in network traffic and prevent traffic analysis attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3480", "Certificate Number": "3480", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows OS Loader", "Module Type": "Software", "Validation Date": "06/28/201907/26/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3480.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3480", "detail_available": true, "module_name": "Windows OS Loader", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Boot Manager validated to FIPS 140-2 under Cert. #3089 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The BitLocker® Windows OS Loader loads the boot-critical driver and OS kernel image files." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3479", "Certificate Number": "3479", "Vendor Name": "Palo Alto Networks", "Module Name": "Palo Alto Networks VM-Series", "Module Type": "Software", "Validation Date": "06/27/201902/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3479.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3479", "detail_available": true, "module_name": "Palo Alto Networks VM-Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Palo Alto Networks VM-Series allows you to protect your applications and data from cyber threats with our next-generation firewall security, and advanced threat prevention features." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3478", "Certificate Number": "3478", "Vendor Name": "Palo Alto Networks", "Module Name": "WildFire WF-500", "Module Type": "Hardware", "Validation Date": "06/27/201902/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3478.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3478", "detail_available": true, "module_name": "WildFire WF-500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "WildFire WF-500 identifies unknown malware, zero-day exploits, and Advanced Persistent Threats (APTs) through dynamic analysis, and automatically disseminates protection in near real-time to help security teams meet the challenge of advanced cyber-attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3477", "Certificate Number": "3477", "Vendor Name": "NetLib Security, Inc.", "Module Name": "NetLib® Encryptionizer® Platform (NEP)", "Module Type": "Software", "Validation Date": "06/25/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3477.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3477", "detail_available": true, "module_name": "NetLib® Encryptionizer® Platform (NEP)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The NetLib® Encryptionizer® Platform Library (NEP) version 2018.1.1.0 provides encryption of data stored in server-based and desktop-based databases and files, including MS SQL Server databases and backups. It can be deployed without programming and without adding any administrative overhead. The purpose of whole database encryption is to make a database or file unusable if it is stolen, copied, downloaded, lost, or otherwise improperly accessed. It supports both 32-bit and 64-bit applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3476", "Certificate Number": "3476", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba AP-204, AP-205 and AP-205H Wireless Access Points", "Module Type": "Hardware", "Validation Date": "06/24/201903/11/202004/19/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3476.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3476", "detail_available": true, "module_name": "Aruba AP-204, AP-205 and AP-205H Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 13 of the Security Policy. The tamper evident labels installed as indicated in the security policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's 802.11ac Wi-Fi access points operate at gigabit speeds, offering extreme performance for mobile devices. In FIPS 140-2 mode, the AP 204, 205 and 205H support encrypted management and WPA2 tunneled pass through to Aruba Mobility Controllers. Aruba APs also support wireless intrusion detection/prevention services and wireless mesh topologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3474", "Certificate Number": "3474", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "06/12/201905/06/202005/28/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3474.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3474", "detail_available": true, "module_name": "Oracle Linux OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Oracle Linux is a set of cryptographic libraries, services, and user level cryptographic applications that are validated at FIPS 140-2 level 1, providing a secure foundation for vendor use in developing dependent services, applications, and even purpose built appliances that may be FIPS 140-2 validated." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3473", "Certificate Number": "3473", "Vendor Name": "Nutanix, Inc.", "Module Name": "Nutanix Cryptographic Module for OpenSSH Server", "Module Type": "Software", "Validation Date": "06/12/201907/13/202007/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3473.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3473", "detail_available": true, "module_name": "Nutanix Cryptographic Module for OpenSSH Server", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Nutanix Cryptographic Module for OpenSSL validated to FIPS 140-2 under Cert. #3460 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Nutanix Cryptographic Module for OpenSSH Server provides server-side support for SSH version 2. This cryptographic module functions together with the Nutanix Cryptographic Module for OpenSSL to provide FIPS validated cryptography for SSH connections.", "algorithms": [ "AES", "CVL", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3472", "Certificate Number": "3472", "Vendor Name": "Nutanix, Inc.", "Module Name": "Nutanix Cryptographic Module for OpenSSH Client", "Module Type": "Software", "Validation Date": "06/12/201907/10/202007/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3472.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3472", "detail_available": true, "module_name": "Nutanix Cryptographic Module for OpenSSH Client", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Nutanix Cryptographic Module for OpenSSL validated to FIPS 140-2 under Cert. #3460 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Nutanix Cryptographic Module for OpenSSH Client provides client-side support for SSH version 2. This cryptographic module functions together with the Nutanix Cryptographic Module for OpenSSL to provide FIPS validated cryptography for SSH connections.", "algorithms": [ "AES", "CVL", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3471", "Certificate Number": "3471", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung SAS 12G TCG Enterprise SSC SEDs PM1643 Series", "Module Type": "Hardware", "Validation Date": "06/10/201908/27/201906/07/202209/14/202305/29/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3471.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3471", "detail_available": true, "module_name": "Samsung SAS 12G TCG Enterprise SSC SEDs PM1643 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Rules Section of the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Samsung SAS 12G TCG Enterprise SSC SEDs PM1643 Series are a high-performance Self-Encrypting SSDs supporting SAS 12G Interface that provides on-the-fly encryption/decryption of user data without performance loss. It implements AES256-XTS for user data encryption, RSA PSS-2048 for FW authentication, and Hash_DRBG for key generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3469", "Certificate Number": "3469", "Vendor Name": "Microsoft Corporation", "Module Name": "Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub", "Module Type": "Software", "Validation Date": "06/07/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3469.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3469", "detail_available": true, "module_name": "Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules BitLocker(R) Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub validated to FIPS 140-2 under Cert. #3451 operating in FIPS mode or BitLocker(R) Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise validated to FIPS 140-2 under Cert. #3464 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Code Integrity (ci.dll) verifies the integrity of executable files, including kernel mode drivers, critical system components, and user mode cryptographic modules as they are loaded into memory from the disk." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3468", "Certificate Number": "3468", "Vendor Name": "Infinidat, Ltd.", "Module Name": "Infinidat Cryptographic Module", "Module Type": "Firmware-Hybrid", "Validation Date": "06/04/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3468.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3468", "detail_available": true, "module_name": "Infinidat Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The Infinidat Cryptographic Module is a set of cryptographic libraries that perform key management, encryption state management, and secure management functionality via TLS for the INFINIDAT B-Series and F-Series appliances.", "algorithms": [ "AES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3467", "Certificate Number": "3467", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "06/04/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3467.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3467", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3466", "Certificate Number": "3466", "Vendor Name": "Gemalto, a Thales Company", "Module Name": "Gemalto FIPS Object Module", "Module Type": "Software", "Validation Date": "06/03/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3466.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3466", "detail_available": true, "module_name": "Gemalto FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Gemalto FIPS Object Module is a hardened version of the general purpose OpenSSL FIPS Object module designed to provide FIPS 140-2 validated cryptographic functionality." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3465", "Certificate Number": "3465", "Vendor Name": "Chunghwa Telecom Co., Ltd.", "Module Name": "HiCOS PKI Applet v2.0 on IDEMIA ID-One Cosmo v8.1-R2", "Module Type": "Hardware", "Validation Date": "05/29/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3465.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3465", "detail_available": true, "module_name": "HiCOS PKI Applet v2.0 on IDEMIA ID-One Cosmo v8.1-R2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "With module ID-One PIV on Cosmo V8.1 validated to FIPS 140-2 under Cert. #2986 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The HiCOS PKI Applet is a Javacard applet that provides security for stored user data and credentials and an easy to use interface to PKI services (e.g., for strong authentication, encryption and digital signatures).", "algorithms": [ "DRBG" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3464", "Certificate Number": "3464", "Vendor Name": "Microsoft Corporation", "Module Name": "BitLocker® Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise", "Module Type": "Software", "Validation Date": "05/28/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3464.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3464", "detail_available": true, "module_name": "BitLocker® Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Boot Manager in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub validated to FIPS 140-2 under Cert. #3447 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "BitLocker® Windows Resume is an operating system loader which loads the Windows OS kernel (ntoskrnl.exe) and other boot stage binary image files, as well as previous operating system state information, when Windows has been previously put into a sleep or hibernate power state." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3463", "Certificate Number": "3463", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "05/28/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3463.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3463", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3461", "Certificate Number": "3461", "Vendor Name": "Ruckus Wireless, Inc.", "Module Name": "Ruckus Wireless, Inc. SmartZone 104 (SZ-104), SmartZone 124 (SZ-124) and SmartZone 300 (SZ-300) WLAN Controllers", "Module Type": "Hardware", "Validation Date": "05/28/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3461.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3461", "detail_available": true, "module_name": "Ruckus Wireless, Inc. SmartZone 104 (SZ-104), SmartZone 124 (SZ-124) and SmartZone 300 (SZ-300) WLAN Controllers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Ruckus Wi-Fi, switching and software portfolio builds on more than a decade's worth of patented technologies to offer better connections that enable awesome customer experiences-at a fraction of the cost of alternatives. Our indoor and outdoor wireless access points fit just about any budget, performance requirement or deployment scenario.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3460", "Certificate Number": "3460", "Vendor Name": "Nutanix, Inc.", "Module Name": "Nutanix Cryptographic Module for OpenSSL", "Module Type": "Software", "Validation Date": "05/21/201907/10/202008/11/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3460.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3460", "detail_available": true, "module_name": "Nutanix Cryptographic Module for OpenSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 3 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Nutanix Cryptographic Library for OpenSSL is a comprehensive suite of FIPS Approved algorithms used for TLS, SSH, and other cryptographic functions.", "algorithms": [ "AES", "DES", "DSA", "ECDSA", "KDF", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3459", "Certificate Number": "3459", "Vendor Name": "Thales", "Module Name": "Ezio PKI Card", "Module Type": "Hardware", "Validation Date": "05/21/201905/17/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3459.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3459", "detail_available": true, "module_name": "Ezio PKI Card", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the TOPDLv2.1 Platform", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Ezio PKI Card is a Minidriver enabled PKI smartcard, working seamlessly with any Microsoft® environment (without any additional middleware), and offering all the necessary services (with either RSA or Elliptic curves algorithms) to secure an IT Security and ID access infrastructure. This version has been specifically designed to work with Ezio Pin pad reader to secure the PIN entry in eBanking environment.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "KDF", "KTS", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3458", "Certificate Number": "3458", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Aironet 1562 e/i/d/ps, 2802 e/i and 3802 e/i/p Wireless LAN Access Points", "Module Type": "Hardware", "Validation Date": "05/10/201903/24/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3458.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3458", "detail_available": true, "module_name": "Cisco Aironet 1562 e/i/d/ps, 2802 e/i and 3802 e/i/p Wireless LAN Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3. This module contains the embedded module 'ACT2Lite Cryptographic Module' validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Cisco Aironet Series Wireless Access Points provide highly secure and reliable wireless connections for both indoor and outdoor environments.", "algorithms": [ "AES", "CVL", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3457", "Certificate Number": "3457", "Vendor Name": "NETSCOUT Systems, Inc.", "Module Name": "NETSCOUT FIPS Object Module", "Module Type": "Software", "Validation Date": "05/09/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3457.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3457", "detail_available": true, "module_name": "NETSCOUT FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. This validation entry is a non-security-relevant modification to Cert. #1747", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "This cryptographic library provides FIPS Approved cryptographic services to the NETSCOUT family of products.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3456", "Certificate Number": "3456", "Vendor Name": "Cambium Networks, Ltd.", "Module Name": "PTP 700 Point to Point Wireless Ethernet Bridge", "Module Type": "Hardware", "Validation Date": "05/09/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3456.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3456", "detail_available": true, "module_name": "PTP 700 Point to Point Wireless Ethernet Bridge", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The PTP 700 is deployed to create a point-to-point wireless bridge joining two Ethernet networks, or a point-to-multipoint wireless bridge joining between two and nine Ethernet networks. The Module operates in licensed, lightly-licensed, and unlicensed frequency bands between 4400 MHz and 5875 MHz, in channel bandwidths up to 45 MHz, providing aggregate data rates up to 450 Mbit/s. The Module transmits and receives Ethernet frames as plaintext, and transmits and receives encrypted wireless signals. Variants of the module differ in physical format, regulatory compliance, capacity and color." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3455", "Certificate Number": "3455", "Vendor Name": "Extreme Networks, Inc.", "Module Name": "Extreme VDX 6740, VDX 6740T, VDX 6940 and VDX 8770 Switches", "Module Type": "Hardware", "Validation Date": "05/07/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3455.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3455", "detail_available": true, "module_name": "Extreme VDX 6740, VDX 6740T, VDX 6940 and VDX 8770 Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode; When installed, initialized and configured as specified in Section 9 of the Security Policy as per IG G.13", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Extreme VDX 6740 and VDX 6740T are Top of Rack (ToR) 1/10/40 GbE, low-latency switch for virtualized and cloud environments. Delivers exceptional application performance. Extreme VDX 6940 are Enterprise-class 10/40/100GbE fixed-form switches features ease of management and high performance in a small footprint to scale out your virtualized and/or cloud network. Extreme VDX 8770 are Carrier-grade 1/10/40/100 GbE switch that meets demands for operational scalability and simplified management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3454", "Certificate Number": "3454", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper CryptoCore Cryptographic Module", "Module Type": "Software", "Validation Date": "05/07/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3454.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3454", "detail_available": true, "module_name": "Juniper CryptoCore Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The cryptographic module provides FIPS 140-2 compliant cryptographic functionality for Juniper Networks security products such as JATP.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3453", "Certificate Number": "3453", "Vendor Name": "Unbound Tech", "Module Name": "Unbound Tech EKM Cryptographic Module", "Module Type": "Software", "Validation Date": "05/07/201904/24/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3453.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3453", "detail_available": true, "module_name": "Unbound Tech EKM Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with two additional Unbound Tech EKM Cryptographic Modules with each EKM Cryptographic Module running in Entry mode, Pair mode, and Auxiliary mode as specified in Section 3.1 of the Security Policy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Unbound's Enterprise Key Management (EKM) lets you manage and control keys working with any application. This pure-software solution is easy to deploy and maintain, while giving you unmatched levels of security and control for your crypto keys in the cloud. Based on Unbound vHSM technology, the keys are guaranteed to never appear in the clear, not even when generated or while at use - ensuring your most sensitive keys are kept private at all times." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3452", "Certificate Number": "3452", "Vendor Name": "Radiant Logic Inc.", "Module Name": "Radiant Logic Cryptographic Module for Java", "Module Type": "Software", "Validation Date": "05/07/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3452.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3452", "detail_available": true, "module_name": "Radiant Logic Cryptographic Module for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3080.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Radiant Logic Cryptographic Module for Java is a standards-based cryptographic engine for native Java environments. The module delivers core cryptographic functions to server platforms and features robust algorithm support, including Suite B algorithms. Radiant Logic Cryptographic Module for Java offloads secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation. .", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3451", "Certificate Number": "3451", "Vendor Name": "Microsoft Corporation", "Module Name": "BitLocker® Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub", "Module Type": "Software", "Validation Date": "05/06/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3451.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3451", "detail_available": true, "module_name": "BitLocker® Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Boot Manager in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub validated to FIPS 140-2 under Cert. #3447 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The BitLocker® Windows OS Loader loads the boot-critical driver and OS kernel image files." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3450", "Certificate Number": "3450", "Vendor Name": "F5 Networks", "Module Name": "F5® Device Cryptographic Module", "Module Type": "Hardware", "Validation Date": "05/02/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3450.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3450", "detail_available": true, "module_name": "F5® Device Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS Mode and configured as specified in the section 8 of the Security Policy with tamper evident labels contained in F5-ADD-BIG-FIPS140 kit and installed as indicated in the Security Policy section 4.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "F5® Device Cryptographic Module, Application Delivery Controller and Firewall software running on F5 BIG-IP and VIPRION hardware." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3449", "Certificate Number": "3449", "Vendor Name": "SAP SE", "Module Name": "SAP CommonCryptoLib Crypto Kernel", "Module Type": "Software", "Validation Date": "05/02/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3449.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3449", "detail_available": true, "module_name": "SAP CommonCryptoLib Crypto Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SAP CommonCryptoLib Crypto Kernel v8.4.47.0 is a shared library, i.e. it consists of software only. SAP CommonCryptoLib Crypto Kernel provides an API in terms of C++ methods for key management and operation of cryptographic functions.", "algorithms": [ "DES", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3448", "Certificate Number": "3448", "Vendor Name": "Honeywell International, Inc", "Module Name": "Honeywell Mobility Edge™ BoringCrypto", "Module Type": "Software", "Validation Date": "04/30/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3448.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3448", "detail_available": true, "module_name": "Honeywell Mobility Edge™ BoringCrypto", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security relevant modification to Cert. #2964.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Honeywell Mobility Edge™ BoringCrypto cryptographic module is a library that provides FIPS 140-2 approved cryptographic algorithms for the BoringSSL and other user-space Android applications which require cryptographic functionality.The physical cryptographic boundary is Honeywell computer on which this module is installed.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3447", "Certificate Number": "3447", "Vendor Name": "Microsoft Corporation", "Module Name": "Boot Manager in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub", "Module Type": "Software", "Validation Date": "04/29/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3447.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3447", "detail_available": true, "module_name": "Boot Manager in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Windows system boot manager is called by the bootstrapping code that resides in the boot sector. It checks its own integrity, checks the integrity of the Windows OS Loader, and then launches it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3446", "Certificate Number": "3446", "Vendor Name": "Christie Digital Systems Canada Inc.", "Module Name": "Christie IMB-S3 4K Integrated Media Block (IMB)", "Module Type": "Hardware", "Validation Date": "04/29/201911/30/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3446.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3446", "detail_available": true, "module_name": "Christie IMB-S3 4K Integrated Media Block (IMB)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Christie IMB-S3 is a DCI-compliant solution to enable the playback of the video, audio and timed text essence on a Christie digital cinema projector with the CineLife architecture. The IMB-S3 permits the playback of alternative content and High Frame Rate (HFR) material." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3445", "Certificate Number": "3445", "Vendor Name": "Silver Spring Networks, Inc.", "Module Name": "Endpoint Security Module", "Module Type": "Hardware", "Validation Date": "04/29/201906/04/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3445.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3445", "detail_available": true, "module_name": "Endpoint Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Silver Spring Networks Endpoint Security Module provides acceleration and off-load of standard cryptographic algorithms and secure network protocols, key storage and generation, bootloader and firmware verification, and encrypted data storage. It is included in the SoC designed for SSN's Gen5 endpoint and infrastructure products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3444", "Certificate Number": "3444", "Vendor Name": "GDC Technology Limited", "Module Name": "Standalone IMB", "Module Type": "Hardware", "Validation Date": "04/26/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3444.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3444", "detail_available": true, "module_name": "Standalone IMB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "A digital cinema standalone integrated media block that is compliant with DCI specifications and SMPTE digital cinema standards. The supported features include JPEG2000 decoding, AES decryption, key management and logging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3443", "Certificate Number": "3443", "Vendor Name": "Thales eSecurity", "Module Name": "Vormetric Data Security Manager Virtual Appliance Module", "Module Type": "Software", "Validation Date": "04/26/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3443.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3443", "detail_available": true, "module_name": "Vormetric Data Security Manager Virtual Appliance Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The protocol SSH shall not be used when operated in FIPS mode.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Vormetric Data Security Virtual Appliance Module is a multi-chip standalone cryptographic module. The Vormetric Data Security Virtual Appliance Module is the central point of management for the Vormetric Data Security product. It manages keys and policies, and controls Vormetric Transparent Encryption Agents. These agents contain the Vormetric Encryption Expert Cryptographic Module, which has been validated separately from this module." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3442", "Certificate Number": "3442", "Vendor Name": "Thales eSecurity", "Module Name": "Vormetric Data Security Manager Module", "Module Type": "Hardware", "Validation Date": "04/26/201906/06/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3442.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3442", "detail_available": true, "module_name": "Vormetric Data Security Manager Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When Operated in FIPS mode. The protocol SSH shall not be used when operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Vormetric Data Security Server is a multi-chip standalone cryptographic module. The Vormetric Data Security Server is the central point of management for the Vormetric Data Security product. It manages keys and policies, and controls Vormetric Transparent Encryption Agents. These agents contain the Vormetric Encryption Expert Cryptographic Module, which has been validated separately from this module." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3441", "Certificate Number": "3441", "Vendor Name": "Taisys Technologies Co., Ltd.", "Module Name": "TAISYS JUISE-S2", "Module Type": "Hardware", "Validation Date": "04/26/201905/08/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3441.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3441", "detail_available": true, "module_name": "TAISYS JUISE-S2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The TAISYS JUISE-S2 is a module available in contact/contactless form factors that provides security services targeted at mobile devices in a single Integrated Circuit Chip specifically designed for the security of data. Once inside the phone the module becomes an independent secure element to deploy to customers, as government and enterprise, and may download the applications in the card for digital certificate, fintech, cryptography for blockchain applications, cold wallet for cryptocurrency, or health markets." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3440", "Certificate Number": "3440", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "04/25/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3440.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3440", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3439", "Certificate Number": "3439", "Vendor Name": "F5 Networks", "Module Name": "F5® vCMP Cryptographic Module", "Module Type": "Firmware", "Validation Date": "04/23/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3439.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3439", "detail_available": true, "module_name": "F5® vCMP Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, configured on the platforms listed on the certificate with tamper evident labels (P/N: F5-ADD-BIG-FIPS140) installed as indicated in section 8 of the Security Policy", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "F5® vCMP Cryptographic Module, Application Delivery Controller and Firewall software running on VIPRION hardware." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3438", "Certificate Number": "3438", "Vendor Name": "Apple Inc.", "Module Name": "Apple CoreCrypto Kernel Module v9.0 for ARM", "Module Type": "Software", "Validation Date": "04/23/201903/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3438.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3438", "detail_available": true, "module_name": "Apple CoreCrypto Kernel Module v9.0 for ARM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Apple CoreCrypto Kernel Module v9.0 for ARM is a software cryptographic module running on a multi-chip standalone hardware device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3437", "Certificate Number": "3437", "Vendor Name": "Microsoft Corporation", "Module Name": "Code Integrity (ci.dll) in Windows 10 Enterprise LTSB", "Module Type": "Software", "Validation Date": "04/23/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3437.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3437", "detail_available": true, "module_name": "Code Integrity (ci.dll) in Windows 10 Enterprise LTSB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules BitLocker(R) Windows OS Loader (winload) in Windows 10 Enterprise LTSB validated to FIPS 140-2 under Cert. #3427 operating in FIPS mode or BitLocker(R) Windows Resume (winresume) in Windows 10 Enterprise LTSB validated to FIPS 140-2 under Cert. #3426", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Code Integrity (ci.dll) verifies the integrity of executable files, including kernel mode drivers, critical system components, and user mode cryptographic modules as they are loaded into memory from the disk." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3436", "Certificate Number": "3436", "Vendor Name": "Broadcom Ltd.", "Module Name": "BCM58200 Series: BCM58201, BCM58202", "Module Type": "Hardware", "Validation Date": "04/19/201905/31/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3436.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3436", "detail_available": true, "module_name": "BCM58200 Series: BCM58201, BCM58202", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Highly integrated, low power, security processor with rich peripheral connection options." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3435", "Certificate Number": "3435", "Vendor Name": "VMware, Inc.", "Module Name": "VMware's IKE Crypto Module", "Module Type": "Software", "Validation Date": "04/19/201902/21/202006/15/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3435.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3435", "detail_available": true, "module_name": "VMware's IKE Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When entropy is externally loaded, no assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The VMware's IKE Crypto Module v1.1.0 is a general-purpose cryptographic module that provides FIPS-Approved cryptographic functions and services to various VMware's products and components.", "algorithms": [ "AES", "DSA", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3434", "Certificate Number": "3434", "Vendor Name": "Qualcomm Technologies, Inc.", "Module Name": "Qualcomm® Crypto Engine Core", "Module Type": "Hardware", "Validation Date": "04/15/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3434.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3434", "detail_available": true, "module_name": "Qualcomm® Crypto Engine Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Qualcomm Crypto Engine Core is a general purpose cryptographic hardware engine capable of securely processing various confidentiality and integrity algorithms across multiple execution environments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3433", "Certificate Number": "3433", "Vendor Name": "Apple Inc.", "Module Name": "Apple CoreCrypto Module v9.0 for ARM", "Module Type": "Software", "Validation Date": "04/11/201903/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3433.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3433", "detail_available": true, "module_name": "Apple CoreCrypto Module v9.0 for ARM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Apple CoreCrypto Module v9.0 for ARM is a software cryptographic module running on a multi-chip standalone hardware device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3432", "Certificate Number": "3432", "Vendor Name": "Allegro Software Development Corporation", "Module Name": "Allegro Cryptographic Engine", "Module Type": "Software", "Validation Date": "04/11/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3432.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3432", "detail_available": true, "module_name": "Allegro Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Allegro’s suite of Embedded Device Security toolkits makes embedding standards-based security protocols into resource sensitive embedded systems and consumer electronics fast, easy and reliable. The Allegro Cryptographic Engine (ACE) is a cryptographic library module specifically engineered for embedded devices. The module provides embedded systems developers with an easily understood software interface to enable bulk encryption and decryption, message digests, digital signature creation and validation and key generation and exchange. For full details see www.allegrosoft.com/ace.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3431", "Certificate Number": "3431", "Vendor Name": "Apple Inc.", "Module Name": "Apple CoreCrypto Kernel Module v9.0 for Intel", "Module Type": "Software", "Validation Date": "04/04/201904/12/201903/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3431.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3431", "detail_available": true, "module_name": "Apple CoreCrypto Kernel Module v9.0 for Intel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Apple CoreCrypto Kernel Module v9.0 for Intel is a software cryptographic module running on a multi-chip standalone hardware device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3430", "Certificate Number": "3430", "Vendor Name": "Securosys SA", "Module Name": "Primus HSM", "Module Type": "Hardware", "Validation Date": "04/04/201912/23/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3430.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3430", "detail_available": true, "module_name": "Primus HSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode as specified in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Securosys' Primus series of hardware security modules (HSM) provide high performance cryptographic operations, creation, storage, and controlled access to encryption keys and certificates in an always active tamper protected appliance. Applications include digital signatures for financial transactions, secure messaging and email, blockchain, crypto currency and crypto asset storage, PKI, elDAS, database and cloud encryption, GDPR, SSL / TLS, and e-government.", "algorithms": [ "AES", "DES", "DRBG", "ECDH", "ECDSA", "HMAC", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3429", "Certificate Number": "3429", "Vendor Name": "Arista Networks Inc.", "Module Name": "EOS MACsec Alpha Hybrid Module", "Module Type": "Firmware-Hybrid", "Validation Date": "04/04/201904/09/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3429.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3429", "detail_available": true, "module_name": "EOS MACsec Alpha Hybrid Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Section 8.1 of the Security Policy", "module_type": "Firmware-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "Arista’s crypto library is a comprehensive suite of FIPS Approved algorithms. Many key sizes and modes have been implemented to allow flexibility and efficiency.", "algorithms": [ "AES", "DES", "HMAC" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3428", "Certificate Number": "3428", "Vendor Name": "Alcatel-Lucent Enterprise", "Module Name": "OmniSwitch AOS 8.3.1.R01", "Module Type": "Hardware", "Validation Date": "04/03/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3428.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3428", "detail_available": true, "module_name": "OmniSwitch AOS 8.3.1.R01", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Sections 3.1 and 3.2 of the Security Policy and with the tamper-evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Alcatel-Lucent Enterprise OmniSwitch series of switches are rugged and high bandwidth switches running on the widely-deployed and field-proven Alcatel-Lucent Operating System (AOS). These switches are ideal for industrial and mission-critical applications that require wider operating temperature ranges, more stringent EMC/EMI requirements, and an optimized feature set for high security, reliability, performance, and easy management.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3427", "Certificate Number": "3427", "Vendor Name": "Microsoft Corporation", "Module Name": "BitLocker® Windows OS Loader (winload) in Windows 10 Enterprise LTSB", "Module Type": "Software", "Validation Date": "04/01/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3427.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3427", "detail_available": true, "module_name": "BitLocker® Windows OS Loader (winload) in Windows 10 Enterprise LTSB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Boot Manager in Windows 10 Enterprise LTSB validated to FIPS 140-2 under Cert. #3415 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The BitLocker® Windows OS Loader loads the boot-critical driver and OS kernel image files." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3426", "Certificate Number": "3426", "Vendor Name": "Microsoft Corporation", "Module Name": "BitLocker® Windows Resume (winresume) in Windows 10 Enterprise LTSB", "Module Type": "Software", "Validation Date": "04/01/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3426.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3426", "detail_available": true, "module_name": "BitLocker® Windows Resume (winresume) in Windows 10 Enterprise LTSB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Boot Manager in Windows 10 Enterprise LTSB validated to FIPS 140-2 under Cert. #3415 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "BitLocker® Windows Resume is an operating system loader which loads the Windows OS kernel (ntoskrnl.exe) and other boot stage binary image files, as well as previous operating system state information, when Windows has been previously put into a sleep or hibernate power state." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3425", "Certificate Number": "3425", "Vendor Name": "Symantec & CA Technologies, a division of Broadcom", "Module Name": "Management Center", "Module Type": "Hardware", "Validation Date": "04/01/201903/22/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3425.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3425", "detail_available": true, "module_name": "Management Center", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 3.2 of the Security Policy with the tamper evident seals and the opacity baffle installed as indicated in Section 3.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Symantec Management Center is a powerful, unified management platform that gives you centralized visibility over Symantec’s product portfolio. With a single pane of glass, you can see your Symantec deployments, including ProxySG, SSL Visibility Appliance, Content Analysis, Malware Analysis, and PacketShaper. You can also scale deployments and apply powerful proxy policies throughout your environment that address your specific needs and ensure the consistent application of web security and governance.", "algorithms": [ "AES", "CVL", "DRBG", "ECDH", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3424", "Certificate Number": "3424", "Vendor Name": "Symantec & CA Technologies, a division of Broadcom", "Module Name": "Management Center Virtual Appliance", "Module Type": "Software", "Validation Date": "04/01/201903/22/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3424.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3424", "detail_available": true, "module_name": "Management Center Virtual Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 3.1 of the Security Policy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Symantec Management Center is a powerful, unified management platform that gives you centralized visibility over Symantec’s product portfolio. With a single pane of glass, you can see your Symantec deployments, including ProxySG, SSL Visibility Appliance, Content Analysis, Malware Analysis, and PacketShaper. You can also scale deployments and apply powerful proxy policies throughout your environment that address your specific needs and ensure the consistent application of web security and governance.", "algorithms": [ "AES", "CVL", "DRBG", "ECDH", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3423", "Certificate Number": "3423", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks MX104 3D Universal Edge Router with the Multiservices MIC", "Module Type": "Hardware", "Validation Date": "03/31/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3423.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3423", "detail_available": true, "module_name": "Juniper Networks MX104 3D Universal Edge Router with the Multiservices MIC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 1.2.1 and 6 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "MX104 3D Universal Edge router is a modular, highly redundant, mobile back haul optimized full featured MX series platform built for space and power constrained service provider and enterprise facilities. Multiservices MIC supports Layer 3 services such as stateful firewall, NAT, IPsec, active flow monitoring and RPM.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "KTS", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3422", "Certificate Number": "3422", "Vendor Name": "Sony Imaging Products & Solutions Inc.", "Module Name": "Granada", "Module Type": "Hardware", "Validation Date": "03/28/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3422.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3422", "detail_available": true, "module_name": "Granada", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The primary purpose of the Granada is to provide decryption, decoding/encoding of audio/video data for the digital cinema projector system in which it is being employed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3421", "Certificate Number": "3421", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux 6 Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "03/28/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3421.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3421", "detail_available": true, "module_name": "Oracle Linux 6 Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Oracle Linux NSS Cryptographic Module validated to FIPS 140-2 under Cert. #3111 operating in FIPS mode. The module generates random strings whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Oracle Linux 6 Kernel Crypto API Cryptographic Module provides general-purpose cryptographic services to the remainder of the Linux kernel." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3420", "Certificate Number": "3420", "Vendor Name": "Arista Networks Inc.", "Module Name": "EOS MACsec Bravo Hybrid Module", "Module Type": "Firmware-Hybrid", "Validation Date": "03/27/201904/09/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3420.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3420", "detail_available": true, "module_name": "EOS MACsec Bravo Hybrid Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Section 8.1 of the Security Policy", "module_type": "Firmware-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "Arista’s crypto library is a comprehensive suite of FIPS Approved algorithms. Many key sizes and modes have been implemented to allow flexibility and efficiency.", "algorithms": [ "AES", "DES", "DSA", "HMAC" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3419", "Certificate Number": "3419", "Vendor Name": "Mojo Networks, Inc.", "Module Name": "Mojo Access Point", "Module Type": "Hardware", "Validation Date": "03/27/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3419.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3419", "detail_available": true, "module_name": "Mojo Access Point", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and the tamper evident seals installed as indicated in the security policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The module performs wireless access point (AP) function. It facilitates client devices to access network resources over secure wireless links conforming to IEEE 802.11 protocol, also referred to as WiFi." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3418", "Certificate Number": "3418", "Vendor Name": "Thycotic Software LLC", "Module Name": "Thycotic HSM Module", "Module Type": "Software", "Validation Date": "03/27/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3418.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3418", "detail_available": true, "module_name": "Thycotic HSM Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) validated to FIPS 140-2 Cert. #2357 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "THYCOTIC.HSM.DLL provides cryptographic primitive services. The module generates cryptographic keys whose strengths are modified by available entropy of the validated Microsoft libraries." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3417", "Certificate Number": "3417", "Vendor Name": "Gemalto", "Module Name": "IDPrime PIV v3.0 Applet on IDCore 3130 Platform", "Module Type": "Hardware", "Validation Date": "03/27/201906/06/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3417.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3417", "detail_available": true, "module_name": "IDPrime PIV v3.0 Applet on IDCore 3130 Platform", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When initialized and configured as specified in Section 13 of the Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "« IDPrime PIV v3.0 » is the next generation of FIPS201-2 smart card running on latest IDCore 3130 platform, which complies with the latest version of NIST SP800-73-4, SP800-85A-4 and all algorithms of SP800-78-4. The product can be used over Contact and Contactless interfaces (ISO 7816 & 14443) to provide physical and logical accesss control. It embeds latest optimized FIPS POST feature, OPACITY secure messaging with Pairing code, and Biometric Match on card.", "algorithms": [ "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3416", "Certificate Number": "3416", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks MX240, MX480, MX960, MX2010, MX2020 3D Universal Edge Routers and EX9204, EX9208, EX9214 Ethernet Switches with RE1800 Routing Engine", "Module Type": "Hardware", "Validation Date": "03/25/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3416.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3416", "detail_available": true, "module_name": "Juniper Networks MX240, MX480, MX960, MX2010, MX2020 3D Universal Edge Routers and EX9204, EX9208, EX9214 Ethernet Switches with RE1800 Routing Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 1.2 and 6 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Juniper Networks MX Series is a robust portfolio of SDN enabled routing platforms that provide industry leading system capacity,density,security and performance .RE1800 routing engines provide enhanced scaling and performance. Juniper Networks EX9200 series Ethernet Switches provide high performance, scalable connectivity, and carrier-class reliability for high-density environments with a a full suite of Layer 2 and Layer 3 switching capabilities along with firewall filters, multicast, hardware tunneling and Qos.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3415", "Certificate Number": "3415", "Vendor Name": "Microsoft Corporation", "Module Name": "Boot Manager in Windows 10 Enterprise LTSB", "Module Type": "Software", "Validation Date": "03/25/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3415.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3415", "detail_available": true, "module_name": "Boot Manager in Windows 10 Enterprise LTSB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Windows system boot manager is called by the bootstrapping code that resides in the boot sector. It checks its own integrity, checks the integrity of the Windows OS Loader, and then launches it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3414", "Certificate Number": "3414", "Vendor Name": "Trend Micro Inc.", "Module Name": "Trend Micro Cryptographic Module with CCJ 3.0.0", "Module Type": "Software", "Validation Date": "03/22/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3414.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3414", "detail_available": true, "module_name": "Trend Micro Cryptographic Module with CCJ 3.0.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security relevant modification to Cert. #2804.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Trend Micro Cryptographic Module provides FIPS-approved cryptographic algorithms for Trend Micro products including Trend Micro Deep Security.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3413", "Certificate Number": "3413", "Vendor Name": "Harris Corporation", "Module Name": "RF-7800W Broadband Ethernet Radio", "Module Type": "Hardware", "Validation Date": "03/22/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3413.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3413", "detail_available": true, "module_name": "RF-7800W Broadband Ethernet Radio", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 3.1 of the Security Policy and the tamper evident seals installed as indicated in Section 2.4 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The RF-7800W(-OU47x,-OU49x,-OU50x) Broadband Ethernet Radio(BER) is designed for High Capacity Line of Sight (HCLOS) networks with broadband Ethernet requirements. The radio can be mounted on a mast for quick deployment or on a tower system and is designed for long haul backbone systems. The BER operates in the 4.4 - 5.8 GHz frequency band. The BER is an ideal wireless networking solution for public safety, first responders, training and simulation networks and long haul/short haul battlefield communications. The RF-7800W operates in Point-to-Point and Point to Multipoint in the same platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3412", "Certificate Number": "3412", "Vendor Name": "Western Digital Corporation", "Module Name": "Ultrastar® DC SS530 TCG Enterprise SSD", "Module Type": "Hardware", "Validation Date": "03/21/201903/28/201906/19/201910/01/201904/22/202008/31/202006/15/202107/07/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3412.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3412", "detail_available": true, "module_name": "Ultrastar® DC SS530 TCG Enterprise SSD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 2.1 and 7.2 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Western Digital's Ultrastar® Self-Encrypting TCG Enterprise drives meet or exceed the most demanding performance and security requirements. The Ultrastar® DC SS530 solid-state TCG Enterprise 2.5-inch SAS drive leverages the proven architecture of the prior generation Ultrastar SS300 with second-generation 3D TLC NAND flash memory. The 12Gb/s SAS interface and 1, 3 and 10 drive writes per day (DW/D) offerings meet the most stringent data center requirements.", "algorithms": [ "DRBG", "KDF" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3411", "Certificate Number": "3411", "Vendor Name": "Certes Networks, Inc.", "Module Name": "CryptoFlow Net Creator Java Crypto Module", "Module Type": "Software", "Validation Date": "03/21/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3411.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3411", "detail_available": true, "module_name": "CryptoFlow Net Creator Java Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 3 of the Security Policy; the module generates cryptographic keys whose strengths are modified by the available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The CryptoFlow Net Creator (CFNC) Java Crypto Module is a library embedded in Certes’ CFNC management software. The module supplies the cryptographic functionality necessary to support TLS-secured communication between the CFNC software and the Certes Enforcement Point (CEP) appliances.", "algorithms": [ "AES", "DRBG", "ECDSA", "HMAC", "KDF", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3410", "Certificate Number": "3410", "Vendor Name": "IBM Corporation", "Module Name": "IBM 4768 Cryptographic Coprocessor Security Module", "Module Type": "Hardware", "Validation Date": "03/20/201903/28/201909/13/201902/16/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3410.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3410", "detail_available": true, "module_name": "IBM 4768 Cryptographic Coprocessor Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 4, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The IBM 4768 PCIe Cryptographic Coprocessor Hardware Security Module is in the form of a programmable PCIe card that offloads computationally intensive cryptographic processes from the hosting server, and performs sensitive tasks within a secured tamper responding hardware boundary. The evolutionary design builds on previous generations of IBM cryptographic technology, improving performance over its predecessors. The IBM 4768 is supported on select IBM Z processors as the Crypto Express6S feature and on select x86 systems.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3409", "Certificate Number": "3409", "Vendor Name": "RSA Security LLC", "Module Name": "RSA BSAFE® Crypto Module", "Module Type": "Software", "Validation Date": "03/20/201902/14/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3409.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3409", "detail_available": true, "module_name": "RSA BSAFE® Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "RSA BSAFE® Crypto Module 1.0.1 is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3408", "Certificate Number": "3408", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "03/18/201904/03/201907/11/201908/07/201909/20/201905/07/202001/26/202106/21/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3408.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3408", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3402", "Certificate Number": "3402", "Vendor Name": "Apple Inc.", "Module Name": "Apple CoreCrypto Module v9.0 for Intel", "Module Type": "Software", "Validation Date": "03/13/201904/12/201903/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3402.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3402", "detail_available": true, "module_name": "Apple CoreCrypto Module v9.0 for Intel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Apple CoreCrypto Module v9.0 for Intel is a software cryptographic module running on a multi-chip standalone hardware device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3401", "Certificate Number": "3401", "Vendor Name": "Honeywell International Inc.", "Module Name": "Honeywell Pseudo Random Number Generator", "Module Type": "Hardware", "Validation Date": "03/13/201901/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3401.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3401", "detail_available": true, "module_name": "Honeywell Pseudo Random Number Generator", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Honeywell Pseudo Random Number Generator is a hardware random number generator that provides cryptographic functions through on-chip entropy sources and hash based DRBG" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3400", "Certificate Number": "3400", "Vendor Name": "Honeywell International Inc.", "Module Name": "Honeywell Inline Crypto Engine (SDCC)", "Module Type": "Hardware", "Validation Date": "03/13/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3400.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3400", "detail_available": true, "module_name": "Honeywell Inline Crypto Engine (SDCC)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Honeywell Inline Crypto Engine (SDCC) high throughput storage data encryption and decryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3399", "Certificate Number": "3399", "Vendor Name": "Honeywell International Inc.", "Module Name": "Honeywell Crypto Engine Core", "Module Type": "Hardware", "Validation Date": "03/13/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3399.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3399", "detail_available": true, "module_name": "Honeywell Crypto Engine Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Honeywell Crypto Engine Core is a general purpose cryptographic hardware engine capable of securely processing various confidentiality and integrity algorithms across multiple execution environments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3398", "Certificate Number": "3398", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Systems 3504, 5520, and 8540 Wireless LAN Controllers", "Module Type": "Hardware", "Validation Date": "03/13/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3398.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3398", "detail_available": true, "module_name": "Cisco Systems 3504, 5520, and 8540 Wireless LAN Controllers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Series Wireless Controllers, are a highly scalable and flexible platform that enables system-wide services for mission-critical wireless networking in medium-sized to large enterprises and campus environments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3397", "Certificate Number": "3397", "Vendor Name": "Hewlett Packard Enterprise Development LP", "Module Name": "HPE Smart Array Gen10 P-Class RAID Controllers", "Module Type": "Hardware", "Validation Date": "03/12/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3397.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3397", "detail_available": true, "module_name": "HPE Smart Array Gen10 P-Class RAID Controllers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The HP P-Class Smart Array RAID Controllers make up a family of serial-attached SCSI host bus adapters that provide intelligent control for storage array. The controllers can be card-based or embedded within an HP server, and provide a high speed data path, on-board storage cache, remote management, and encryption of data at rest, for the controlled storage arrays.", "algorithms": [ "AES", "DRBG", "HMAC", "KDF", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3396", "Certificate Number": "3396", "Vendor Name": "Western Digital Corporation", "Module Name": "Ultrastar® DC HC530 TCG Enterprise HDD", "Module Type": "Hardware", "Validation Date": "03/12/201905/26/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3396.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3396", "detail_available": true, "module_name": "Ultrastar® DC HC530 TCG Enterprise HDD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 2.1 and 7.2 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Western Digital self-encrypting 14TB Ultrastar® DC HC530 TCG Enterprise Hard-Disk drives meet or exceed the most demanding performance and security requirements. The Ultrastar® DC HC530, utilize fifth-generation HelioSeal technology. Designed to handle workloads up to 550TB per year, the CMR based Ultrastar® DC HC530 provides drop-in simplicity in enterprise and cloud data centers. TDMR technology and third-generation dual-stage microactuator work together to enhance head-positioning accuracy and deliver better performance, data integrity and overall drive reliability.", "algorithms": [ "DRBG", "HMAC", "KDF" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3395", "Certificate Number": "3395", "Vendor Name": "PrimeKey Labs GmbH", "Module Name": "Secure Execution Environment (SEE) Loader", "Module Type": "Hardware", "Validation Date": "03/11/201908/13/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3395.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3395", "detail_available": true, "module_name": "Secure Execution Environment (SEE) Loader", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Secure Execution Environment (SEE) Loader is a multi-system on a chip security module. This module provides a secure execution environment and the secure loading of applications. The SEE Loader provides an innovative hardware protection and ensures only authenticated and authorized applications are executed within the protected environment. Additional functionality for the SEE Loader is provided by PrimeKey and Vendor specific applications which have been digitally signed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3394", "Certificate Number": "3394", "Vendor Name": "Express Logic, Inc.", "Module Name": "NetX Crypto", "Module Type": "Software", "Validation Date": "03/08/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3394.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3394", "detail_available": true, "module_name": "NetX Crypto", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Section 9.1.2 of the Security Policy. The output of the DRBG may not be used to generate keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "NetX Crypto is a cryptographic library that provides general cryptographic algorithms to customer applications, as well as cryptographic support to other NetX Secure TLS, DTLS, and IPsec protocols. NetX Crypto is delivered as a static library with necessary header files. Complete source code is available upon request." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3393", "Certificate Number": "3393", "Vendor Name": "Ruckus Wireless, Inc.", "Module Name": "Ruckus Wireless, Inc. R710, R610, R720, T610 and T710 Wireless Access Points", "Module Type": "Hardware", "Validation Date": "03/08/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3393.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3393", "detail_available": true, "module_name": "Ruckus Wireless, Inc. R710, R610, R720, T610 and T710 Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Ruckus Wireless, Inc. Wi-Fi, switching and software portfolio builds on more than a decade's worth of patented technologies to offer better connections that enable awesome customer experiences-at a fraction of the cost of alternatives. Our indoor and outdoor wireless access points fit just about any budget, performance requirement or deployment scenario.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3392", "Certificate Number": "3392", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung SAS 12G TCG Enterprise SSC SEDs PM1643 Series", "Module Type": "Hardware", "Validation Date": "03/06/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3392.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3392", "detail_available": true, "module_name": "Samsung SAS 12G TCG Enterprise SSC SEDs PM1643 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Rules Section of the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Samsung SAS 12G TCG Enterprise SSC SEDs PM1643 Series are a high-performance Self-Encrypting SSDs supporting SAS 12G Interface that provides on-the-fly encryption/decryption of user data without performance loss. It implements AES256-XTS for user data encryption, RSA PSS-2048 for FW authentication, and Hash_DRBG for key generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3391", "Certificate Number": "3391", "Vendor Name": "Certicom Corp.", "Module Name": "Security Builder FIPS Java Module", "Module Type": "Software", "Validation Date": "03/06/201909/19/201910/01/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3391.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3391", "detail_available": true, "module_name": "Security Builder FIPS Java Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Security Builder FIPS Java Module is a standards-based cryptographic toolkit written in Java. It supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into Java-based applications. The Security Builder FIPS Java Module is intended for use by developers who want government level security and can also be used in conjunction with other Certicom developer toolkits including Security Builder PKI and Security Builder SSL." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3390", "Certificate Number": "3390", "Vendor Name": "Bomgar Corporation", "Module Name": "Bomgar FIPS Remote Support Appliance", "Module Type": "Hardware", "Validation Date": "03/05/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3390.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3390", "detail_available": true, "module_name": "Bomgar FIPS Remote Support Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident labels and front bezel applied as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Bomgar Remote Support Appliances provide technicians secure remote control of devices over the internet/LAN/WAN. Bomgar allows collaborative remote support to various operating systems, including desktops, servers, mobile and network devices. In addition, Bomgar provides extensive auditing and recording of support sessions.", "algorithms": [ "AES", "DRBG", "ECDH", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3389", "Certificate Number": "3389", "Vendor Name": "wolfSSL Inc.", "Module Name": "wolfCrypt", "Module Type": "Software", "Validation Date": "03/04/201905/31/201910/22/201901/06/202003/26/202004/22/202007/06/202008/27/202001/29/202103/24/202104/14/202108/30/202102/14/202203/14/202202/15/202304/26/202309/13/202301/26/202402/15/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3389.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3389", "detail_available": true, "module_name": "wolfCrypt", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When entropy is externally loaded, no assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "wolfCrypt module is a comprehensive suite of FIPS Approved algorithms. All key sizes and modes have been implemented to allow flexibility and efficiency.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3388", "Certificate Number": "3388", "Vendor Name": "Secret Double Octopus Ltd.", "Module Name": "Octopus Authentication Server Cryptographic Module", "Module Type": "Software", "Validation Date": "03/04/201902/20/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3388.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3388", "detail_available": true, "module_name": "Octopus Authentication Server Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security relevant modification to Cert. #1747.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Octopus Authentication Server manages the authentication requests coming from the service provider and the connection to the application on the mobile device to get the user approval.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3387", "Certificate Number": "3387", "Vendor Name": "NetApp, Inc.", "Module Name": "NetApp CryptoMod", "Module Type": "Software", "Validation Date": "03/01/201909/13/201906/08/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3387.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3387", "detail_available": true, "module_name": "NetApp CryptoMod", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "NetApp CryptoMod will be integrated into NetApp ONTAP releases for the purpose of supporting FIPS 140-2 compliant data-at-rest encryption and key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3386", "Certificate Number": "3386", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks MX240, MX480, MX960, MX2010, and MX2020 3D Universal Edge Routers with RE1800 Routing Engine and Multiservices MPC", "Module Type": "Hardware", "Validation Date": "02/28/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3386.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3386", "detail_available": true, "module_name": "Juniper Networks MX240, MX480, MX960, MX2010, and MX2020 3D Universal Edge Routers with RE1800 Routing Engine and Multiservices MPC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 1.2 and 6 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Juniper Networks MX Series is a robust portfolio of SDN enabled routing platforms that provide industry leading system capacity, density, security and performance. Key features include support for a wide range of L2/L3 VPN services and advanced broadband network gateway functions, along with integrated routing, switching and security services. Multiservices MPC supports Layer 3 services such as stateful firewall, NAT, IPsec, active flow monitoring and RPM.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3385", "Certificate Number": "3385", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® NVMe FlashCore™ Module", "Module Type": "Hardware", "Validation Date": "02/28/201903/14/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3385.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3385", "detail_available": true, "module_name": "IBM® NVMe FlashCore™ Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 7 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The IBM® NVMe FlashCore™ Module is a NVMe-connected self-encrypting non-volatile storage module." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3384", "Certificate Number": "3384", "Vendor Name": "Google, Inc.", "Module Name": "Delta Cryptographic Module", "Module Type": "Hardware", "Validation Date": "03/27/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3384.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3384", "detail_available": true, "module_name": "Delta Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Titan Chip validated to FIPS 140-2 under Cert. #3382 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Delta Cryptographic Module is a Network Interface Card (NIC) housed on a host device, which is designed to support Ethernet and IP networking. The Delta module contains cryptographic hardware and firmware support, which allows data packets to be encrypted and decrypted using AES-GCM-128 at \"line rate\", while supporting a very large number of simultaneous Security Associations." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3383", "Certificate Number": "3383", "Vendor Name": "Google, Inc.", "Module Name": "River Cryptographic Module", "Module Type": "Hardware", "Validation Date": "03/22/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3383.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3383", "detail_available": true, "module_name": "River Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Titan Chip validated to FIPS 140-2 under Cert. #3382 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The River Cryptographic Module is a Network Interface Card (NIC) housed on a host device, which is designed to support Ethernet and IP networking. The River module contains cryptographic hardware and firmware support, which allows data packets to be encrypted and decrypted using AES-GCM-128 at \"line rate\", while supporting a very large number of simultaneous Security Associations." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3382", "Certificate Number": "3382", "Vendor Name": "Google, Inc.", "Module Name": "Titan Chip", "Module Type": "Hardware", "Validation Date": "03/22/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3382.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3382", "detail_available": true, "module_name": "Titan Chip", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with River Cryptographic Module validated to FIPS 140-2 under Cert. #3383 or Delta Cryptographic Module validated to FIPS 140-2 under Cert. #3384 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Titan is a custom secure micro-controller. It can implement a variety of security, encryption, and cryptography protocols. The protocols are running on a secure processor on-chip, interfacing with a host using an API across a trusted SPI peripheral. It provides secure EEPROM Boot, using SPI pass-through technology that allows Titan to confirm authorship of Boot Code, ensuring code-signing before code swap is completed.", "algorithms": [ "AES", "DRBG", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3381", "Certificate Number": "3381", "Vendor Name": "SideChannel Inc.", "Module Name": "Enclave Microsegmentation Platform", "Module Type": "Software", "Validation Date": "02/26/201906/04/202003/16/202105/11/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3381.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3381", "detail_available": true, "module_name": "Enclave Microsegmentation Platform", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3273.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SideChannel's Enclave Microsegmentation Platform builds overlay networks, firewalls, and Zero Trust network permission models to create spaces where access is only granted to specified machines and users. These spaces, or micro-segments, are called Enclaves. Enclave was designed to make creating these accesses in a simple way without sacrificing security.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3380", "Certificate Number": "3380", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiMail 6.0", "Module Type": "Firmware", "Validation Date": "02/21/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3380.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3380", "detail_available": true, "module_name": "FortiMail 6.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and configured according to the Entropy Token Section of the Security Policy. There is no assurance of the minimum strength of generated keys", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiMail family of email security appliances provide an effective barrier against the ever-rising volume of sophisticated spam and malware and includes features designed to facilitate regulatory compliance. FortiMail 6.0 offers both inbound and outbound scanning, advanced antispam and antimalware protection, content disarm and reconstruction, URI click protection, Advanced Threat Protection through integration with FortiSandbox in the cloud or on-prem, data leak prevention, identity based encryption and extensive quarantine and archiving capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3379", "Certificate Number": "3379", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks MX240, MX480, MX960, MX2010, and MX2020 3D Universal Edge Routers with RE-S-X6-64G/REMX2K-X8-64G Routing Engine and Multiservices MPC", "Module Type": "Hardware", "Validation Date": "02/21/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3379.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3379", "detail_available": true, "module_name": "Juniper Networks MX240, MX480, MX960, MX2010, and MX2020 3D Universal Edge Routers with RE-S-X6-64G/REMX2K-X8-64G Routing Engine and Multiservices MPC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 1.2 and 6 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Juniper Networks MX Series is a robust portfolio of SDN enabled routing platforms that provide industry leading system capacity, density, security and performance. RE-S-X6-64G/REMX2K-X8-64G routing engines provide enhanced scaling and performance. Key features include support for a wide range of L2/L3 VPN services and advanced broadband network gateway functions, along with integrated routing, switching and security services. Multiservices MPC supports Layer 3 services such as stateful firewall, NAT, IPsec, active flow monitoring and RPM.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3378", "Certificate Number": "3378", "Vendor Name": "Unbound Tech", "Module Name": "Unbound Tech EKM Cryptographic Module", "Module Type": "Software", "Validation Date": "02/19/201904/24/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3378.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3378", "detail_available": true, "module_name": "Unbound Tech EKM Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with two additional Unbound Tech EKM Cryptographic Modules with each EKM Cryptographic Module running in Entry mode, Pair mode, and Auxiliary mode as specified in Section 3.1 of the Security Policy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Unbound's Enterprise Key Management (EKM) lets you manage and control keys working with any application. This pure-software solution is easy to deploy and maintain, while giving you unmatched levels of security and control for your crypto keys in the cloud. Based on Unbound vHSM technology, the keys are guaranteed to never appear in the clear, not even when generated or while at use - ensuring your most sensitive keys are kept private at all times." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3377", "Certificate Number": "3377", "Vendor Name": "Zebra Technologies Corporation", "Module Name": "Zebra Crypto Engine Core", "Module Type": "Hardware", "Validation Date": "02/19/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3377.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3377", "detail_available": true, "module_name": "Zebra Crypto Engine Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Zebra Crypto Engine Core is a general purpose cryptographic hardware engine capable of securely processing various confidentiality and integrity algorithms across multiple execution environments" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3376", "Certificate Number": "3376", "Vendor Name": "Zebra Technologies Corporation", "Module Name": "Zebra Pseudo Random Number Generator", "Module Type": "Hardware", "Validation Date": "02/19/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3376.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3376", "detail_available": true, "module_name": "Zebra Pseudo Random Number Generator", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Zebra Pseudo Random Number Generator is a hardware random number generator that provides cryptographic functions through on-chip entropy sources and hash based DRBG" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3375", "Certificate Number": "3375", "Vendor Name": "Zebra Technologies Corporation", "Module Name": "Zebra Inline Crypto Engine (SDCC)", "Module Type": "Hardware", "Validation Date": "02/19/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3375.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3375", "detail_available": true, "module_name": "Zebra Inline Crypto Engine (SDCC)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Zebra Inline Crypto Engine (SDCC) high throughput storage data encryption and decryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3374", "Certificate Number": "3374", "Vendor Name": "IBM Corporation", "Module Name": "IBM® z/VM® Version 6 Release 4 System SSL Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "02/19/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3374.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3374", "detail_available": true, "module_name": "IBM® z/VM® Version 6 Release 4 System SSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "z/VM System SSL provides cryptographic functions which allows z/VM to protect data using the SSL/TLS protocols. z/VM System SSL also enables administrators to create and manage X.509 V3 certificates and keys within key database files." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3373", "Certificate Number": "3373", "Vendor Name": "Futurex", "Module Name": "GSP3000 Hardware Security Module", "Module Type": "Hardware", "Validation Date": "02/14/201903/20/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3373.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3373", "detail_available": true, "module_name": "GSP3000 Hardware Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The GSP3000 is a general purpose cryptographic module incorporated into multiple Futurex products to ensure data confidentiality, integrity, and authenticity. It is designed to meet and exceed compliance mandates and security best practices in environments requiring enterprise-class protection for sensitive information." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3372", "Certificate Number": "3372", "Vendor Name": "Proofpoint Inc.", "Module Name": "Proofpoint Cryptographic Module for Java", "Module Type": "Software", "Validation Date": "02/12/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3372.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3372", "detail_available": true, "module_name": "Proofpoint Cryptographic Module for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3080.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The module is a cryptographic component to be used by the various Proofpoint security products. The module is designed to meet Level 1 requirements of FIPS 140-2 standard. The module is a cryptographic library that provides a variety of cryptographic services including SSH, HTTPs etc. .", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3371", "Certificate Number": "3371", "Vendor Name": "Geotab Inc.", "Module Name": "Geotab Cryptographic Module", "Module Type": "Firmware", "Validation Date": "02/12/201904/26/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3371.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3371", "detail_available": true, "module_name": "Geotab Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Single Chip", "description": "Geotab Cryptographic Module provides a library of functions to perform general purpose cryptographic services.", "algorithms": [ "AES", "DRBG", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3370", "Certificate Number": "3370", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks MX240, MX480, MX960, MX2010, MX2020 3D Universal Edge Routers and EX9204, EX9208, EX9214 Ethernet Switches with RE-S-X6-64G/REMX2K-X8-64G/EX9200-RE2 Routing Engine", "Module Type": "Hardware", "Validation Date": "02/12/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3370.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3370", "detail_available": true, "module_name": "Juniper Networks MX240, MX480, MX960, MX2010, MX2020 3D Universal Edge Routers and EX9204, EX9208, EX9214 Ethernet Switches with RE-S-X6-64G/REMX2K-X8-64G/EX9200-RE2 Routing Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 1.2 and 6 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Juniper Networks MX Series is a robust portfolio of SDN enabled routing platforms that provide industry leading system capacity,density,security and performance .RE-S-X6-64G/REMX2K-X8-64G routing engines provide enhanced scaling and performance. Juniper Networks EX9200 series Ethernet Switches provide high performance, scalable connectivity, and carrier-class reliability for high-density environments with a a full suite of Layer 2 and Layer 3 switching capabilities along with firewall filters, multicast, hardware tunneling and Qos.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3369", "Certificate Number": "3369", "Vendor Name": "Cord3 Innovation Inc.", "Module Name": "Cord3 Cryptographic Module", "Module Type": "Software", "Validation Date": "02/11/201903/01/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3369.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3369", "detail_available": true, "module_name": "Cord3 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized, and configured as specified in the Security Policy Section Secure Operation. When operated in FIPS Mode.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Cord3 Cryptographic Module provides protection for individual information assets in support of data-centric security principles that ensure that creation of and access to content adheres to an organizational security policy. Information assets protected using the Cord3 Cryptographic Module are protected against accidental or malicious disclosure while supporting the need-to-share with relevant communities-of-interest.", "algorithms": [ "HMAC" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3368", "Certificate Number": "3368", "Vendor Name": "Christie Digital Systems Canada Inc.", "Module Name": "Christie IMB-S3 4K Integrated Media Block (IMB)", "Module Type": "Hardware", "Validation Date": "02/11/201911/30/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3368.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3368", "detail_available": true, "module_name": "Christie IMB-S3 4K Integrated Media Block (IMB)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Christie IMB-S3 is a DCI-compliant solution to enable the playback of the video, audio and timed text essence on a Christie digital cinema projector with the CineLife architecture. The IMB-S3 permits the playback of alternative content and High Frame Rate (HFR) material." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3367", "Certificate Number": "3367", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks QFX10002, QFX10008 and QFX10016", "Module Type": "Hardware", "Validation Date": "02/08/201903/15/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3367.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3367", "detail_available": true, "module_name": "Juniper Networks QFX10002, QFX10008 and QFX10016", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 1.2, 1.3 and 6 of the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The QFX10000 series of fixed and modular data center spine/core Ethernet switches deliver industry-leading scale, flexibility and openness providing seamless transition from 10GbE and 40GbE interface speeds to 100GbE. Based on our custom Q5 ASICs, these high-performance switches scale from 3 to 96 Tbps of throughput.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3366", "Certificate Number": "3366", "Vendor Name": "Proofpoint Inc.", "Module Name": "Proofpoint Cryptographic Module", "Module Type": "Software", "Validation Date": "02/07/201903/16/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3366.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3366", "detail_available": true, "module_name": "Proofpoint Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3273.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The module is a cryptographic component to be used by the various Proofpoint security products. The module is designed to meet Level 1 requirements of FIPS 140-2 standard. The module is a cryptographic library that provides a variety of cryptographic services including SSH, HTTPs etc. .", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3365", "Certificate Number": "3365", "Vendor Name": "InfoSec Global Inc.", "Module Name": "AgileSec FIPS Module", "Module Type": "Software", "Validation Date": "02/06/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3365.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3365", "detail_available": true, "module_name": "AgileSec FIPS Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and the module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "AgileSec FIPS Module is a component of AgileSec SDK. It provides secure and optimized implementations of FIPS 140-2 approved cryptographic algorithms. The design of AgileSec SDK uses plug-and-play cryptographic providers, which are sets of cryptographic algorithms implemented to support various international or custom cryptographic standards." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3364", "Certificate Number": "3364", "Vendor Name": "Symantec & CA Technologies, a division of Broadcom", "Module Name": "Web Isolation Virtual Appliance", "Module Type": "Software", "Validation Date": "02/06/201903/15/202107/05/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3364.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3364", "detail_available": true, "module_name": "Web Isolation Virtual Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Web Isolation eliminates web threats and solves the challenge of providing secured access to the uncategorized and potentially risky web. Web Isolation creates a secure execution environment between users and the web. By executing web sessions remotely and only sending safe rendering information to users’ browsers, Web Isolation eliminates any web-borne threats from reaching user’s devices.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDH", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3363", "Certificate Number": "3363", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiMail-2000E/3000E", "Module Type": "Hardware", "Validation Date": "02/06/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3363.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3363", "detail_available": true, "module_name": "FortiMail-2000E/3000E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. No assurance of the minimum strength of generated keys.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiMail family of email security appliances provide an effective barrier against the ever-rising volume of sophisticated spam and malware and includes features designed to facilitate regulatory compliance. FortiMail 6.0 offers both inbound and outbound scanning, advanced antispam and antimalware protection, content disarm and reconstruction, URI click protection, Advanced Threat Protection through integration with FortiSandbox in the cloud or on-prem, data leak prevention, identity based encryption and extensive quarantine and archiving capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3362", "Certificate Number": "3362", "Vendor Name": "Certicom Corp.", "Module Name": "Security Builder® FIPS Module", "Module Type": "Software", "Validation Date": "02/05/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3362.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3362", "detail_available": true, "module_name": "Security Builder® FIPS Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Security Builder® FIPS Module is a standards-based cryptographic toolkit that supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into both mobile and server-based applications. The Security Builder FIPS Module is part of the Certicom Security Architecture, a comprehensive cross-platform security solution which supports multiple cryptographic software and hardware providers with a single common API." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3361", "Certificate Number": "3361", "Vendor Name": "Google, Inc.", "Module Name": "Titan Security Key, Chip Boundary", "Module Type": "Hardware", "Validation Date": "02/04/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3361.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3361", "detail_available": true, "module_name": "Titan Security Key, Chip Boundary", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Implemented with Google's \"Titan\" secure microcontroller and custom firmware, the Titan Security Key is a FIPS-compliant Universal 2nd Factor (U2F) authenticator and hardware root of trust." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3360", "Certificate Number": "3360", "Vendor Name": "Tandberg Data", "Module Name": "RDX SATA III", "Module Type": "Hardware", "Validation Date": "02/04/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3360.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3360", "detail_available": true, "module_name": "RDX SATA III", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper-evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The RDX QuikStor SATA III media-based removable storage system offers rugged, reliable and convenient storage for back-up, archive, data interchange and disaster recovery. The RDX SATA III drive provides AES-XTS 256 encryption to protect data on all RDX media", "algorithms": [ "AES", "DRBG", "HMAC", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3359", "Certificate Number": "3359", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung SAS 12G TCG Enterprise SSC SEDs PM1643/PM1645 Series", "Module Type": "Hardware", "Validation Date": "02/04/201907/10/201907/10/201909/23/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3359.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3359", "detail_available": true, "module_name": "Samsung SAS 12G TCG Enterprise SSC SEDs PM1643/PM1645 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Rules Section of the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Samsung SAS 12G TCG Enterprise SSC SEDs PM1643 Series are a high-performance Self-Encrypting SSDs supporting SAS 12G Interface that provides on-the-fly encryption/decryption of user data without performance loss. It implements AES256-XTS for user data encryption, RSA PSS-2048 for FW authentication, and Hash_DRBG for key generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3358", "Certificate Number": "3358", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks EX4300 Ethernet Switches", "Module Type": "Hardware", "Validation Date": "02/04/201903/12/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3358.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3358", "detail_available": true, "module_name": "Juniper Networks EX4300 Ethernet Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 1.3 and 6 of the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Juniper Networks EX4300 Ethernet Switches combine the carrier-class reliability with the economics of stackable platforms, delivering a high-performance, scalable solution for data center and campus office environments. Offering a full suite of Layer 2 and Layer 3 switching capabilities. EX4300 switches offer 24, 32 or 48-port 10/100/1000BASE-T with redundant, hot-swappable power supplies and Power over Ethernet (PoE). The EX 4300 family supports 1Gigabit and 10 Gigabit MACSec support in both FIPS mode and non FIPS mode of operation as of Junos release 17.4R1-S4.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3357", "Certificate Number": "3357", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung NVMe TCG Opal SSC SEDs PM1723b Series", "Module Type": "Hardware", "Validation Date": "02/04/201906/03/201908/28/201902/11/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3357.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3357", "detail_available": true, "module_name": "Samsung NVMe TCG Opal SSC SEDs PM1723b Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Rules Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Samsung NVMe TCG Opal SSC SEDs PM1723b Series are a high-performance Self-Encrypting SSDs supporting NVMe Interface that provides on-the-fly encryption/decryption of user data without performance loss. It implements AES256-XTS for user data encryption, ECDSA P-224 for FW authentication, and Hash_DRBG for key generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3356", "Certificate Number": "3356", "Vendor Name": "VMware, Inc.", "Module Name": "VMware's Linux Cryptographic Module", "Module Type": "Software", "Validation Date": "02/02/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3356.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3356", "detail_available": true, "module_name": "VMware's Linux Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module VMware OpenSSL FIPS Object Module validated to FIPS 140-2 under Cert. #2839 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Powering IPsec encryption and integrity in NSX Edge and NSX Controller is the VMware's Linux Cryptographic Module. The Tunnel mode of the Encapsulating Security Payload (ESP) protocol performed by an IPsec Service kernel stack, such as NETKEY, utilizes the VMware's Linux Cryptographic Module to encrypt, decrypt, and perform integrity checks on data entering and exiting the NSX Edge virtual appliance.", "algorithms": [ "AES", "DES", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3355", "Certificate Number": "3355", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Firepower Management Center Virtual (FMCv) Cryptographic Module", "Module Type": "Software", "Validation Date": "01/31/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3355.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3355", "detail_available": true, "module_name": "Cisco Firepower Management Center Virtual (FMCv) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Firepower Management Center Virtual working like the Firepower Management Center appliance aggregates and correlates network traffic information and performance data, assessing the impact of events on particular hosts. You can monitor the information that your device reports, and assess and control the overall activity that occurs on your network. The FMCv also controls the network management features on your devices: switching, routing, NAT and VPN.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3354", "Certificate Number": "3354", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung BoringSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "01/30/201909/19/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3354.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3354", "detail_available": true, "module_name": "Samsung BoringSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Provides general purpose cryptographic services to user-space applications on the mobile platform for the protection of data.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3353", "Certificate Number": "3353", "Vendor Name": "Okta, Inc.", "Module Name": "Okta Cryptographic Module for Java", "Module Type": "Software", "Validation Date": "01/29/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3353.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3353", "detail_available": true, "module_name": "Okta Cryptographic Module for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3080.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Okta Cryptographic Module for JavaMobile manages functions for secure key management, data integrity, data at rest encryption, and secure communications for the Okta Multifactor Authentication solution", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3352", "Certificate Number": "3352", "Vendor Name": "Silvus Technologies, Inc.", "Module Name": "SC4000 Series Mesh Radio", "Module Type": "Hardware", "Validation Date": "01/28/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3352.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3352", "detail_available": true, "module_name": "SC4000 Series Mesh Radio", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "StreamCaster SC4200 and SC4400 series MIMO MANET radios provide wireless video, audio, and data connectivity. It is self-forming, self-healing, and automatically adapts to dynamic channels without the need of infastructure. The StreamCaster radio has a powerful built-in web based network management tool to facilitate monitoring and controlling of a large multi-hop network consisting of many StreamCaster radios.", "algorithms": [ "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3351", "Certificate Number": "3351", "Vendor Name": "Viasat, Inc.", "Module Name": "Enhanced Bandwidth Efficient Modem (EBEM) Cryptographic Module", "Module Type": "Hardware", "Validation Date": "01/28/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3351.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3351", "detail_available": true, "module_name": "Enhanced Bandwidth Efficient Modem (EBEM) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seal installed as indicated in the security policy for the optional ESEM feature", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Enhanced Bandwidth Efficient Modem (EBEM), MD-1366/U is a high-performance multi-input multi-output single channel per carrier (SCPC) satellite modem that converts multiple baseband digital input signals into multiple waveform intermediate frequencies (IF) and vice­versa. The EBEM is intended for use with Government and commercial satellite systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3350", "Certificate Number": "3350", "Vendor Name": "Beijing Sansec Technology Development Co., Ltd", "Module Name": "Sansec HSM", "Module Type": "Hardware", "Validation Date": "01/03/201911/21/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3350.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3350", "detail_available": true, "module_name": "Sansec HSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Sansec Hardware Security Module (HSM) is a hardware cryptographic module that provides data encryption, data decryption, signature generation, signature verification, message digest, message authentication code (MAC), random number generation and key management services to business systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3349", "Certificate Number": "3349", "Vendor Name": "SECUREDATA, Inc.", "Module Name": "SecureDrive BT", "Module Type": "Hardware", "Validation Date": "01/02/201903/05/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3349.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3349", "detail_available": true, "module_name": "SecureDrive BT", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Hardware encrypted USB 3.0 SATA drive with Bluetooth interface for authentication and configuration." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3348", "Certificate Number": "3348", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux Unbreakable Enterprise Kernel (UEK) Cryptographic Module", "Module Type": "Software", "Validation Date": "01/02/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3348.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3348", "detail_available": true, "module_name": "Oracle Linux Unbreakable Enterprise Kernel (UEK) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Oracle Linux NSS Cryptographic Module validated to FIPS 140-2 under Certs. #3111[1] and #3143[2] operating in FIPS mode. The module generates random strings whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Oracle Linux Unbreakable Enterprise Kernel Cryptographic Module provides general-purpose cryptographic services to the remainder of the Linux kernel." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3347", "Certificate Number": "3347", "Vendor Name": "Certes Networks, Inc.", "Module Name": "Certes Enforcement Points", "Module Type": "Hardware", "Validation Date": "01/02/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3347.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3347", "detail_available": true, "module_name": "Certes Enforcement Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Certes Encryptors, or Certes Enforcement Points (CEP), are purpose-built encryption appliances that provide multi-layer data protection and application segmentation. CEP appliances provide Ethernet frame encryption for Layer 2 networks, IPsec encryption for Layer 3 networks, and data payload encryption for Layer 4 MPLS networks. CEPs operate transparently to the network infrastructure, which ensures all data is encrypted without impacting network performance.", "algorithms": [ "AES", "CVL", "DRBG", "ECDSA", "HMAC", "KDF", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3346", "Certificate Number": "3346", "Vendor Name": "Futurex", "Module Name": "EXP1000 Hardware Security Module", "Module Type": "Hardware", "Validation Date": "12/21/201807/19/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3346.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3346", "detail_available": true, "module_name": "EXP1000 Hardware Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The EXP1000 is a general purpose cryptographic module incorporated into multiple Futurex products to ensure data confidentiality, integrity, and authenticity. It is designed to meet and exceed compliance mandates and security best practices in environments requiring enterprise-class protection for sensitive information." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3345", "Certificate Number": "3345", "Vendor Name": "Pure Storage, Inc.", "Module Name": "FlashBlade Data Encryption Module", "Module Type": "Hardware", "Validation Date": "12/21/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3345.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3345", "detail_available": true, "module_name": "FlashBlade Data Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The FlashBlade Data Encryption Module is a logical soft core within the FPGA that is responsible for performing AES-256 counter mode encryption or decryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3344", "Certificate Number": "3344", "Vendor Name": "Okta, Inc.", "Module Name": "Okta Cryptographic Module for Mobile", "Module Type": "Software", "Validation Date": "12/17/201803/08/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3344.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3344", "detail_available": true, "module_name": "Okta Cryptographic Module for Mobile", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #1938.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Okta Cryptographic Module for JavaMobile manages functions for secure key management, data integrity, data at rest encryption, and secure communications for the Okta Multifactor Authentication solution.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3343", "Certificate Number": "3343", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Firepower Threat Defense Virtual (FTDv) Cryptographic Module", "Module Type": "Software", "Validation Date": "12/17/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3343.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3343", "detail_available": true, "module_name": "Cisco Firepower Threat Defense Virtual (FTDv) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Cisco Firepower Threat Defense (FTD) solution offers the combination of the industry's most deployed stateful firewall with a comprehensive range of next-generation network security services, intrusion prevention system (IPS), content security and secure unified communications. All running in a virtual environment.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3342", "Certificate Number": "3342", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux 7 Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "12/17/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3342.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3342", "detail_available": true, "module_name": "Oracle Linux 7 Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Oracle Linux NSS Cryptographic Module validated to FIPS 140-2 under Cert. #3143 operating in FIPS mode. The module generates random strings whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Oracle Linux 7 Kernel Crypto API Cryptographic Module provides general-purpose cryptographic services to the remainder of the Linux kernel." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3341", "Certificate Number": "3341", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco FIPS Object Module", "Module Type": "Software", "Validation Date": "12/17/201805/09/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3341.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3341", "detail_available": true, "module_name": "Cisco FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 4.2 and operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco FIPS Object Module (FOM) is a software library that provides cryptographic services to a vast array of Cisco's networking and collaboration products. The module provides FIPS 140 validated cryptographic algorithms for services such as IPSEC, SRTP, SSH, TLS, 802.1x, etc. The module does not directly implement any of these protocols, instead it provides the cryptographic primitives and functions to allow a developer to implement the various protocols.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3340", "Certificate Number": "3340", "Vendor Name": "Q Core Medical Ltd.", "Module Name": "SapphirePlus OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "12/14/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3340.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3340", "detail_available": true, "module_name": "SapphirePlus OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy and operated in FIPS mode. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The SapphirePlus infusion system provides a targeted solution for the Hospira MedNet users in the hospital market, offering the outstanding performance, ease of use and reliability of the entire Sapphire product family, with special concern for the clinical and ambulatory environments, as well as the pre-hospital medical ground transportation. With Q Core’s advanced software version implemented, the SapphirePlus pump offers a complete integration of the Sapphire infusion pump with Hospira MedNet system, used in hospitals across the US.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3339", "Certificate Number": "3339", "Vendor Name": "SonicWall, Inc.", "Module Name": "SonicWALL SMA Series v12.1 EX-9000, SMA 6200, SMA 7200", "Module Type": "Hardware", "Validation Date": "12/10/201804/19/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3339.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3339", "detail_available": true, "module_name": "SonicWALL SMA Series v12.1 EX-9000, SMA 6200, SMA 7200", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "SonicWall Software SMA 6200, SMA 7200 and SRA EX9000 are part of the SonicWall Security Solution Enterprise product family. They provide hardware appliance based VPN Virtual Private Network mobile access solutions to a wide variety of end user devices including Microsoft Windows, Apple OSX, Linux, Apple iOS, Google Android and Google Chromebook among others." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3338", "Certificate Number": "3338", "Vendor Name": "FileCloud", "Module Name": "FileCloud Cryptographic Module", "Module Type": "Software", "Validation Date": "12/07/201812/17/201803/03/202203/29/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3338.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3338", "detail_available": true, "module_name": "FileCloud Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #2038", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The FileCloud Cryptographic Module is a standards-based cryptographic engine for FileCloud Server. FileCloud Server is a hyper-secure content collaboration platform that enables enterprises to sync, share, and govern files from various external clients such as web browsers, native file synchronization clients, or mobile applications. The FileCloud Cryptographic Module for FileCloud Server provides robust encryption support for data in transit and at rest to enable best in class security of enterprise data.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3337", "Certificate Number": "3337", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SRX4600 Services Gateway", "Module Type": "Hardware", "Validation Date": "12/04/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3337.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3337", "detail_available": true, "module_name": "Juniper Networks SRX4600 Services Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The SRX4600 is a high-performance, next-generation firewall supporting cloud-enabled enterprise data center, campus or service provider networks. It offers high-scale security services while providing scalability, ease of management, secure connectivity, and advanced threat mitigation capabilities.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3336", "Certificate Number": "3336", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks vSRX Virtual Firewall", "Module Type": "Software", "Validation Date": "12/03/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3336.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3336", "detail_available": true, "module_name": "Juniper Networks vSRX Virtual Firewall", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The vSRX delivers a complete and integrated virtual security solution, including unified threat management(UTM), intrusion detection and prevention (IDP), granular application control and robust networking. It provides seamless automated life cycle management capabilities making it an ideal solution for Service Providers, Cloud and Enterprise deployments. The vSRX supports Juniper Networks Contrail, OpenContrail, Openstack and other third-party solutions.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3335", "Certificate Number": "3335", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle OpenSSL FIPS Object Module", "Module Type": "Software", "Validation Date": "12/03/201807/18/201904/29/202010/23/202003/02/202105/17/202108/03/202107/29/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3335.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3335", "detail_available": true, "module_name": "Oracle OpenSSL FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Oracle OpenSSL FIPS Object Module is a software library providing a C language application program interface (API) for use by processes that require cryptographic services. It is implemented in products such as Oracle Solaris 11, Oracle Integrated Lights Out Manager (ILOM), and Oracle ZFS Storage Appliance.", "algorithms": [ "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3334", "Certificate Number": "3334", "Vendor Name": "Thales", "Module Name": "eToken 5300 Micro MD 4.3.5", "Module Type": "Hardware", "Validation Date": "11/29/201806/09/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3334.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3334", "detail_available": true, "module_name": "eToken 5300 Micro MD 4.3.5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with IDPrime MD 830-revB", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "eToken 5300 is an ideal solution for enterprises looking to deploy the military-grade security of PKI, while maintaining a convenient solution for employees. The eToken 5300 is a compact, tamper-evident USB with presence detection, which creates a third factor of authentication. Something you have (physical token), something you know (PIN), something you do (touching the token). The eToken 5300 is a state-of-the-art new design, which offers multi-application dynamic smart card functionality.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDH", "ECDSA", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3333", "Certificate Number": "3333", "Vendor Name": "Nokia Corporation", "Module Name": "7705 SAR-OS SAR-18/8/X/Ax/Wx/W/H/Hc Control Plane Cryptographic Module (SARCPCM)", "Module Type": "Software", "Validation Date": "11/28/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3333.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3333", "detail_available": true, "module_name": "7705 SAR-OS SAR-18/8/X/Ax/Wx/W/H/Hc Control Plane Cryptographic Module (SARCPCM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in the Security Policy Section 9.1", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The 7705 SAR-OS SAR-18/8/X/Ax/Wx/W/H/Hc Control Plane Cryptographic Module (SARCPCM) provides the cryptographic algorithm functions needed to allow SAR-OS to implement cryptography for those services and protocols that require it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3332", "Certificate Number": "3332", "Vendor Name": "Infoblox", "Module Name": "Infoblox Trinzic 825, Trinzic 1425, Trinzic 2225, Trinzic 4015 and Trinzic 4025 DDI Appliances", "Module Type": "Hardware", "Validation Date": "11/27/201802/19/201910/30/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3332.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3332", "detail_available": true, "module_name": "Infoblox Trinzic 825, Trinzic 1425, Trinzic 2225, Trinzic 4015 and Trinzic 4025 DDI Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 3.4 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Infoblox Trinzic 825, Trinzic 1425, Trinzic 2225, Trinzic 4015 and Trinzic 4025 DDI Appliances enable customers to deploy large, robust, manageable and cost-effective Infoblox Grids. This next-generation solution enables distributed delivery of core network services (including DNS, DHCP, IPAM, TFTP, and FTP) with the nonstop availability and real-time service management required for today's 24x7 advanced IP networks and applications.", "algorithms": [ "CVL", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3331", "Certificate Number": "3331", "Vendor Name": "Nokia Corporation", "Module Name": "7705 SAR-OS SAR-A/M Cryptographic Module (SARCM)", "Module Type": "Software", "Validation Date": "11/21/201812/04/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3331.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3331", "detail_available": true, "module_name": "7705 SAR-OS SAR-A/M Cryptographic Module (SARCM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in the Security Policy Section 9.1", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The 7705 SAR-OS SAR-A/M Cryptographic Module (SARCM) provides the cryptographic algorithm functions needed to allow SAR-OS to implement cryptography for those services and protocols that require it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3330", "Certificate Number": "3330", "Vendor Name": "Infoblox", "Module Name": "Infoblox Trinzic Virtual DDI Appliance", "Module Type": "Firmware", "Validation Date": "11/21/201802/28/201910/30/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3330.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3330", "detail_available": true, "module_name": "Infoblox Trinzic Virtual DDI Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 3.4 of the Security Policy", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "Infoblox Trinzic Virtual DDI Appliances enable customers to deploy large, robust, manageable and cost-effective Infoblox Grids. This next-generation solution enables distributed delivery of core network services (including DNS, DHCP, IPAM, TFTP, and FTP) with the nonstop availability and real-time service management required for today's 24x7 advanced IP networks and applications.", "algorithms": [ "CVL", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3329", "Certificate Number": "3329", "Vendor Name": "Realia Technologies, S.L.", "Module Name": "Cryptosec Dekaton", "Module Type": "Hardware", "Validation Date": "11/20/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3329.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3329", "detail_available": true, "module_name": "Cryptosec Dekaton", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and utilizing a Trusted Path as specified in the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Cryptosec Dekaton is a high-end cryptographic accelerator card that provides cryptographic services and secure storage of cryptographic keys. The module is built to perform general cryptographic processing and features a tamper-responsive case to physically protect sensitive information contained within the card.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3328", "Certificate Number": "3328", "Vendor Name": "CardioNet, LLC", "Module Name": "Philips ECG Solutions Cryptographic Module", "Module Type": "Software", "Validation Date": "11/14/201811/20/201803/15/202209/26/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3328.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3328", "detail_available": true, "module_name": "Philips ECG Solutions Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #2038", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Philips ECG Solutions Cryptographic Module is a standards-based, FIPS 140-2 compliant solution. The module features robust algorithm support.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3327", "Certificate Number": "3327", "Vendor Name": "SonicWall, Inc.", "Module Name": "SonicWALL TZ 300/TZ 300W, TZ 400/TZ 400W, TZ 500/TZ 500W, TZ 600, SOHOW, SM 9200, SM 9400, SM 9600 and NSₐ 2650, NSₐ 3600, NSₐ 3650, NSₐ 4600, NSₐ 4650, NSₐ 5600, NSₐ 5650, NSₐ 6600, NSₐ 6650, NSₐ 9250, NSₐ 9450, NSₐ 9650", "Module Type": "Hardware", "Validation Date": "11/14/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3327.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3327", "detail_available": true, "module_name": "SonicWALL TZ 300/TZ 300W, TZ 400/TZ 400W, TZ 500/TZ 500W, TZ 600, SOHOW, SM 9200, SM 9400, SM 9600 and NSₐ 2650, NSₐ 3600, NSₐ 3650, NSₐ 4600, NSₐ 4650, NSₐ 5600, NSₐ 5650, NSₐ 6600, NSₐ 6650, NSₐ 9250, NSₐ 9450, NSₐ 9650", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The SonicWall family of firewalls tightly integrates intrusion prevention, malware protection, Application Intelligence and Control with real-time Visualization. Dell SonicWALL Reassembly-Free Deep Packet Inspection engine scans 100% of traffic and massively scales to meet needs of the most high-performance networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3326", "Certificate Number": "3326", "Vendor Name": "Fortanix, Inc.", "Module Name": "Self-Defending Key Management Service™", "Module Type": "Software", "Validation Date": "11/13/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3326.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3326", "detail_available": true, "module_name": "Self-Defending Key Management Service™", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy. When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Fortanix Self-Defending Key Management Service™ (SDKMS) is the world’s first cloud service secured with Intel® SGX and built using Fortanix’s patented Runtime Encryption Technology. With SDKMS, you can securely generate, store, and use cryptographic keys and certificates, as well as secrets, or any blob of data. You can integrate with SDKMS using legacy cryptographic interfaces or using its native RESTful interface. SDKMS ensures that you remain in complete control over your keys and secrets. It provides access control to users and applications to enforce authorized access to keys.", "algorithms": [ "AES", "CVL", "DRBG", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3325", "Certificate Number": "3325", "Vendor Name": "Bricata, Inc.", "Module Name": "Bricata Cryptographic Module", "Module Type": "Software", "Validation Date": "11/10/201803/16/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3325.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3325", "detail_available": true, "module_name": "Bricata Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Bricata Cryptographic Module provides a trusted implementation of the core cryptographic functions used when securely communicating between our products, users and other systems.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3324", "Certificate Number": "3324", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series", "Module Type": "Hardware", "Validation Date": "11/08/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3324.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3324", "detail_available": true, "module_name": "Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series, is a FIPS 140-2 Level 2 SSD (Solid State Drive), supporting TCG Enterprise SSC based SED (Self-Encrypting Drive) features, designed to protect unauthorized access to the user data stored in its NAND Flash memories. The built-in AES HW engines in the cryptographic module’s controller provide on-the-fly encryption and decryption of the user data without performance loss. The SED’s nature also provides instantaneous sanitization of the user data via cryptographic erase" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3323", "Certificate Number": "3323", "Vendor Name": "STMicroelectronics", "Module Name": "Trusted Platform Module ST33TPHF20SPI & ST33TPHF20I2C", "Module Type": "Hardware", "Validation Date": "11/07/201801/27/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3323.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3323", "detail_available": true, "module_name": "Trusted Platform Module ST33TPHF20SPI & ST33TPHF20I2C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Section 1.7 of the Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The Trusted Platform Module ST33TPHF20SPI & ST33TPHF20I2C (TPM) is a hardware cryptographic module which implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography, as well as key and random number generation. The TPM is a complete solution implementing the Trusted Platform Module Library Specification, Family \"2.0\", Level 00, Revision 01.38, September 2016. See www.trustedcomputinggroup.org for further information on TCG and TPM." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3322", "Certificate Number": "3322", "Vendor Name": "Thales", "Module Name": "eToken 5300 Mini MD 4.3.5", "Module Type": "Hardware", "Validation Date": "11/06/201806/07/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3322.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3322", "detail_available": true, "module_name": "eToken 5300 Mini MD 4.3.5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode with IDPrime MD 830-revB", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "eToken 5300 is an ideal solution for enterprises looking to deploy the military-grade security of PKI, while maintaining a convenient solution for employees. The eToken 5300 is a compact, tamper-evident USB with presence detection, which creates a third factor of authentication. Something you have (physical token), something you know (PIN), something you do (touching the token). The eToken 5300 is a state-of-the-art new design, which offers multi-application dynamic smart card functionality.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDH", "ECDSA", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3321", "Certificate Number": "3321", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Pitney Bowes X4 Hardware Security Module (HSM)", "Module Type": "Hardware", "Validation Date": "11/06/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3321.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3321", "detail_available": true, "module_name": "Pitney Bowes X4 Hardware Security Module (HSM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS Mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The X4 HSM is a single chip cryptographic module using the Maxim MAX32590 hardware. The central purpose of the module is as a physical computing device that safeguards and manages cryptographic keys and provides cryptographic services to connected host devices. The module uses a number of strong identity based authentication mechanisms to provide authentication, integrity, and when necessary non-repudiation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3320", "Certificate Number": "3320", "Vendor Name": "Splunk, Inc.", "Module Name": "Splunk Phantom Cryptographic Module", "Module Type": "Software", "Validation Date": "11/06/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3320.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3320", "detail_available": true, "module_name": "Splunk Phantom Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Splunk Phantom Cryptographic Module is a statically linked object module, providing cryptographic functionality to Splunk’s Phantom series of applications. Phantom solutions provide security automation and orchestration functionality.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3319", "Certificate Number": "3319", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SRX1500, SRX4100 and SRX4200 Services Gateways", "Module Type": "Hardware", "Validation Date": "11/05/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3319.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3319", "detail_available": true, "module_name": "Juniper Networks SRX1500, SRX4100 and SRX4200 Services Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The SRX1500, SRX4100, SRX4200 Service Gateways offer outstanding protection, performance, scalability, availability, and integrated security services. Designed for high-performance security services architecture, and seamless integration of networking and security in a single platform, the SRX1500, SRX4100, and SRX4200 are best suited for campuses, regional headquarters and enterprise data centers with a focus on application visibility and control, intrusion prevention, advanced threat protection, authentication, confidentiality of information, and integrated cloud-based security.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3318", "Certificate Number": "3318", "Vendor Name": "Google, Inc.", "Module Name": "BoringCrypto", "Module Type": "Software", "Validation Date": "11/02/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3318.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3318", "detail_available": true, "module_name": "BoringCrypto", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 12.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "A software library that contains cryptographic functionality to serve BoringSSL and other user-space applications.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3317", "Certificate Number": "3317", "Vendor Name": "Forcepoint", "Module Name": "Forcepoint Next Generation Firewall", "Module Type": "Hardware", "Validation Date": "11/01/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3317.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3317", "detail_available": true, "module_name": "Forcepoint Next Generation Firewall", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When configured as specified in the section 3 Secure Operation of the Security Policy with tamper evident labels SKU ACFIPS3 Forcepoint NGFW FIPS Kit installed as indicated in the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Forcepoint NGFW is a next generation firewall that blocks malicious attacks and prevents the theft of data and intellectual property while transforming infrastructure and increasing the efficiency of your operations. With Forcepoint NGFW, painlessly handle the rapid shift to encrypted transmissions for both incoming and outgoing traffic." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3315", "Certificate Number": "3315", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Firepower Threat Defense on ASA Cryptographic Module", "Module Type": "Hardware", "Validation Date": "10/26/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3315.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3315", "detail_available": true, "module_name": "Cisco Firepower Threat Defense on ASA Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed with the tamper evident seals and opacity shields, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Cisco Firepower Threat Defense (FTD) is a unified software image, which includes the Cisco ASA features and FirePOWER Services. This unified software is capable of offering the functions of ASA and FirePOWER deployed on Cisco Firepower 4100 Series and the Firepower 9300 appliances as well the FTD can be also be deployed on Cisco Firepower Threat Defense (FTD) ASA 5506-X, ASA 5506H-X, ASA 5506W-X, ASA 5508-X, ASA 5512-X, ASA 5515-X, ASA 5516-X, ASA 5525-X, ASA 5545-X, and ASA 5555-X.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3314", "Certificate Number": "3314", "Vendor Name": "Hitachi, Ltd.", "Module Name": "Hitachi Flash Module Drive HDE", "Module Type": "Hardware", "Validation Date": "10/23/201811/30/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3314.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3314", "detail_available": true, "module_name": "Hitachi Flash Module Drive HDE", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Hitachi Flash Module Drive HDE provides the cryptographic functionality for Hitachi storage.", "algorithms": [ "AES", "DRBG", "HMAC", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3313", "Certificate Number": "3313", "Vendor Name": "Ixia, a Keysight Business", "Module Name": "Ixia Cryptographic Module for OpenSSL", "Module Type": "Software", "Validation Date": "10/23/201812/11/201801/31/201905/28/202009/18/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3313.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3313", "detail_available": true, "module_name": "Ixia Cryptographic Module for OpenSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy and operated in FIPS mode. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security relevant modification to Cert. #3220.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Ixia, a Keysight business, Cryptographic Module for OpenSSL is integrated into Ixia's network visibility platform to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3312", "Certificate Number": "3312", "Vendor Name": "Texas Instruments, Inc.", "Module Name": "TI SimpleLink WiFi Networking Subsystem Crypto Module", "Module Type": "Firmware-Hybrid", "Validation Date": "10/23/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3312.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3312", "detail_available": true, "module_name": "TI SimpleLink WiFi Networking Subsystem Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module TI SimpleLink WiFi MCU HW Crypto Engines Module validated to FIPS 140-2 under Cert. #3272 operating in FIPS mode", "module_type": "Firmware-Hybrid", "embodiment": "Single Chip", "description": "The TI SimpleLink Wi-Fi Family brings highly secured connectivity solutions for embedded Wi-Fi and Internet of Things applications. It consists of a Wi-Fi network and security processor subsystem, a Wi-Fi driver, multiple internet protocols in ROM and ARM Cortex-M4 application microcontroller with a rich set of peripherals." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3311", "Certificate Number": "3311", "Vendor Name": "Ixia, a Keysight Business", "Module Name": "Ixia Cryptographic Module for Network Visibility", "Module Type": "Software", "Validation Date": "10/23/201803/07/201905/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3311.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3311", "detail_available": true, "module_name": "Ixia Cryptographic Module for Network Visibility", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3152.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Ixia, a Keysight business, Cryptographic Module for Network Visibility is integrated into Ixia's Vision portfolio of network packet brokers (NPBs) to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3310", "Certificate Number": "3310", "Vendor Name": "Gemalto", "Module Name": "IDCore 3130 Platform", "Module Type": "Hardware", "Validation Date": "10/23/201810/25/201806/06/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3310.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3310", "detail_available": true, "module_name": "IDCore 3130 Platform", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "IDCore 3130 is a highly secured smartcard platform with dual interfaces compliant with Javacard 3.0.5, Global Platform 2.2.1 standards, designed to operate with Infineon SLE78 chip (M7892). The library implements TDEA, AES, AES-CMAC, SHA1-224-256-384-512, RSA, RSA CRT, ECDSA, ECC CDH, KDF CMAC-AES, KAS OnePassDH and SP800-90A RNG algorithms.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "KAS", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3309", "Certificate Number": "3309", "Vendor Name": "SafeLogic, Inc.", "Module Name": "CryptoComply", "Module Type": "Software", "Validation Date": "10/19/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3309.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3309", "detail_available": true, "module_name": "CryptoComply", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SafeLogic's CryptoComply is designed to provide FIPS 140-2 validated cryptographic functionality and is available for licensing.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3308", "Certificate Number": "3308", "Vendor Name": "Giesecke+Devrient Mobile Security GmbH", "Module Name": "StarSign PIV Applet V 1.0 on Giesecke+Devrient Sm@rtCafé Expert 7.0", "Module Type": "Hardware", "Validation Date": "10/19/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3308.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3308", "detail_available": true, "module_name": "StarSign PIV Applet V 1.0 on Giesecke+Devrient Sm@rtCafé Expert 7.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with module Sm@rtCafé Expert 7.0 validated to FIPS 140-2 under Cert. #2327 operating in FIPS mode.", "module_type": "Hardware", "embodiment": "Single Chip", "description": "StarSign PIV Applet V 1.0 on Giesecke+Devrient Sm@rtCafé Expert 7.0 provides authentication, encryption, and digital signature cryptographic services and is intended for general use. Sm@rtCafé Expert 7.0 is a Smart Card based on Java Card and GlobalPlatform Technology. Sm@rtCafé Expert 7.0 conforms to Java Card Classic Platform Specification 3.0.4 and GlobalPlatform Card Specification Version 2.2.1 supporting Secure Channel Protocol 03, Card Specification V2.2 Amendment D. The product is suitable for government and corporate identification, payment and banking, health care and authentication.", "algorithms": [ "AES", "DRBG", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3307", "Certificate Number": "3307", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung NVMe TCG Opal SSC SEDs PM1723b Series", "Module Type": "Hardware", "Validation Date": "10/19/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3307.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3307", "detail_available": true, "module_name": "Samsung NVMe TCG Opal SSC SEDs PM1723b Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Rules Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Samsung NVMe TCG Opal SSC SEDs PM1723b Series are a high-performance Self-Encrypting SSDs supporting NVMe Interface that provides on-the-fly encryption/decryption of user data without performance loss. It implements AES256-XTS for user data encryption, ECDSA P-224 for FW authentication, and Hash_DRBG for key generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3306", "Certificate Number": "3306", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco FTD FX-OS on 4K/9K Cryptographic Module", "Module Type": "Hardware", "Validation Date": "10/19/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3306.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3306", "detail_available": true, "module_name": "Cisco FTD FX-OS on 4K/9K Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed with the tamper evident seals and opacity shields, initialized and configured as specified in Section 3 of the Security Policy. This module contains the embedded module Cisco Firepower Threat Defense on 4K/9K Cryptographic Module validated to FIPS 140-2 under Cert. #3287 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "This Cisco Firepower eXtensible Operating System (FX-OS) is part of the Cisco Application Centric Infrastructure (ACI) Security Solution and provides an agile, open, built for scalability, consistent control, and simplified management. The FX-OS provides provides high performance, flexible input/output configurations, and scalability. A graphical user interface provides streamlined, visual representation of current chassis status and simplified configuration of chassis features. A command-based interface for configuring features, monitoring chassis status, and accessing advanced troublesho", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3305", "Certificate Number": "3305", "Vendor Name": "128 Technology", "Module Name": "128 Technology Cryptographic Module", "Module Type": "Software", "Validation Date": "10/18/201803/16/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3305.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3305", "detail_available": true, "module_name": "128 Technology Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The 128T Networking Platform is a software-based, distributed routing and network services solution. The 128T Networking Platform uses Secure Vector Routing to simplify network architectures and provide fine-grained, end-to-end control and visibility. 128T runs on general-purpose computer and allows a wide range of deployment models - from remote branch offices to high-capacity network edges to hyper-scale data centers. The platform enables greater security and agility by distributing intelligence throughout the network - without disrupting your existing network infrastructure.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3304", "Certificate Number": "3304", "Vendor Name": "Mirantis, Inc.", "Module Name": "Mirantis Crypto Library", "Module Type": "Software", "Validation Date": "10/17/201802/24/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3304.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3304", "detail_available": true, "module_name": "Mirantis Crypto Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When configured and initialized as specified in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Mirantis Cryptographic Library provides the cryptographic functionality necessary to support TLS-secured communications between Datacenter components, users, and external IT entities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3303", "Certificate Number": "3303", "Vendor Name": "Hewlett Packard Enterprise Development LP", "Module Name": "HPE SimpliVity OmniStack Crypto Library", "Module Type": "Software", "Validation Date": "10/17/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3303.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3303", "detail_available": true, "module_name": "HPE SimpliVity OmniStack Crypto Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "The module generates cryptographic keys whose strengths are modified by the available entropy. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The module consists of a cryptographic library based on the OpenSSL FIPS Canister (OpenSSL FIPS Object Module version 2.0.13). It is compiled into object form (fipscanister.o for Linux-based systems, fipscanister.lib on Windows-based systems) and then statically linked to an instance of the OpenSSL version 1.0.2k libcrypto library at build-time. The OpenSSL libcrypto library is then linked to the calling application (dynamically linked on Linux, statically linked on Windows), which is loaded into memory for execution by the operating system loader." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3302", "Certificate Number": "3302", "Vendor Name": "STMicroelectronics", "Module Name": "Trusted Platform Module ST33TPHF2ESPI & ST33TPHF2EI2C", "Module Type": "Hardware", "Validation Date": "10/15/201802/08/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3302.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3302", "detail_available": true, "module_name": "Trusted Platform Module ST33TPHF2ESPI & ST33TPHF2EI2C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "ST Microelectronics Trusted Platform Module is a hardware cryptographic module which implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography, as well as key generation and random number generation as defined by the Trusted Computing Group (TCG) version 1.2 and version 2.0 specification." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3301", "Certificate Number": "3301", "Vendor Name": "Thales", "Module Name": "SafeNet PCIe Cryptographic Module for SafeNet IS", "Module Type": "Hardware", "Validation Date": "10/15/201812/20/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3301.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3301", "detail_available": true, "module_name": "SafeNet PCIe Cryptographic Module for SafeNet IS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and configured and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "SafeNet PCIe Cryptographic Module for SafeNet IS cryptographic module features powerful cryptographic processing and hardware key management for applications where performance and security are the priority. The multi-chip embedded hardware cryptographic module offers hardware-based key management and cryptographic operations to protect sensitive keys. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI-E card.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3300", "Certificate Number": "3300", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll)", "Module Type": "Software", "Validation Date": "10/15/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3300.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3300", "detail_available": true, "module_name": "Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Microsoft Windows Cryptographic Primitives Library is a general purpose, software-based, cryptographic module. The primitive provider functionality is offered through one cryptographic module, BCRYPT.DLL (version 7.00.2883), subject to FIPS 140-2 validation. BCRYPT.DLL provides cryptographic services, through its documented interfaces, to Windows Embedded Compact 7 components and applications running on Windows Embedded Compact 7." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3299", "Certificate Number": "3299", "Vendor Name": "Ruckus Wireless, Inc.", "Module Name": "FastIron ICX™ 7450 Series Switch/Router", "Module Type": "Hardware", "Validation Date": "10/15/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3299.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3299", "detail_available": true, "module_name": "FastIron ICX™ 7450 Series Switch/Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When assembled as per Security Policy Table 3, and configured in FIPS Approved Mode as per Security Policy Section 8", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Ruckus ICX 7450 delivers unprecedented scale-out density with enterprise-class availability. With SDN support, a service module for IPsec VPN, and 40 GbE ports for uplinks all in a stackable design, these switches enable services to be added anywhere in the network.", "algorithms": [ "AES", "DES", "DSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3298", "Certificate Number": "3298", "Vendor Name": "Nuix USG Inc.", "Module Name": "NuixCrypt", "Module Type": "Software", "Validation Date": "10/15/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3298.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3298", "detail_available": true, "module_name": "NuixCrypt", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "NuixCrypt is a comprehensive suite of FIPS Approved algorithms. All key sizes and modes have been implemented to allow flexibility and efficiency.", "algorithms": [ "AES", "DES", "HMAC", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3297", "Certificate Number": "3297", "Vendor Name": "SECUREDATA, Inc.", "Module Name": "SecureDrive KP", "Module Type": "Hardware", "Validation Date": "09/27/201810/12/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3297.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3297", "detail_available": true, "module_name": "SecureDrive KP", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Hardware encrypted USB 3.0 SATA drive with integrated keypad for authentication and configuration." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3296", "Certificate Number": "3296", "Vendor Name": "Ruckus Wireless, Inc.", "Module Name": "FastIron ICX™ 7650 Series Switch/Router", "Module Type": "Hardware", "Validation Date": "09/26/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3296.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3296", "detail_available": true, "module_name": "FastIron ICX™ 7650 Series Switch/Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When configured in FIPS Approved Mode as per Security Policy Section 8", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Ruckus ICX 7650 Switch is designed to meet the new challenges of the multigigabit wireless era. It delivers non-blocking performance, high availability, and scalability with Multigigabit Ethernet access (2.5/5/10GbE), high PoE output with 802.3bt** support as well as 10 Gigabit Ethernet Aggregation and 40/100GbE uplink options.", "algorithms": [ "AES", "DES", "DSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3295", "Certificate Number": "3295", "Vendor Name": "iStorage Ltd.", "Module Name": "iStorage diskAshur PRO² Level 2 Secure Storage Drive", "Module Type": "Hardware", "Validation Date": "09/26/201810/17/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3295.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3295", "detail_available": true, "module_name": "iStorage diskAshur PRO² Level 2 Secure Storage Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "diskAshur PRO² Level 2 is a portable USB 3.1 hard drive with real-time AES-XTS 256-bit hardware encryption and super-fast data transfer. An easy-to-use keypad enables secure access with unique 7-15 digit PINs and software-free setup and operation. The diskAshur PRO² is platform/device independent. The GDPR compliant diskAshur PRO² has a dedicated secure microprocessor (Common Criteria EAL4+ ready), employing built-in physical protection mechanisms to defend against external tamper, bypass attacks and more. All critical components are covered by super tough epoxy resin.", "algorithms": [ "AES", "DRBG", "HMAC", "KDF", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3294", "Certificate Number": "3294", "Vendor Name": "iStorage Ltd.", "Module Name": "iStorage FIPS 140-2 Level 2 Module Rev 1.0", "Module Type": "Hardware", "Validation Date": "09/26/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3294.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3294", "detail_available": true, "module_name": "iStorage FIPS 140-2 Level 2 Module Rev 1.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "iStorage FIPS 140-2 Module is a portable USB 3.1 module with real-time AES-XTS 256-bit hardware encryption and super-fast data transfer. An easy-to-use keypad interface enables secure access with unique 7-15 digit PINs and software-free setup and operation. The module is platform/device independent. The GDPR compliant module has a dedicated secure microprocessor (Common Criteria EAL4+ ready), employing built-in physical protection mechanisms to defend against external tamper, bypass attacks and more. All critical components are covered by super tough epoxy resin.", "algorithms": [ "AES", "DRBG", "HMAC", "KDF", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3293", "Certificate Number": "3293", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux Libreswan Cryptographic Module", "Module Type": "Software", "Validation Date": "09/25/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3293.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3293", "detail_available": true, "module_name": "Red Hat Enterprise Linux Libreswan Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "With module Red Hat Enterprise Linux NSS Cryptographic Module validated to FIPS 140-2 under Cert. #3270 operating in FIPS mode and Red Hat Enterprise Linux OpenSSL Module validated to FIPS 140-2 under Cert. #3016 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Red Hat Enterprise Linux Libreswan Cryptographic Module is a software only cryptographic module that provides the IKE protocol version 1 and version 2 key agreement services required for IPSec." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3292", "Certificate Number": "3292", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "09/25/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3292.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3292", "detail_available": true, "module_name": "Red Hat Enterprise Linux Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Red Hat Enterprise Linux NSS Cryptographic Module validated to FIPS 140-2 under Cert. #3270 operating in FIPS mode. The module generates random strings whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Linux kernel Crypto API implemented in Red Hat Enterprise Linux 7 provides services operating inside the Linux kernel with various ciphers, message digests and an approved random number generator." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3291", "Certificate Number": "3291", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung Kernel Cryptographic Module", "Module Type": "Software", "Validation Date": "09/25/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3291.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3291", "detail_available": true, "module_name": "Samsung Kernel Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Provides general purpose cryptographic services to services in the Linux kernel and user-space applications, intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3290", "Certificate Number": "3290", "Vendor Name": "KIOXIA Corporation", "Module Name": "KIOXIA TCG Enterprise SSC Crypto Sub-Chip", "Module Type": "Hardware", "Validation Date": "09/21/201810/01/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3290.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3290", "detail_available": true, "module_name": "KIOXIA TCG Enterprise SSC Crypto Sub-Chip", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The KIOXIA TCG Enterprise SSC Crypto Sub-Chip is used for solid state drive data security." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3289", "Certificate Number": "3289", "Vendor Name": "SonicWall, Inc.", "Module Name": "SonicWALL TZ 300/TZ 300W, TZ 400/TZ 400W, TZ 500/TZ 500W, TZ 600, SOHOW, SM 9200, SM 9400, SM 9600 and NSₐ 2650, NSₐ 3600, NSₐ 3650, NSₐ 4600, NSₐ 4650, NSₐ 5600, NSₐ 5650, NSₐ 6600", "Module Type": "Hardware", "Validation Date": "09/20/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3289.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3289", "detail_available": true, "module_name": "SonicWALL TZ 300/TZ 300W, TZ 400/TZ 400W, TZ 500/TZ 500W, TZ 600, SOHOW, SM 9200, SM 9400, SM 9600 and NSₐ 2650, NSₐ 3600, NSₐ 3650, NSₐ 4600, NSₐ 4650, NSₐ 5600, NSₐ 5650, NSₐ 6600", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The SonicWall family of firewalls tightly integrates intrusion prevention, malware protection, Application Intelligence and Control with real-time Visualization. Dell SonicWALL Reassembly-Free Deep Packet Inspection engine scans 100% of traffic and massively scales to meet needs of the most high-performance networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3288", "Certificate Number": "3288", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks NFX250 Network Services Platform", "Module Type": "Hardware", "Validation Date": "09/19/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3288.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3288", "detail_available": true, "module_name": "Juniper Networks NFX250 Network Services Platform", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 1.2 and 6 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "NFX250 Network Services Platform are Juniper Network’s secure, automated, software-driven customer premises equipment (CPE) devices that deliver virtualized network and security services on demand. Leveraging Network Functions Virtualization (NFV) and built on the Juniper Cloud CPE solution, NFX250 enables service providers to deploy and service chain multiple, secure, high-performance virtualized network functions (VNFs) as a single device. This automated, software-driven solution dynamically provisions new services on demand.", "algorithms": [ "AES", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3287", "Certificate Number": "3287", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Firepower Threat Defense on 4K/9K Cryptographic Module", "Module Type": "Hardware", "Validation Date": "09/18/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3287.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3287", "detail_available": true, "module_name": "Cisco Firepower Threat Defense on 4K/9K Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Cisco Firepower Threat Defense (FTD) is a unified software image, which includes the Cisco ASA features and FirePOWER Services. This unified software is capable of offering the function of ASA and FirePOWER in one platform. This consolidates next-generation firewall, including stateful firewalling, routing, Next-Generation Intrusion Prevention System (NGIPS), Application Visibility and Control (AVC), URL filtering, and Advanced Malware Protection (AMP).", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3286", "Certificate Number": "3286", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Adaptive Security Appliances Cryptographic Module", "Module Type": "Hardware", "Validation Date": "09/17/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3286.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3286", "detail_available": true, "module_name": "Cisco Adaptive Security Appliances Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy. This module contains the embedded module Cisco Firepower Cryptographic Module validated to FIPS 140-2 under Cert. #3261 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Enterprise-class firewall capabilities for the ASA devices in an array of form factors - standalone appliances tailor-made for small and midsize businesses, midsize appliances for businesses improving security . This solution offers the combination of the industry's most deployed stateful firewall with a comprehensive range of next-generation network security services.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3285", "Certificate Number": "3285", "Vendor Name": "Unisys Corporation", "Module Name": "Unisys OS 2200 Cryptographic Library", "Module Type": "Software", "Validation Date": "09/13/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3285.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3285", "detail_available": true, "module_name": "Unisys OS 2200 Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Unisys OS 2200 Cryptographic Library provides Unisys OS 2200 programs with access to FIPS-approved cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3284", "Certificate Number": "3284", "Vendor Name": "Berryville Holdings, LLC", "Module Name": "Cryptographic Module for Fognigma", "Module Type": "Software", "Validation Date": "09/12/201810/05/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3284.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3284", "detail_available": true, "module_name": "Cryptographic Module for Fognigma", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy and operated in FIPS mode. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Cryptographic Module for Fognigma is a general purpose cryptographic module integrated in the Fognigma platform to provide FIPS 140-2 validated cryptography for the protection of sensitive information. This module provides the cryptographic services that are used by the Fognigma platform to generate its Virtual Private Network (VPN).", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3283", "Certificate Number": "3283", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "09/12/201803/29/201908/21/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3283.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3283", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3282", "Certificate Number": "3282", "Vendor Name": "Hewlett Packard Enterprise", "Module Name": "HPE LTO-7 and LTO-8 Encrypting Tape Drive", "Module Type": "Hardware", "Validation Date": "09/12/201804/08/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3282.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3282", "detail_available": true, "module_name": "HPE LTO-7 and LTO-8 Encrypting Tape Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The HPE LTO-7 and LTO-8 Ultrium tape drives represent Hewlett Packard Enterprise's seventh and eight generations of LTO tape drive technology, capable of storing up to 15TB (LTO-7 compressed 2.5:1) and 30TB (LTO-8 compressed 2.5:1) per cartridge while providing AES 256-bit hardware data encryption to protect the most sensitive data and prevent unauthorized access of tape cartridges. Capable of data transfer rates up to 300 MB/sec (native), its Speed Matching feature further optimizes performance by matching the speed of the host to keep drives streaming and increase the reliability of the drive and media. The HPE LTO-7 and LTO-8 Ultrium tape drives are available as standalone internal and desktop devices or for integration into HPE MSL autoloaders and tape libraries." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3281", "Certificate Number": "3281", "Vendor Name": "Mojo Networks, Inc.", "Module Name": "Mojo Wireless Manager", "Module Type": "Firmware", "Validation Date": "09/05/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3281.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3281", "detail_available": true, "module_name": "Mojo Wireless Manager", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode.", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The module transmits policy and configuration information to wireless access points, wireless intrusion protection sensors, switches and traffic gateway that are deployed on the network. It receives, stores and processes information about network performance and security from the edge devices." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3280", "Certificate Number": "3280", "Vendor Name": "Cavium Inc.", "Module Name": "NITROX XL 1600-NFBE HSM Family", "Module Type": "Software", "Validation Date": "09/05/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3280.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3280", "detail_available": true, "module_name": "NITROX XL 1600-NFBE HSM Family", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized and configured per the Security Policy. This validation entry is a non-security-relevant modification to Cert. #3248", "module_type": "Software", "embodiment": "Multi-Chip Embedded", "description": "The NITROX XL 1600-NFBE HSM adapter family delivers the world's fastest FIPS 140-2 Level 3 Hardware Security Module (HSM) with PCIe Gen 2.0. The HSM family of offers up to 9000 RSA 2k-bit operations per second and 5 Gbps of bulk crypto." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3279", "Certificate Number": "3279", "Vendor Name": "Hitachi, Ltd.", "Module Name": "Hitachi Virtual Storage Platform (VSP) Encryption Board", "Module Type": "Hardware", "Validation Date": "09/04/201803/21/201903/30/202009/01/202112/27/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3279.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3279", "detail_available": true, "module_name": "Hitachi Virtual Storage Platform (VSP) Encryption Board", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 8.1 and 8.2 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Hitachi Virtual Storage Platform (VSP) Encryption Board provides high speed data at rest encryption for Hitachi storage.", "algorithms": [ "AES", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3278", "Certificate Number": "3278", "Vendor Name": "Hitachi, Ltd.", "Module Name": "Hitachi Virtual Storage Platform (VSP) Encryption Module", "Module Type": "Hardware", "Validation Date": "09/04/201802/07/201903/21/201903/30/202009/01/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3278.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3278", "detail_available": true, "module_name": "Hitachi Virtual Storage Platform (VSP) Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Hitachi Virtual Storage Platform (VSP) Encryption Module provides high speed data at rest encryption for Hitachi storage.", "algorithms": [ "AES", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3277", "Certificate Number": "3277", "Vendor Name": "Ruckus Wireless, Inc.", "Module Name": "FastIron ICX™ 7750, ICX™ 7250 and ICX™ 7150 Series Switch/Router", "Module Type": "Hardware", "Validation Date": "09/04/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3277.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3277", "detail_available": true, "module_name": "FastIron ICX™ 7750, ICX™ 7250 and ICX™ 7150 Series Switch/Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Ruckus ICX 7750 delivers chassis performance in the network’s aggregation and core switching operations. The Ruckus ICX 7250 delivers stand-out performance and flexibility, and SDN readiness that cost-effectively scales as demands grow and new technologies emerge. The Ruckus ICX 7150 combines enterprise-class switching features with high performance at entry-level price.The ICX 7150 family of switches are in available in three formats: standard, Z-Series with Multigigabit support, and compact.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3276", "Certificate Number": "3276", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Firepower Next-Generation IPS Virtual (NGIPSv) Cryptographic Module", "Module Type": "Software", "Validation Date": "08/30/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3276.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3276", "detail_available": true, "module_name": "Cisco Firepower Next-Generation IPS Virtual (NGIPSv) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The virtualized offering of the Cisco FirePOWER next-generation IPS (NGIPS) solution providing the Industry-leading threat protection. Real-time contextual awareness. Full-stack visibility. Intelligent security automation. This virtualized highly effective intrusion prevention system provides reliable performance and a low total cost of ownership. Threat protection can be expanded with optional subscription licenses to provide Advanced Malware Protection (AMP), application visibility and control, and URL filtering capabilities.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3275", "Certificate Number": "3275", "Vendor Name": "Centrify Corporation", "Module Name": "Centrify Cryptographic Module", "Module Type": "Software", "Validation Date": "08/30/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3275.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3275", "detail_available": true, "module_name": "Centrify Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized, and configured as specified in the Security Policy Section Secure Operation. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Centrify Cryptographic Module is a general purpose cryptographic library. The Centrify Cryptographic Module provides the cryptographic services for all Centrify products.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3274", "Certificate Number": "3274", "Vendor Name": "iStorage Ltd.", "Module Name": "iStorage diskAshur PRO² Level 3 Secure Storage Drive", "Module Type": "Hardware", "Validation Date": "08/30/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3274.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3274", "detail_available": true, "module_name": "iStorage diskAshur PRO² Level 3 Secure Storage Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "diskAshur PRO² is a portable USB 3.1 hard drive with real-time AES-XTS 256-bit hardware encryption and super-fast data transfer. An easy-to-use keypad enables secure access with unique 7-15 digit PINs and software-free setup and operation. The diskAshur PRO² is platform/device independent. The GDPR compliant diskAshur PRO² has a dedicated secure microprocessor (Common Criteria EAL4+ ready), employing built-in physical protection mechanisms to defend against external tamper, bypass attacks and more. All critical components are covered by super tough epoxy resin.", "algorithms": [ "AES", "DRBG", "HMAC", "KDF", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3272", "Certificate Number": "3272", "Vendor Name": "Texas Instruments, Inc.", "Module Name": "TI SimpleLink WiFi MCU HW Crypto Engines Module", "Module Type": "Hardware", "Validation Date": "08/29/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3272.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3272", "detail_available": true, "module_name": "TI SimpleLink WiFi MCU HW Crypto Engines Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The TI SimpleLink Wi-Fi Family brings highly secured connectivity solutions for embedded Wi-Fi and Internet of Things applications. It consists of a Wi-Fi network and security processor subsystem, a Wi-Fi driver, multiple internet protocols in ROM and ARM Cortex-M4 application microcontroller with a rich set of peripherals." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3271", "Certificate Number": "3271", "Vendor Name": "Western Digital Corporation", "Module Name": "Ultrastar® SS300 TCG Enterprise SSD", "Module Type": "Hardware", "Validation Date": "08/29/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3271.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3271", "detail_available": true, "module_name": "Ultrastar® SS300 TCG Enterprise SSD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 2.1 and 7.2 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Ultrastar® Self-Encrypting TCG Enterprise drives meet or exceed the most demanding performance and security requirements. The Ultrastar SS300 solid-state TCG Enterprise 2.5-inch SAS drive supports multiple TLC capacities, a 12 Gbps SAS-3 Interface and multiple Drive Write Day rates.", "algorithms": [ "DRBG", "KDF" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3270", "Certificate Number": "3270", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux NSS Cryptographic Module", "Module Type": "Software", "Validation Date": "08/29/201806/17/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3270.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3270", "detail_available": true, "module_name": "Red Hat Enterprise Linux NSS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major Internet security standards. NSS is available free of charge under a variety of open source compatible licenses. See http://www.mozilla.org/projects/security/pki/nss/." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3269", "Certificate Number": "3269", "Vendor Name": "IBM Corporation", "Module Name": "AIX FIPS Crypto Module for OpenSSL", "Module Type": "Software", "Validation Date": "08/28/201809/18/201809/23/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3269.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3269", "detail_available": true, "module_name": "AIX FIPS Crypto Module for OpenSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy and operated in FIPS mode. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security relevant modification to Cert. #3220.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The AIX FIPS Crypto Module for OpenSSL is based on the OpenSSL FIPS Object Module. The AIX FIPS Crypto Module for OpenSSL is supported on AIX for the Power 7, Power 8 and Power 9 platforms.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3268", "Certificate Number": "3268", "Vendor Name": "Gemalto", "Module Name": "SafeNet PCIe Hardware Security Module and SafeNet PCIe Hardware Security Module for SafeNet Network HSM", "Module Type": "Hardware", "Validation Date": "08/24/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3268.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3268", "detail_available": true, "module_name": "SafeNet PCIe Hardware Security Module and SafeNet PCIe Hardware Security Module for SafeNet Network HSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "SafeNet PCIe Hardware Security Module and SafeNet PCIe Hardware Security Module for SafeNet Network HSM is a multi-chip embedded hardware cryptographic module in the form of a PCI-Express card that typically resides within a custom computing or secure communications appliance. The cryptographic module is contained in its own secure enclosure that provides physical resistance to tampering. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI-E card.", "algorithms": [ "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3267", "Certificate Number": "3267", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Adaptive Security Appliance (ASA) Virtual", "Module Type": "Software", "Validation Date": "08/23/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3267.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3267", "detail_available": true, "module_name": "Cisco Adaptive Security Appliance (ASA) Virtual", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA Virtual Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3266", "Certificate Number": "3266", "Vendor Name": "HID Global Corporation", "Module Name": "HID Global Cryptographic Module", "Module Type": "Software", "Validation Date": "08/23/201810/12/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3266.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3266", "detail_available": true, "module_name": "HID Global Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "HID Global Cryptographic Module is a cryptographic engine for mobile devices. The module delivers core cryptographic functions to some of HID Global’s mobile app solutions for multifactor authentication - such as the HID Approve mobile app and HID Approve mobile SDK.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3265", "Certificate Number": "3265", "Vendor Name": "Western Digital Corporation", "Module Name": "Ultrastar® DC HC310 and Ultrastar® DC HC320 TCG Enterprise HDD", "Module Type": "Hardware", "Validation Date": "08/23/201810/25/201801/31/201904/30/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3265.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3265", "detail_available": true, "module_name": "Ultrastar® DC HC310 and Ultrastar® DC HC320 TCG Enterprise HDD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 2.1 and 7.2 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Self-encrypting Ultrastar® DC HC310 and Ultrastar DC HC320 TCG Enterprise 12Gb/s SAS Hard-Disk drives, from Western Digital, meet or exceed the most demanding performance and security requirements. The Ultrastar DC HC310 and Ultrastar DC HC320 use PMR technology. They are drop-in ready for any entrance-capacity application or environment. Targeted at 2M hours MTBF, the Ultrastar DC HC310 and Ultrastar DC HC320 provides the highest reliability rating available of all HDDs on the market today.", "algorithms": [ "DRBG", "HMAC", "KDF", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3264", "Certificate Number": "3264", "Vendor Name": "MediaTek Inc.", "Module Name": "MediaTek CryptoCore", "Module Type": "Firmware-Hybrid", "Validation Date": "08/20/201808/31/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3264.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3264", "detail_available": true, "module_name": "MediaTek CryptoCore", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware-Hybrid", "embodiment": "Single Chip", "description": "MediaTek CryptoCore is a firmware hybrid cryptographic module providing foundational security services for the platform, including secure boot, secure life cycle state, platform identity and key management. It offers high-throughput cryptography operations, suitable for a diverse set of use cases." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3263", "Certificate Number": "3263", "Vendor Name": "ARM LIMITED", "Module Name": "ARM® TrustZone® CryptoCell-712", "Module Type": "Firmware-Hybrid", "Validation Date": "08/16/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3263.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3263", "detail_available": true, "module_name": "ARM® TrustZone® CryptoCell-712", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware-Hybrid", "embodiment": "Single Chip", "description": "Arm TrustZone CryptoCell is a security engine with root of trust and cryptographic accelerator capabilities. It is provided to customers as Silicon IP and accompanying firmware. Arm partners integrate the silicon into the host CPU hardware, and use the firmware to drive the silicon and provide high-level functions" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3262", "Certificate Number": "3262", "Vendor Name": "TCL Communication Ltd.", "Module Name": "TCT Crypto Engine Core", "Module Type": "Hardware", "Validation Date": "08/14/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3262.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3262", "detail_available": true, "module_name": "TCT Crypto Engine Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "TCT Crypto Engine Core is a general purpose cryptographic hardware engine capable of securely processing various confidentiality and integrity algorithms across multiple execution environments" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3261", "Certificate Number": "3261", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Firepower Cryptographic Module", "Module Type": "Firmware", "Validation Date": "08/14/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3261.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3261", "detail_available": true, "module_name": "Cisco Firepower Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The module is designed to help you handle network traffic in a way that complies with your organization's security policy for protecting your network. The system can affect the flow of traffic using access control, which allows you to specify, in a granular fashion, how to handle the traffic entering, exiting, and traversing your network. All the information gathered from it can be used to filter and control that traffic.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3260", "Certificate Number": "3260", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "08/14/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3260.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3260", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "module_type": "Hardware", "embodiment": "Multi-Chip Embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3259", "Certificate Number": "3259", "Vendor Name": "Persistent Systems, LLC", "Module Name": "Embedded Module and Embedded Module Lite", "Module Type": "Hardware", "Validation Date": "08/13/201812/12/201804/08/201901/12/202108/30/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3259.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3259", "detail_available": true, "module_name": "Embedded Module and Embedded Module Lite", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to overall level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Embedded Module, Embedded Module Lite, and Wave Relay® MANET provide wireless network connectivity between highly mobile users in a true peer-to-peer topology without requiring additional infrastructure. The Embedded Module and Embedded Module Lite are designed to be integrated into many types of systems, including UGVs, UAVs, and sensors." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3258", "Certificate Number": "3258", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Firepower Threat Defense on Cisco Firepower 2100 Series Appliances", "Module Type": "Hardware", "Validation Date": "08/09/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3258.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3258", "detail_available": true, "module_name": "Cisco Firepower Threat Defense on Cisco Firepower 2100 Series Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shield installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Cisco Firepower 2100 Series is a family of four threat-focused NGFW security platforms. These are all next generation security services platforms capable of running multiple (firewall (NGFW), traffic management) security services simultaneously.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3256", "Certificate Number": "3256", "Vendor Name": "Nokia Corporation", "Module Name": "7705 SAR-OS SAR-18/8/X/Ax/Wx/W/H/Hc Data Plane Cryptographic Module (SARDPCM)", "Module Type": "Firmware", "Validation Date": "08/09/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3256.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3256", "detail_available": true, "module_name": "7705 SAR-OS SAR-18/8/X/Ax/Wx/W/H/Hc Data Plane Cryptographic Module (SARDPCM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in the Security Policy Section 9.1", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The 7705 SAR-OS SAR-18/8/X/Ax/Wx/W/H/Hc Control Plane Cryptographic Module (SARDPCM) provides the cryptographic algorithm functions needed to allow SAR-OS to implement cryptography for those services and protocols that require it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3255", "Certificate Number": "3255", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung Flash Memory Protector V1.4", "Module Type": "Software-Hybrid", "Validation Date": "08/02/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3255.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3255", "detail_available": true, "module_name": "Samsung Flash Memory Protector V1.4", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The driver for the on-the-fly Hardware encryption module to flash memory for Disk/File Encryption solution. The hardware module supports AES with CBC mode and XTS-AES cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3254", "Certificate Number": "3254", "Vendor Name": "Marvell Semiconductor, Inc.", "Module Name": "NITROXIII CNN35XX-NFBE HSM Family", "Module Type": "Hardware", "Validation Date": "08/02/201808/17/201810/09/201801/30/201904/02/201906/13/201907/15/201907/18/201908/12/201911/18/201907/01/202007/10/202012/01/202007/06/202107/09/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3254.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3254", "detail_available": true, "module_name": "NITROXIII CNN35XX-NFBE HSM Family", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized and configured per Section 10 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "CNN35XX-NFBE HSM Family is a high performance purpose built solution for key management and crypto acceleration compliance to FIPS 140-2. The module supports flexible key store that can be partitioned up to 32 individually managed and isolated partitions. This is a SRIOV capable PCIe adapter and can be used in a virtualization environment to extend services like virtual key management, crypto and TLS offloads to VMs in dedicated I/O channels. This product is suitable for PKI vendors, SSL servers/load balancers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3253", "Certificate Number": "3253", "Vendor Name": "iStorage Ltd.", "Module Name": "iStorage FIPS 140-2 Level 3 Module Rev 1.0", "Module Type": "Hardware", "Validation Date": "08/02/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3253.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3253", "detail_available": true, "module_name": "iStorage FIPS 140-2 Level 3 Module Rev 1.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "iStorage FIPS 140-2 Module is a portable USB 3.1 module with real-time AES-XTS 256-bit hardware encryption and super-fast data transfer. An easy-to-use keypad interface enables secure access with unique 7-15 digit PINs and software-free setup and operation. The module is platform/device independent. The GDPR compliant module has a dedicated secure microprocessor (Common Criteria EAL4+ ready), employing built-in physical protection mechanisms to defend against external tamper, bypass attacks and more. All critical components are covered by super tough epoxy resin.", "algorithms": [ "AES", "DRBG", "HMAC", "KDF", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3251", "Certificate Number": "3251", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Firepower 2100 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "07/27/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3251.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3251", "detail_available": true, "module_name": "Cisco Firepower 2100 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Cisco Firepower 2100 Series is a family of four threat-focused NGFW security platforms. These are all next generation security services platforms capable of running multiple (firewall (NGFW), traffic management) security services simultaneously.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3250", "Certificate Number": "3250", "Vendor Name": "", "Module Name": "", "Module Type": "Software", "Validation Date": "07/27/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3250.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3250", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "module_type": "Software", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3249", "Certificate Number": "3249", "Vendor Name": "HID Global and Gemalto", "Module Name": "HID Global ActivID Applet Suite v2.7.4 on Gemalto TOPDLv2.1", "Module Type": "Hardware", "Validation Date": "07/27/201811/23/201805/17/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3249.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3249", "detail_available": true, "module_name": "HID Global ActivID Applet Suite v2.7.4 on Gemalto TOPDLv2.1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the TOPDLv2.1 Platform", "module_type": "Hardware", "embodiment": "Single Chip", "description": "HID Global ActivID Applet v2.7.4 is a Java Card applet suite that uses the Gemalto TOPDLv2.1 operating system. The product can be used over contact and contactless interfaces and can be configured for support of GSC-IS v2.1 and PIV standards (NIST SP 800-73-4 and SP 800-78-4).", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3248", "Certificate Number": "3248", "Vendor Name": "Cavium Inc.", "Module Name": "NITROX XL 1600-NFBE HSM Family", "Module Type": "Hardware", "Validation Date": "07/27/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3248.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3248", "detail_available": true, "module_name": "NITROX XL 1600-NFBE HSM Family", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized and configured per the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The NITROX XL 1600-NFBE HSM adapter family delivers the world's fastest FIPS 140-2 Level 3 Hardware Security Module (HSM) with PCIe Gen 2.0. The HSM family of offers up to 9000 RSA 2k-bit operations per second and 5 Gbps of bulk crypto." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3247", "Certificate Number": "3247", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SRX345/SRX345-DUAL-AC with Junos 15.1X49-D110", "Module Type": "Hardware", "Validation Date": "07/25/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3247.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3247", "detail_available": true, "module_name": "Juniper Networks SRX345/SRX345-DUAL-AC with Junos 15.1X49-D110", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with tamper-evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Juniper Networks SRX Series Services Gateways are a series of secure routers that provide essential capabilities to connect, secure, and manage work force locations sized from handfuls to hundreds of users. By consolidating fast, highly available switching, routing, security, and applications capabilities in a single device, enterprises can economically deliver new services, safe connectivity, and a satisfying end user experience.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3246", "Certificate Number": "3246", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Firepower 4100 and Cisco Firepower 9300 Series", "Module Type": "Hardware", "Validation Date": "07/25/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3246.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3246", "detail_available": true, "module_name": "Cisco Firepower 4100 and Cisco Firepower 9300 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy. This module contains the embedded module Cisco ASA Cryptographic Module validated to FIPS 140-2 under Cert. #3225 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Next generation security services platforms capable of running multiple security services simultaneously. Providing firewall (NGFW), traffic management Cisco Firepower 4100 Series is a family of four threat threat-focused NGFW security platforms. While the Cisco Firepower 9300 is a scalable carrier-grade, modular platform designed for service providers, high-performance computing centers. These are all next generation security services platforms capable of running multiple (firewall (NGFW), traffic management) security services simultaneously.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3245", "Certificate Number": "3245", "Vendor Name": "Oracle Communications", "Module Name": "Acme Packet VME", "Module Type": "Software", "Validation Date": "07/25/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3245.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3245", "detail_available": true, "module_name": "Acme Packet VME", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Acme Packet VME (Virtual Machine Edition) is specifically designed to meet the unique price performance and manageability requirements of the small to medium sized enterprise and remote office/branch office. Ideal for small site border control and Session Initiation Protocol (SIP) trunking service termination applications, the Acme Packet VME deliver Oracle’s industry leading ESBC capabilities in binary packaged executable that can be run in a virtual environment." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3244", "Certificate Number": "3244", "Vendor Name": "Oracle Communications", "Module Name": "Acme Packet 1100 [1] and Acme Packet 3900 [2]", "Module Type": "Hardware", "Validation Date": "07/25/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3244.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3244", "detail_available": true, "module_name": "Acme Packet 1100 [1] and Acme Packet 3900 [2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Acme Packet 1100 and 3900 appliances are specifically designed to meet the unique price performance and manageability requirements of the small to medium sized enterprise and remote office/ branch office. Ideal for small site border control and Session Initiation Protocol (SIP) trunking service termination applications, the Acme Packet 1100 and 3900 appliances deliver Oracle’s industry leading ESBC capabilities in a small form factor appliance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3243", "Certificate Number": "3243", "Vendor Name": "GDC Technology Limited", "Module Name": "Standalone IMB", "Module Type": "Hardware", "Validation Date": "07/25/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3243.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3243", "detail_available": true, "module_name": "Standalone IMB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "A digital cinema standalone integrated media block that is compliant with DCI specifications and SMPTE digital cinema standards. The supported features include JPEG2000 decoding, AES decryption, key management and logging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3242", "Certificate Number": "3242", "Vendor Name": "Oracle Communications", "Module Name": "Acme Packet 4600", "Module Type": "Hardware", "Validation Date": "07/25/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3242.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3242", "detail_available": true, "module_name": "Acme Packet 4600", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Acme Packet 4600 appliance is specifically designed to meet the unique price performance and manageability requirements of the small to medium sized enterprise and remote office/ branch office. Ideal for small site border control and Session Initiation Protocol (SIP) trunking service termination applications, the Acme Packet 4600 appliance delivers Oracle’s industry leading ESBC capabilities in a small form factor appliance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3241", "Certificate Number": "3241", "Vendor Name": "Brocade Communications Systems LLC", "Module Name": "Brocade Fabric OS FIPS Cryptographic Module 8.2", "Module Type": "Software", "Validation Date": "07/25/201802/21/201903/29/201907/09/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3241.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3241", "detail_available": true, "module_name": "Brocade Fabric OS FIPS Cryptographic Module 8.2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "the Brocade Fabric OS FIPS Cryptographic Module is used in Brocade FOS-based switches to provide cryptographic to cryptographic-related services.", "algorithms": [ "AES", "CVL", "DRBG", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3240", "Certificate Number": "3240", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-5001D Blade with FortiGate-5144C Chassis", "Module Type": "Hardware", "Validation Date": "07/24/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3240.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3240", "detail_available": true, "module_name": "FortiGate-5001D Blade with FortiGate-5144C Chassis", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiOS is a firmware based operating system that runs exclusively on Fortinet's FortiGate/FortiWiFi product family. The FortiOS provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering and traffic shaping and HA capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3239", "Certificate Number": "3239", "Vendor Name": "TCL Communication Ltd.", "Module Name": "TCT Crypto Engine", "Module Type": "Hardware", "Validation Date": "07/23/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3239.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3239", "detail_available": true, "module_name": "TCT Crypto Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "TCT Crypto Engine high throughput storage data encryption and decryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3238", "Certificate Number": "3238", "Vendor Name": "TCL Communication Ltd.", "Module Name": "TCT Random Number Generator", "Module Type": "Hardware", "Validation Date": "07/23/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3238.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3238", "detail_available": true, "module_name": "TCT Random Number Generator", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "TCT Random Number Generator is a hardware random number generator that provides cryptographic functions through on-chip entropy sources and hash based DRBG" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3237", "Certificate Number": "3237", "Vendor Name": "Oracle Communications", "Module Name": "Acme Packet 6300", "Module Type": "Hardware", "Validation Date": "07/20/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3237.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3237", "detail_available": true, "module_name": "Acme Packet 6300", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Acme Packet 6300 appliance is specifically designed to meet the unique price performance and manageability requirements of the small to medium sized enterprise and remote office/ branch office. Ideal for small site border control and Session Initiation Protocol (SIP) trunking service termination applications, the Acme Packet 6300 appliance delivers Oracle’s industry leading ESBC capabilities in a small form factor appliance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3236", "Certificate Number": "3236", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung BoringSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "07/20/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3236.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3236", "detail_available": true, "module_name": "Samsung BoringSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Provides general purpose cryptographic services to user-space applications on the mobile platform for the protection of data.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3235", "Certificate Number": "3235", "Vendor Name": "Infotecs", "Module Name": "ViPNet Common Crypto Core", "Module Type": "Software", "Validation Date": "07/20/201809/17/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3235.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3235", "detail_available": true, "module_name": "ViPNet Common Crypto Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The ViPNet Common Crypto Core Library is a software library that provides cryptographic services to a number of ViPNet applications via an API. It is available in user space and kernel driver implementations on a wide range of operational systems. User space library and kernel library use the same base source code." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3234", "Certificate Number": "3234", "Vendor Name": "Persistent Systems, LLC", "Module Name": "MPU5", "Module Type": "Hardware", "Validation Date": "07/17/201812/12/201804/08/201911/24/202008/30/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3234.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3234", "detail_available": true, "module_name": "MPU5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When initialized and configured to overall level 2 per the Security Policy. The tamper evident material installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The MPU5 and Wave Relay® MANET provide wireless network connectivity between highly mobile users in a true peer-to-peer topology without requiring additional infastructure. The MPU5 is designed to be carried by dismount users or mounted on towers, vehicles and aircraft." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3233", "Certificate Number": "3233", "Vendor Name": "Baxter International Inc.", "Module Name": "Baxter Spectrum IQ Cryptographic Module", "Module Type": "Software", "Validation Date": "07/16/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3233.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3233", "detail_available": true, "module_name": "Baxter Spectrum IQ Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Baxter Spectrum IQ Cryptographic Module is a comprehensive suite of FIPS Approved algorithms. All key sizes and modes have been implemented to allow flexibility and efficiency.", "algorithms": [ "AES", "DES", "HMAC", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3232", "Certificate Number": "3232", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ASA 5506-X, ASA 5506H-X, ASA 5506W-X, ASA 5508-X, ASA 5516-X, ASA 5525-X, ASA 5545-X, ASA 5555-X, ASA 5585-X SSP-10, ASA 5585-X SSP-20, ASA 5585-X SSP-40 and ASA 5585-X SSP-60 Adaptive Security Appliances", "Module Type": "Hardware", "Validation Date": "07/13/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3232.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3232", "detail_available": true, "module_name": "Cisco ASA 5506-X, ASA 5506H-X, ASA 5506W-X, ASA 5508-X, ASA 5516-X, ASA 5525-X, ASA 5545-X, ASA 5555-X, ASA 5585-X SSP-10, ASA 5585-X SSP-20, ASA 5585-X SSP-40 and ASA 5585-X SSP-60 Adaptive Security Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3231", "Certificate Number": "3231", "Vendor Name": "Gemalto", "Module Name": "ProtectServer Internal Express 2 (PSI-E2)", "Module Type": "Hardware", "Validation Date": "07/12/201801/31/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3231.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3231", "detail_available": true, "module_name": "ProtectServer Internal Express 2 (PSI-E2)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the Security Policy Section 3", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The SafeNet PSI-E 2 is a high-end intelligent PCI adapter card, used either standalone or in the SafeNet PSE 2 appliance, that provides a wide range of cryptographic functions using firmware and dedicated hardware processors. The module provides key management (e.g., generation, storage, deletion, and backup), an extensive suite of cryptographic mechanisms, and process management including separation between operators. The PSI-E 2 also features non-volatile tamper protected memory for key storage, a hardware random number generator, and an RTC." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3230", "Certificate Number": "3230", "Vendor Name": "Lexmark International Inc.", "Module Name": "Lexmark Crypto Core", "Module Type": "Software", "Validation Date": "07/12/201803/08/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3230.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3230", "detail_available": true, "module_name": "Lexmark Crypto Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #2038.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Lexmark Crypto Core module is firmware option for Lexmark Single and multi-function printers that handles user space cryptographic functions including, key management, hashing, symmetric and asymmetric cryptography.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3229", "Certificate Number": "3229", "Vendor Name": "REDCOM Laboratories, Inc.", "Module Name": "REDCOM Encryption 140-2", "Module Type": "Software", "Validation Date": "07/12/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3229.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3229", "detail_available": true, "module_name": "REDCOM Encryption 140-2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3080.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "REDCOM Encryption 140-2 is a FIPS 140-2 validated cryptographic engine for Java and Android based environments. The engine delivers core cryptographic functions including Suite B algorithms. Also, it offloads functions for secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3228", "Certificate Number": "3228", "Vendor Name": "Hangzhou Hikvision Digital Technology Co., Ltd.", "Module Name": "HikSSL", "Module Type": "Software", "Validation Date": "07/12/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3228.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3228", "detail_available": true, "module_name": "HikSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The HikSSL Library module is a software library embedded into Hikvision Network Camera and Network Video Recorder (NVR) products, that provides Transport Layer Security (TLS) functionality, and general purpose cryptographic algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3227", "Certificate Number": "3227", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-1200D[1], FortiGate-1500D[2], FortiGate-2000E[3] and FortiGate-2500E[4]", "Module Type": "Hardware", "Validation Date": "07/12/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3227.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3227", "detail_available": true, "module_name": "FortiGate-1200D[1], FortiGate-1500D[2], FortiGate-2000E[3] and FortiGate-2500E[4]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiOS is a firmware based operating system that runs exclusively on Fortinet's FortiGate/FortiWiFi product family. The FortiOS provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering and traffic shaping and HA capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3226", "Certificate Number": "3226", "Vendor Name": "Blue Cedar", "Module Name": "Blue Cedar Cryptographic Module", "Module Type": "Software", "Validation Date": "07/11/201810/12/201806/20/201909/03/201910/16/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3226.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3226", "detail_available": true, "module_name": "Blue Cedar Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy and operated in FIPS mode. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Blue Cedar Cryptographic Module is a general purpose cryptographic module integrated in Blue Cedar's products to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3225", "Certificate Number": "3225", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ASA Cryptographic Module", "Module Type": "Hardware", "Validation Date": "07/11/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3225.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3225", "detail_available": true, "module_name": "Cisco ASA Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The market-leading Cisco ASA delivering robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA provides comprehensive security, performance, and reliability for network environments.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3224", "Certificate Number": "3224", "Vendor Name": "Space Systems Loral", "Module Name": "AEDS Daemon", "Module Type": "Software", "Validation Date": "07/10/201803/03/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3224.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3224", "detail_available": true, "module_name": "AEDS Daemon", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #2038.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The AEDS Daemon is the cryptographic core of SSL's AEDS ground to spacecraft encryption/decryption appliance. It wraps SafeLogic's CryptoComply for Server level 1 validated software library product to provide cryptographic functionalities to the rest of the AEDS system", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3223", "Certificate Number": "3223", "Vendor Name": "Apple Inc.", "Module Name": "Apple Secure Key Store Cryptographic Module, v1.0", "Module Type": "Hardware", "Validation Date": "07/10/201803/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3223.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3223", "detail_available": true, "module_name": "Apple Secure Key Store Cryptographic Module, v1.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The Apple Secure Key Store Cryptographic Module is a single-chip standalone hardware cryptographic module running on a multi-chip device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3222", "Certificate Number": "3222", "Vendor Name": "Western Digital Corporation", "Module Name": "Ultrastar® SS200 TCG Enterprise SSD", "Module Type": "Hardware", "Validation Date": "07/10/201807/13/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3222.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3222", "detail_available": true, "module_name": "Ultrastar® SS200 TCG Enterprise SSD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 1.3 and 8 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Ultrastar® SS200 Self-Encrypting TCG Enterprise drives meet or exceed the most demanding performance and security requirements. The Ultrastar® SS200 solid state (SSD) is a 12Gb/s SAS Enterprise SSD that helps transform hybrid and all-flash data centers by scaling flash storage capacities using workload-optimized solutions to deliver exceptional value. Ultrastar® SS200 SSDs integrate SanDisk-brand 15nm NAND and the enterprise tested Guardian Technology™ platform to deliver enterprise-grade reliability, endurance, and performance.", "algorithms": [ "DRBG", "HMAC", "KDF" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3221", "Certificate Number": "3221", "Vendor Name": "HYCU, Inc.", "Module Name": "HYCU Cryptographic Library", "Module Type": "Software", "Validation Date": "07/09/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3221.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3221", "detail_available": true, "module_name": "HYCU Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #2768", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "HYCU Cryptographic Library is a software library that provides cryptographic services to HYCU Data Protection for Nutanix, the only purpose-built data protection solution, built from the ground up with the Nutanix administrator in mind. The module provides FIPS 140 validated cryptographic algorithms for multiple services such as TLS and File Encryption.", "algorithms": [ "AES", "DES", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3220", "Certificate Number": "3220", "Vendor Name": "KeyPair Consulting Inc.", "Module Name": "KeyPair Cryptographic Module for OpenSSL", "Module Type": "Software", "Validation Date": "07/05/201810/17/201808/11/202010/02/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3220.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3220", "detail_available": true, "module_name": "KeyPair Cryptographic Module for OpenSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy and operated in FIPS mode. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The KeyPair Cryptographic Module for OpenSSL expands the list of Tested Configurations (operating system + processor) for the OpenSSL FIPS Object Module v2.0. Please contact KeyPair Consulting to include your desired operating system as a Tested Configuration on a FIPS 140-2 certificate branded in your company’s name.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3219", "Certificate Number": "3219", "Vendor Name": "Accellion USA, LLC", "Module Name": "Accellion Cryptographic Module", "Module Type": "Software", "Validation Date": "07/05/201807/16/201807/10/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3219.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3219", "detail_available": true, "module_name": "Accellion Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy and operated in FIPS mode. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Accellion Secure File Sharing and Governance Platform offers a secure data transfer channel that protects customers’ sensitive information in transit and at rest. It provides granular policy controls and a full audit trail to comply with regulations such as HIPAA, SOC 2, NIST 800-53 and -171, ITAR and EAR. Users share files in folders, SFTP and secure email, via plugins, web, and mobile interfaces. The Accellion Cryptographic Module is a component of the Accellion Secure File Sharing and Governance Platform (kiteworks).", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3218", "Certificate Number": "3218", "Vendor Name": "Mojo Networks, Inc.", "Module Name": "Mojo AirTight Sensor", "Module Type": "Firmware", "Validation Date": "07/03/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3218.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3218", "detail_available": true, "module_name": "Mojo AirTight Sensor", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with tamper evident seals installed as indicated in the security policy. When operated only on the specific platforms specified on the certificate.", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The module performs wireless intrusion detection and prevention. It monitors radio channels to ensure conformance of wireless activity to security policy. It mitigates various types of wireless security violations such as rogue wireless networks, unauthorized wireless connections, network mis-configurations and denial of service attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3217", "Certificate Number": "3217", "Vendor Name": "A10 Networks, Inc.", "Module Name": "Thunder Series TH3030S, TH4440S, TH5840S, TH6630S, and TH7440S", "Module Type": "Hardware", "Validation Date": "07/03/201804/30/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3217.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3217", "detail_available": true, "module_name": "Thunder Series TH3030S, TH4440S, TH5840S, TH6630S, and TH7440S", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Thunder Series is designed to meet the growing demands of Web sites, carriers and enterprises. The Thunder offers intelligent Layer 4-7 application processing capabilities with performance and scalability to meet critical business requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3216", "Certificate Number": "3216", "Vendor Name": "SUSE, LLC", "Module Name": "SUSE Linux Enterprise Server 12 SP2 - NSS Cryptographic Module", "Module Type": "Software", "Validation Date": "07/03/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3216.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3216", "detail_available": true, "module_name": "SUSE Linux Enterprise Server 12 SP2 - NSS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SUSE Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3215", "Certificate Number": "3215", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux 7 libgcrypt Cryptographic Module", "Module Type": "Software", "Validation Date": "06/29/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3215.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3215", "detail_available": true, "module_name": "Oracle Linux 7 libgcrypt Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed and configured per security policy section 10 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Oracle Linux 7 libgcrypt Cryptographic Module is a software library implementing general purpose cryptographic algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3214", "Certificate Number": "3214", "Vendor Name": "Mocana Corporation", "Module Name": "Mocana Cryptographic Suite B Module", "Module Type": "Software", "Validation Date": "06/28/201807/26/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3214.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3214", "detail_available": true, "module_name": "Mocana Cryptographic Suite B Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Mocana Cryptographic Module is the engine of Mocana's Device Security Framework - a software framework that secures all aspects of a system. The Device Security Framework helps applications and device designers reduce development costs and dramatically enhance cryptographic performance. For details see www.mocana.com." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3213", "Certificate Number": "3213", "Vendor Name": "NCoded Communications, Inc.", "Module Name": "NCoded Ultra Cryptographic Mobile Module", "Module Type": "Software", "Validation Date": "06/28/201808/17/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3213.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3213", "detail_available": true, "module_name": "NCoded Ultra Cryptographic Mobile Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #1938", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "NCoded Ultra Cryptographic Mobile (NUCM) Module is a standards-based \"Drop-in Compliance\" cryptographic engine for mobile devices. The module delivers core cryptographic functions to the mobile devices and features robust algorithm support, including Suite B algorithms. NUCM offloads functions for secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3212", "Certificate Number": "3212", "Vendor Name": "NCoded Communications, Inc.", "Module Name": "NCoded Ultra Cryptographic Server Module", "Module Type": "Software", "Validation Date": "06/28/201808/17/201803/08/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3212.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3212", "detail_available": true, "module_name": "NCoded Ultra Cryptographic Server Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #2038.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "NCoded Ultra Cryptographic Server Module is a standards-based \"Drop-in Compliance\" cryptographic engine for servers and appliances. The module delivers core cryptographic functions to mobile platforms and features robust algorithm support, including Suite B algorithms. NCoded Ultra Cryptographic Server Module offloads functions for secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3211", "Certificate Number": "3211", "Vendor Name": "Thales", "Module Name": "Thales Luna USB Hardware Security Module", "Module Type": "Hardware", "Validation Date": "06/27/201808/31/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3211.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3211", "detail_available": true, "module_name": "Thales Luna USB Hardware Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Thales Luna USB HSM delivers key management in a portable appliance. All key materials are maintained exclusively within the confines of the hardware. The small form-factor and on-board key storage sets the product apart, making it especially attractive to customers who need to physically remove and store the small appliance holding PKI root keys. The appliance directly connects the HSM to the application server via a USB interface.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3210", "Certificate Number": "3210", "Vendor Name": "Thales", "Module Name": "Thales Luna USB Hardware Security Module", "Module Type": "Hardware", "Validation Date": "06/27/201808/31/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3210.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3210", "detail_available": true, "module_name": "Thales Luna USB Hardware Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Thales Luna USB HSM delivers key management in a portable appliance. All key materials are maintained exclusively within the confines of the hardware. The small form-factor and on-board key storage sets the product apart, making it especially attractive to customers who need to physically remove and store the small appliance holding PKI root keys. The appliance directly connects the HSM to the application server via a USB interface.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3209", "Certificate Number": "3209", "Vendor Name": "Thales", "Module Name": "Thales Luna Backup Hardware Security Module", "Module Type": "Hardware", "Validation Date": "06/27/201808/31/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3209.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3209", "detail_available": true, "module_name": "Thales Luna Backup Hardware Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Thales Luna Backup Hardware Security Module provides the same level of security as the SafeNet Network HSM and SafeNet PCI-E HSMs in a convenient, small, low-cost form factor. The Thales Luna Backup Hardware Security Module ensures that sensitive cryptographic material remains strongly protected in hardware even when not being used. One can easily back up and duplicate keys securely to the Thales Luna Backup HSM for safekeeping in case of emergency, failure or disaster.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3208", "Certificate Number": "3208", "Vendor Name": "Gemalto", "Module Name": "SafeNet PCIe Hardware Security Module and SafeNet PCIe Hardware Security Module for SafeNet Network HSM", "Module Type": "Hardware", "Validation Date": "06/26/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3208.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3208", "detail_available": true, "module_name": "SafeNet PCIe Hardware Security Module and SafeNet PCIe Hardware Security Module for SafeNet Network HSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The SafeNet PCI-E Hardware Security Module is a multi-chip embedded hardware cryptographic module in the form of a PCI-Express card that typically resides within a custom computing or secure communications appliance. The cryptographic module is contained in its own secure enclosure that provides physical resistance to tampering. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI-E card.", "algorithms": [ "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3207", "Certificate Number": "3207", "Vendor Name": "Sonus Networks, Inc.", "Module Name": "SBC Software Edition Session Border Controller", "Module Type": "Software", "Validation Date": "06/25/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3207.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3207", "detail_available": true, "module_name": "SBC Software Edition Session Border Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Sonus SBC Software Edition Session Border Controller (SBC SWe) is a software-based, cloud-optimized SBC architected to enable and secure real-time communications in the cloud. Starting at 25 sessions, and scaling to tens of thousands per instance, the unique architecture of the SBC SWe allows customers to define where on the performance curve their network needs to reside. The SBC SWe uses a \"microservices\" design to separate signaling, media, and transcoding to optimize virtual network resources. It also supports on-demand auto-scaling, with a feedback loop using Key Performance Indicator", "algorithms": [ "AES", "DES", "DRBG", "ECDH", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3206", "Certificate Number": "3206", "Vendor Name": "Hewlett Packard Enterprise Development LP", "Module Name": "HPE Gen9 Smart Array P-Class RAID Controllers and HPE Gen9 Smart HBA H-Class Adapter", "Module Type": "Hardware", "Validation Date": "06/25/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3206.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3206", "detail_available": true, "module_name": "HPE Gen9 Smart Array P-Class RAID Controllers and HPE Gen9 Smart HBA H-Class Adapter", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The HP P-Class Smart Array RAID Controllers make up a family of serial-attached SCSI host bus adapters that provide intelligent control for storage array. The controllers can be card-based or embedded within an HP server, and provide a high speed data path, on-board storage cache, remote management, and encryption of data at rest, for the controlled storage arrays.", "algorithms": [ "AES", "DRBG", "HMAC", "KDF", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3205", "Certificate Number": "3205", "Vendor Name": "Thales", "Module Name": "Thales Luna K7 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "06/25/201811/20/201806/13/201907/30/202009/04/202004/29/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3205.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3205", "detail_available": true, "module_name": "Thales Luna K7 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Thales Luna K7 Cryptographic Module is a high-assurance, tamper-resistant Hardware Security Module which secures sensitive data and critical applications by storing, protecting and managing cryptographic keys. It provides end users with industry-leading security and performance, and can quickly be embedded directly into servers and security appliances for FIPS 140-2 validated key security. The module meets compliance and audit needs for FIPS 140, HIPAA, PCI-DSS, eIDAS, GDPR.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "EDDSA", "HMAC", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3203", "Certificate Number": "3203", "Vendor Name": "Infineon Technologies AG", "Module Name": "Trusted Platform Module 2.0 SLB 9670", "Module Type": "Hardware", "Validation Date": "06/20/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3203.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3203", "detail_available": true, "module_name": "Trusted Platform Module 2.0 SLB 9670", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode as specified in Security Policy Sections 1.1 and 8.1", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The TPM is a single chip module that provides computer manufacturers with the core components of a subsystem used to assure authenticity, integrity and confidentiality in e-commerce and internet communications within a Trusted Computing Platform. The TPM is a complete solution implementing the Trusted Platform Module Library Specification, Family \"2.0\", Level 00, Revision 01.16, October 2014 (ISO/IEC 11889:2015, Parts 1-4). See http://www.trustedcomputinggroup.org/ for further information on TCG and TPM.", "algorithms": [ "AES", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3202", "Certificate Number": "3202", "Vendor Name": "Feitian Technologies Co., Ltd.", "Module Name": "ePass2003 Token and ePass2003Auto Token", "Module Type": "Hardware", "Validation Date": "06/19/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3202.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3202", "detail_available": true, "module_name": "ePass2003 Token and ePass2003Auto Token", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When configured per Section 1.2 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Module is a USB token containing FEITIAN’s own FEITIAN-FIPS-COS which is embedded in an Infineon M7893 Integrated Circuit (IC) chip and has been developed to support FEITIAN’s ePass USB token. The ePass token is designed to provide strong authentication and identification and to support network login, secure online transactions, digital signatures, and sensitive data protection.", "algorithms": [ "AES", "DES", "DRBG", "ECDSA", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3201", "Certificate Number": "3201", "Vendor Name": "Analog Devices, Inc.", "Module Name": "®Sypher AES-256-bit Encryption FPGA Module", "Module Type": "Hardware", "Validation Date": "06/15/201807/13/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3201.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3201", "detail_available": true, "module_name": "®Sypher AES-256-bit Encryption FPGA Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The Sypher AES-256-bit Encryption FPGA Module provides secure traffic communication to Axnes' Polycon Next Generation (PNG) wireless intercom radio systems (MP50 PNG Transceiver and BST50 Base Station)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3200", "Certificate Number": "3200", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung SCrypto Cryptographic Module", "Module Type": "Software", "Validation Date": "06/15/201807/20/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3200.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3200", "detail_available": true, "module_name": "Samsung SCrypto Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SCrypto is secure library which is used to provide a standardized common cryptographic API to trusted applications for the secure world/TEE environment.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3199", "Certificate Number": "3199", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-3700D/3815D", "Module Type": "Hardware", "Validation Date": "06/14/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3199.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3199", "detail_available": true, "module_name": "FortiGate-3700D/3815D", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. There is no assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiOS is a firmware based operating system that runs exclusively on Fortinet's FortiGate/FortiWiFi product family. The FortiOS provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering and traffic shaping and HA capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3198", "Certificate Number": "3198", "Vendor Name": "Gemalto", "Module Name": "MultiApp V4.0 Platform", "Module Type": "Hardware", "Validation Date": "06/14/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3198.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3198", "detail_available": true, "module_name": "MultiApp V4.0 Platform", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "MultiApp V4.0 is a highly secured smartcard platform from Gemalto complying with Javacard 3.0.4 and GP 2.2.1 standards and operated on the SLE78 chip from Infineon. This field-proven OS has the largest number of references in national ID programs. Its cryptographic library implements TDES, AES, SHA, RSA, RSA CRT, ECDSA, ECC CDH and DRBG algorithms. This modular and flexible platform serves various needs, enabling ePassport, secure data storage, identification, authentication and digital signature with biometry control.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDH", "ECDSA", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3197", "Certificate Number": "3197", "Vendor Name": "Microsoft Corporation", "Module Name": "Cryptographic Primitives Library", "Module Type": "Software", "Validation Date": "10/22/201807/17/201909/08/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3197.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3197", "detail_available": true, "module_name": "Cryptographic Primitives Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules Kernel Mode Cryptographic Primitives Library validated to FIPS 140-2 under Cert. #3196 operating in FIPS mode and Code Integrity validated to FIPS 140-2 under Cert. #3195 or Cert. #3644 operating in FIPS mode or Secure Kernel Code Integrity validated to FIPS 140-2 under Cert. #3096 or Cert. #3651 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) provides cryptographic services to Windows components and applications. It includes cryptographic algorithms in an easy-to-use cryptographic module via the Cryptography Next Generation (CNG) API. It can be dynamically linked into applications for the use of general-purpose FIPS 140-2 validated cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3196", "Certificate Number": "3196", "Vendor Name": "Microsoft Corporation", "Module Name": "Kernel Mode Cryptographic Primitives Library", "Module Type": "Software", "Validation Date": "09/26/201807/17/201903/09/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3196.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3196", "detail_available": true, "module_name": "Kernel Mode Cryptographic Primitives Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules Windows OS Loader validated to FIPS 140-2 under Cert. #3194, Cert. #3480 or Cert. #3615 operating in FIPS mode or Windows Resume validated to FIPS 140-2 under Cert. #3091 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Kernel Mode Cryptographic Primitives Library (cng.sys) runs as a kernel mode export driver, and provides cryptographic services, through their documented interfaces, to Windows kernel components. It supports several cryptographic algorithms accessible via a FIPS function table request IRP (I/O request packet)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3195", "Certificate Number": "3195", "Vendor Name": "Microsoft Corporation", "Module Name": "Code Integrity", "Module Type": "Software", "Validation Date": "10/15/201807/15/201908/27/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3195.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3195", "detail_available": true, "module_name": "Code Integrity", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules Windows OS Loader validated to FIPS 140-2 under Cert. #3194 or Cert. #3480 operating in FIPS mode or Windows Resume validated to FIPS 140-2 under Cert. #3091 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Code Integrity (ci.dll) verifies the integrity of executable files, including kernel mode drivers, critical system components, and user mode cryptographic modules as they are loaded into memory from the disk." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3194", "Certificate Number": "3194", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows OS Loader", "Module Type": "Software", "Validation Date": "09/26/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3194.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3194", "detail_available": true, "module_name": "Windows OS Loader", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Boot Manager validated to FIPS 140-2 under Cert. #3089 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The BitLocker® Windows OS Loader loads the boot-critical driver and OS kernel image files." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3193", "Certificate Number": "3193", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-100E[1], FortiGate-201E[2], FortiGate-300D[3], FortiGate-600D[4], FortiGate-800D[5]", "Module Type": "Hardware", "Validation Date": "06/12/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3193.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3193", "detail_available": true, "module_name": "FortiGate-100E[1], FortiGate-201E[2], FortiGate-300D[3], FortiGate-600D[4], FortiGate-800D[5]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. There is no assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiOS is a firmware based operating system that runs exclusively on Fortinet's FortiGate/FortiWiFi product family. The FortiOS provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering and traffic shaping and HA capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3192", "Certificate Number": "3192", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiOS 5.4", "Module Type": "Firmware", "Validation Date": "06/08/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3192.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3192", "detail_available": true, "module_name": "FortiOS 5.4", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and configured according to the Entropy Token Section of the Security Policy. There is no assurance of the minimum strength of generated keys", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiOS is a firmware based operating system that runs exclusively on Fortinet's FortiGate/FortiWiFi product family. The FortiOS provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering and traffic shaping and HA capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3191", "Certificate Number": "3191", "Vendor Name": "Mocana Corporation", "Module Name": "Mocana Cryptographic Loadable Kernel Module", "Module Type": "Software", "Validation Date": "06/06/201807/26/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3191.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3191", "detail_available": true, "module_name": "Mocana Cryptographic Loadable Kernel Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Mocana Cryptographic Loadable Kernel Module (Software Version 6.5.1f) is a software only, multi-chip standalone cryptographic module that runs on a general purpose computer. The primary purpose of this module is to provide FIPS Approved cryptographic routines to consuming applications via an Application Programming Interface." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3190", "Certificate Number": "3190", "Vendor Name": "Software Diversified Services", "Module Name": "SDS Cryptographic Module", "Module Type": "Software", "Validation Date": "06/04/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3190.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3190", "detail_available": true, "module_name": "SDS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Software Diversified Services (SDS) Cryptographic Module is a software program that provides FIPS 140-2 validated cryptographic algorithm support for SDS's E-Business Server (EBS) product in the Windows, AIX, and Linux environments. In addition, the module can be implemented independently in other applications via an API." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3189", "Certificate Number": "3189", "Vendor Name": "REDCOM Laboratories, Inc.", "Module Name": "REDCOM Encryption 140-2", "Module Type": "Software", "Validation Date": "05/31/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3189.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3189", "detail_available": true, "module_name": "REDCOM Encryption 140-2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "REDCOM Encryption 140-2 is a fully FIPS 140-2 validated cryptographic engine for Java and Android based environments. The module delivers core cryptographic functions to these platforms and features robust algorithm support, including Suite B algorithms. REDCOM Encryption 140-2 offloads functions for secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation. **Oracle and Java are registered trademarks of Oracle and/or its affiliates. **Android is a trademark of Google Inc", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3188", "Certificate Number": "3188", "Vendor Name": "Zscaler Inc.", "Module Name": "Zscaler Java Crypto Module", "Module Type": "Software", "Validation Date": "05/31/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3188.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3188", "detail_available": true, "module_name": "Zscaler Java Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Zscaler Java Crypto Module offloads functions for secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3186", "Certificate Number": "3186", "Vendor Name": "BiObex, LLC", "Module Name": "SAFE-Key Device", "Module Type": "Hardware", "Validation Date": "05/24/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3186.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3186", "detail_available": true, "module_name": "SAFE-Key Device", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When utilizing a Trusted Path as specified in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The SAFE-Key device is a USB-based hardware security token; its primary purpose is two-factor authentication. The device supports three modalities: web-based two-factor authentication (patented), two-factor authentication for protected file decryption and two-factor authentication for digital signature generation. The two factors are something you have (i.e. a specific SAFE-Key device) and something you know (i.e. a password). It also supports one-factor, something you have (i.e. a specific SAFE-Key device) authentication." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3185", "Certificate Number": "3185", "Vendor Name": "VMware, Inc.", "Module Name": "VMware BC-FJA (Bouncy Castle FIPS Java API)", "Module Type": "Software", "Validation Date": "05/23/201810/12/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3185.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3185", "detail_available": true, "module_name": "VMware BC-FJA (Bouncy Castle FIPS Java API)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The VMware BC-FJA (Bouncy Castle FIPS Java API) is a software cryptographic module that provides cryptographic functions and services to various VMware applications via a well-defined Java-language application programming interface (API).", "algorithms": [ "AES", "CVL", "DES", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3184", "Certificate Number": "3184", "Vendor Name": "Dell Inc.", "Module Name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module 6.2.4", "Module Type": "Software", "Validation Date": "05/22/201811/23/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3184.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3184", "detail_available": true, "module_name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module 6.2.4", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3183", "Certificate Number": "3183", "Vendor Name": "Persistent Systems, LLC", "Module Name": "MPU5", "Module Type": "Hardware", "Validation Date": "05/04/201812/12/201811/24/202008/30/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3183.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3183", "detail_available": true, "module_name": "MPU5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "The tamper evident material installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The MPU5 and Wave Relay® MANET provide wireless network connectivity between highly mobile users in a true peer-to-peer topology without requiring additional infastructure. The MPU5 is designed to be carried by dismount users or mounted on towers, vehicles and aircraft." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3182", "Certificate Number": "3182", "Vendor Name": "Gemalto", "Module Name": "SafeNet Luna K7+ Cryptographic Module", "Module Type": "Hardware", "Validation Date": "05/02/201805/17/201806/13/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3182.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3182", "detail_available": true, "module_name": "SafeNet Luna K7+ Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The SafeNet Luna K7+ Cryptographic Module is a high-assurance Hardware Security Module with a tamper-active physical enclosure, which secures sensitive data and critical applications by storing, protecting and managing cryptographic keys. It provides end users with industry-leading security and performance, and can quickly be embedded directly into servers and security appliances for FIPS 140-2 validated key security. The module meets compliance and audit needs for FIPS 140, HIPAA, PCI-DSS, eIDAS, GDPR, and is suitable for deployment in less controlled physical environments.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3181", "Certificate Number": "3181", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Motorola Solutions Cryptographic DLL Software Module", "Module Type": "Software", "Validation Date": "05/02/201801/30/202210/31/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3181.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3181", "detail_available": true, "module_name": "Motorola Solutions Cryptographic DLL Software Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Motorola Solutions Inc. Cryptographic DLL Software Module (MSCDSM) is a software based cryptographic module that runs on General Purpose Computer (GPC) hardware platform running Microsoft Windows operating system. The module provides cryptographic functionality in Motorola Solutions ASTRO IP Dispatch Console products running on Microsoft Windows OS and supporting the APCO Project 25 standard. MSCDSM provides several FIPS approved and non-approved cryptographic algorithms.", "algorithms": [ "AES", "DRBG", "HMAC", "KTS", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3180", "Certificate Number": "3180", "Vendor Name": "Persistent Systems, LLC", "Module Name": "Wave Relay® Embedded Module", "Module Type": "Hardware", "Validation Date": "04/30/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3180.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3180", "detail_available": true, "module_name": "Wave Relay® Embedded Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Embedded Module and Wave Relay® MANET provide wireless network connectivity between highly mobile users in a true peer-to­peer topology without requiring additional infrastructure. The Embedded Module is designed to be integrated into many types of systems, including UGVs, UAVs, and sensors." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3179", "Certificate Number": "3179", "Vendor Name": "F5 Networks", "Module Name": "F5® vCMP Cryptographic Module", "Module Type": "Firmware", "Validation Date": "04/30/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3179.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3179", "detail_available": true, "module_name": "F5® vCMP Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, configured on the platforms listed on the certificate with tamper evident labels (P/N: F5-ADD-BIG-FIPS140) installed as indicated in section 8 of the Security Policy", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "F5® vCMP Cryptographic Module, Application Delivery Controller and Firewall software running on VIPRION hardware." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3177", "Certificate Number": "3177", "Vendor Name": "Symantec, A Division of Broadcom", "Module Name": "Blue Coat Reverse Proxy Virtual Appliance", "Module Type": "Software", "Validation Date": "04/26/201802/16/202105/27/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3177.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3177", "detail_available": true, "module_name": "Blue Coat Reverse Proxy Virtual Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. This validation entry is a non-security relevant modification to Cert. #3077", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Blue Coat Reverse Proxy physical and virtual appliances provide a termination point where deep inspection for malware and mission-critical policy is applied to inbound traffic. The Reverse Proxy physical and virtual appliances give organizations the ability to govern traffic and payloads on a wide variety of parameters, including location, devices, clients, software, protocols, and more. It can be used with either public-facing or internally facing web servers.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDH", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3176", "Certificate Number": "3176", "Vendor Name": "Digi International, Inc.", "Module Name": "Digi ConnectCore Security Module", "Module Type": "Software", "Validation Date": "04/26/201806/12/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3176.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3176", "detail_available": true, "module_name": "Digi ConnectCore Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security relevant modification to Cert. #2398", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Digi ConnectCore Security Module provides cryptographic services for Digi International Inc. products.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3175", "Certificate Number": "3175", "Vendor Name": "NXP Semiconductors", "Module Name": "JCOP 3 SecID P60 CS (OSB)", "Module Type": "Hardware", "Validation Date": "04/23/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3175.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3175", "detail_available": true, "module_name": "JCOP 3 SecID P60 CS (OSB)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "NXP Semiconductors offers JCOP, a secure Java Card Operating System based on several independent 3rd party specifications, such as Java Card 3.0.4 specifications, the GlobalPlatform card specifications 2.2.1 and few International Organization for Standards (like ISO7816), EMV (Europay, MasterCard and VISA) and others. By adhering to these standards JCOP 3 SECID P60 ensures large interoperability with third-party applets providers, card issuers as well as all existing Smart Card infrastructures." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3174", "Certificate Number": "3174", "Vendor Name": "Hewlett Packard Enterprise Development LP", "Module Name": "HPE BladeSystem c-Class Onboard Administrator Firmware", "Module Type": "Firmware", "Validation Date": "04/20/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3174.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3174", "detail_available": true, "module_name": "HPE BladeSystem c-Class Onboard Administrator Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as indicated in the Security Policy in Section 3", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The module provides administrative control of the HPE BladeSystem c7000 enclosure. The module supports TLS v1.2 and SSH for secure administrative access to the module, as well as various forms of authentication, including local, LDAP, and CAC.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDH", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3173", "Certificate Number": "3173", "Vendor Name": "Hewlett Packard Enterprise Development LP", "Module Name": "HPE BladeSystem c-Class Virtual Connect Firmware", "Module Type": "Firmware", "Validation Date": "04/17/201802/28/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3173.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3173", "detail_available": true, "module_name": "HPE BladeSystem c-Class Virtual Connect Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 3.1 of the Security Policy", "module_type": "Firmware", "embodiment": "Multi-Chip Embedded", "description": "Virtual Connect implements server edge virtualization between the server and data center infrastructure allowing networks to communicate with individual servers or pools of HPE BladeSystem server blades. Virtual Connect simplifies the setup and administration of server LAN and SAN connections. The module supports TLS v1.2 and SSH for secure administrative access to the module, as well as various forms of authentication, including local, LDAP, and CAC." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3172", "Certificate Number": "3172", "Vendor Name": "Dell Inc.", "Module Name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module 6.2.4", "Module Type": "Software", "Validation Date": "04/16/201811/27/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3172.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3172", "detail_available": true, "module_name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module 6.2.4", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3171", "Certificate Number": "3171", "Vendor Name": "Pragma Systems, Inc.", "Module Name": "Pragma Systems Cryptographic Module", "Module Type": "Software", "Validation Date": "04/15/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3171.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3171", "detail_available": true, "module_name": "Pragma Systems Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with the modules Code Integrity (ci.dll) in Microsoft Windows 10 or Windows Server 2016 Standard, under Cert. #2935 operating in FIPS mode and Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, or Windows Server 2016 Standard validated to FIPS 140-2 under Cert. #2937 operating in FIPS mode.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Pragma Systems Cryptographic Module provides cryptographic services to Pragma Systems Fortress SSH servers, clients, applications and tools. Additionally, Pragma Systems Telemote and SecureFactors products use this cryptographic module." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3170", "Certificate Number": "3170", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux 6 Libreswan Cryptographic Module", "Module Type": "Software", "Validation Date": "04/12/201810/12/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3170.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3170", "detail_available": true, "module_name": "Oracle Linux 6 Libreswan Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Oracle Linux 6 NSS Cryptographic Module validated to FIPS 140-2 under Cert. #3111 operating in FIPS mode and Oracle Linux OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #3017 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Oracle Linux 6 Libreswan Cryptographic Module is a framework for providing cryptographic services to other network entities implementing the IKEv1 and IKEv2 protocols." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3169", "Certificate Number": "3169", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux 7 GnuTLS Cryptographic Module", "Module Type": "Software", "Validation Date": "04/11/201810/31/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3169.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3169", "detail_available": true, "module_name": "Oracle Linux 7 GnuTLS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Oracle Linux 7 GnuTLS Cryptographic Module is a set of libraries implementing general purpose cryptographic algorithms and network protocols." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3168", "Certificate Number": "3168", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux 7 Libreswan Cryptographic Module", "Module Type": "Software", "Validation Date": "04/10/201810/12/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3168.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3168", "detail_available": true, "module_name": "Oracle Linux 7 Libreswan Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Oracle Linux 7 NSS Cryptographic Module validated to FIPS 140-2 under Cert. #3143 operating in FIPS mode and Oracle Linux OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #3017 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Oracle Linux 7 Libreswan Cryptographic Module is a framework for providing cryptographic services to other network entities implementing the IKEv1 and IKEv2 protocols." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3167", "Certificate Number": "3167", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® Corporation LTO Generation 7 and Generation 8 Encrypting Tape Drive", "Module Type": "Hardware", "Validation Date": "04/10/201810/12/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3167.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3167", "detail_available": true, "module_name": "IBM® Corporation LTO Generation 7 and Generation 8 Encrypting Tape Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The IBM® Corporation LTO Generation 7 and Generation 8 Encrypting Tape Drive provides AES-GCM encryption of customer data recorded to tape. Both encryption and compression are implemented in the hardware for optimum performance. Six different host interface types of the LTO Generation 7 \"brick\" unit are FIPS certified as a multi-chip, standalone cryptographic module. In customer operation the \"brick\" unit may be embedded in bridge box or in a canister package for operation in a library." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3166", "Certificate Number": "3166", "Vendor Name": "McAfee LLC", "Module Name": "Network Security Platform Sensor NS7150, NS7250 and NS7350", "Module Type": "Hardware", "Validation Date": "04/05/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3166.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3166", "detail_available": true, "module_name": "Network Security Platform Sensor NS7150, NS7250 and NS7350", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3165", "Certificate Number": "3165", "Vendor Name": "Hewlett Packard Enterprise", "Module Name": "Aruba 2930M, 3810M and 5400R zl2 Switch Series", "Module Type": "Hardware", "Validation Date": "04/04/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3165.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3165", "detail_available": true, "module_name": "Aruba 2930M, 3810M and 5400R zl2 Switch Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Aruba 2930M and 3810M Switch Series are designed for customers creating digital workplaces that are optimized for mobile users with an integrated wired and wireless approach. These Layer 3 access switches support 10GbE and 40GbE uplinks, Dual Modular Power Supplies, full PoE+, HPE Smart Rate, ACLs, robust QoS, RIP, OSPF routing, Tunnel Node, PIM, VRRP and IPv6. The Aruba 5400R zl2 Switch Series is an industry-leading mobile campus access chassis solution with HPE Smart Rate multi-gigabit ports." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3164", "Certificate Number": "3164", "Vendor Name": "IBM Corporation", "Module Name": "IBM 4767 Cryptographic Coprocessor Security Module", "Module Type": "Hardware", "Validation Date": "04/04/201804/17/201806/12/201809/03/201902/12/202104/21/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3164.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3164", "detail_available": true, "module_name": "IBM 4767 Cryptographic Coprocessor Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 4, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The IBM 4767 PCIe Cryptographic Coprocessor Hardware Security Module is in the form of a programmable PCIe card that offloads computationally intensive cryptographic processes from the hosting server, and performs sensitive tasks within a secured tamper responding hardware boundary. This evolutionary design builds on previous generations of IBM cryptographic technology, improving performance over its predecessors. The IBM 4767 is supported on select IBM Z processors as the Crypto Express5S feature and on select x86 systems and Power servers.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3163", "Certificate Number": "3163", "Vendor Name": "McAfee, LLC", "Module Name": "Network Security Platform Sensor NS9300 P", "Module Type": "Hardware", "Validation Date": "04/04/201805/01/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3163.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3163", "detail_available": true, "module_name": "Network Security Platform Sensor NS9300 P", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3162", "Certificate Number": "3162", "Vendor Name": "McAfee, LLC", "Module Name": "Network Security Platform Sensor NS9300 S", "Module Type": "Hardware", "Validation Date": "04/04/201805/01/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3162.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3162", "detail_available": true, "module_name": "Network Security Platform Sensor NS9300 S", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3161", "Certificate Number": "3161", "Vendor Name": "McAfee, LLC", "Module Name": "Network Security Platform Sensor NS3100, NS3200, NS5100 and NS5200", "Module Type": "Hardware", "Validation Date": "03/29/201805/01/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3161.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3161", "detail_available": true, "module_name": "Network Security Platform Sensor NS3100, NS3200, NS5100 and NS5200", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3160", "Certificate Number": "3160", "Vendor Name": "Neopost Technologies, S.A.", "Module Name": "Neopost Postal Security Device (PSD)", "Module Type": "Hardware", "Validation Date": "03/28/201806/12/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3160.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3160", "detail_available": true, "module_name": "Neopost Postal Security Device (PSD)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Neopost Postal Security Device (PSD) is a cryptographic module embedded within postal franking machines. The PSD performs all franking machine’s cryptographic and postal security functions and protects the Critical Security Parameters (CSPs) and Postal Relevant Data from unauthorized access." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3158", "Certificate Number": "3158", "Vendor Name": "Gallagher Group", "Module Name": "Gallagher OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "03/25/201804/23/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3158.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3158", "detail_available": true, "module_name": "Gallagher OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security relevant modification to Cert. #2398", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Gallagher creates and delivers integrated security solutions to meet varying needs, from basic access control right through to high security alarm systems. The Gallagher OpenSSL Cryptographic Module provides cryptographic services for a range of Gallagher products.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3157", "Certificate Number": "3157", "Vendor Name": "Lenovo Group Limited", "Module Name": "Lenovo OpenSSL Library for ThinkSystem", "Module Type": "Software", "Validation Date": "03/22/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3157.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3157", "detail_available": true, "module_name": "Lenovo OpenSSL Library for ThinkSystem", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Lenovo OpenSSL Library for ThinkSystem module is a software library that provides FIPS 140-2 validated Transport Layer Security (TLS) functionality, and general purpose cryptographic algorithms within ThinkSystem hardware management systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3156", "Certificate Number": "3156", "Vendor Name": "Apple Inc.", "Module Name": "Apple CoreCrypto Kernel Module v8.0 for Intel", "Module Type": "Software", "Validation Date": "03/22/201803/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3156.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3156", "detail_available": true, "module_name": "Apple CoreCrypto Kernel Module v8.0 for Intel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Apple CoreCrypto Kerenl Module v8.0 for Intel is a software cryptographic module running on a multi-chip standalone hardware device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3155", "Certificate Number": "3155", "Vendor Name": "Apple Inc.", "Module Name": "Apple CoreCrypto Module v8.0 for Intel", "Module Type": "Software", "Validation Date": "03/22/201803/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3155.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3155", "detail_available": true, "module_name": "Apple CoreCrypto Module v8.0 for Intel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Apple CoreCrypto Module v8.0 for Intel is a software cryptographic module running on a multi-chip standalone hardware device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3153", "Certificate Number": "3153", "Vendor Name": "McAfee, LLC", "Module Name": "Network Security Platform Sensor NS7100, NS7200 and NS7300", "Module Type": "Hardware", "Validation Date": "03/15/201805/08/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3153.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3153", "detail_available": true, "module_name": "Network Security Platform Sensor NS7100, NS7200 and NS7300", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3152", "Certificate Number": "3152", "Vendor Name": "Legion of the Bouncy Castle Inc.", "Module Name": "BC-FJA (Bouncy Castle FIPS Java API)", "Module Type": "Software", "Validation Date": "03/15/201804/02/201904/09/201907/23/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3152.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3152", "detail_available": true, "module_name": "BC-FJA (Bouncy Castle FIPS Java API)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well. The module is designed to integrate with the associated Bouncy Castle APIs including those for TLS, X.509, CMS, S/MIME, TSP, PKIX, and OpenPGP.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3151", "Certificate Number": "3151", "Vendor Name": "BlackRidge Technology International, Inc.", "Module Name": "BlackRidge Technology Cryptographic Module", "Module Type": "Software", "Validation Date": "03/14/201802/21/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3151.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3151", "detail_available": true, "module_name": "BlackRidge Technology Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security relevant modification to Cert. #2038.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The BlackRidge Technology Cryptographic Module provides cryptographic functions for BlackRidge TAC Gateway, BlackRidge TAC Endpoint for Linux, and BlackRidge Enterprise Manager.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3150", "Certificate Number": "3150", "Vendor Name": "McAfee, LLC", "Module Name": "Network Security Platform Sensor NS9100 and NS9200", "Module Type": "Hardware", "Validation Date": "03/13/201805/01/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3150.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3150", "detail_available": true, "module_name": "Network Security Platform Sensor NS9100 and NS9200", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3149", "Certificate Number": "3149", "Vendor Name": "McAfee LLC", "Module Name": "Network Security Platform Sensor NS-3100, NS-3200, NS-5100 and NS-5200", "Module Type": "Hardware", "Validation Date": "03/12/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3149.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3149", "detail_available": true, "module_name": "Network Security Platform Sensor NS-3100, NS-3200, NS-5100 and NS-5200", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and configured per Security Policy Sections 8 and 9 and with the tamper evident seals installed as indicated in the Security Policy. The protocol SNMP shall not be used when operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3148", "Certificate Number": "3148", "Vendor Name": "Apple Inc.", "Module Name": "Apple CoreCrypto Module v8.0 for ARM", "Module Type": "Software", "Validation Date": "03/09/201805/22/201807/06/201803/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3148.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3148", "detail_available": true, "module_name": "Apple CoreCrypto Module v8.0 for ARM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Apple CoreCrypto Module v8 for ARM is a software cryptographic module running on a multi-chip standalone hardware device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3147", "Certificate Number": "3147", "Vendor Name": "Apple Inc.", "Module Name": "Apple CoreCrypto Kernel Module v8.0 for ARM", "Module Type": "Software", "Validation Date": "03/09/201805/17/201807/03/201803/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3147.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3147", "detail_available": true, "module_name": "Apple CoreCrypto Kernel Module v8.0 for ARM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Apple CoreCrypto Kernel Module v8.0 for ARM is a software cryptographic module running on a multi-chip standalone hardware device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3146", "Certificate Number": "3146", "Vendor Name": "Hewlett Packard Enterprise", "Module Name": "Aruba 2930F Switch Series", "Module Type": "Hardware", "Validation Date": "03/07/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3146.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3146", "detail_available": true, "module_name": "Aruba 2930F Switch Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The 2930F is designed for customers creating digital workplaces that are optimized for mobile users with an integrated wired and wireless approach. The Basic Layer 3 switch supports 10GbE uplinks, PoE+, robust QoS, RIP Routing, Access OSPF, and IPV6, ACLs. The module delivers consistent wired/wireless user experience with unified management tools such as Aruba ClearPass Policy Manager and Aruba Airwave." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3145", "Certificate Number": "3145", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "03/05/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3145.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3145", "detail_available": true, "module_name": "Red Hat Enterprise Linux Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Red Hat Enterprise Linux NSS Cryptographic Module validated to FIPS 140-2 under Cert. #3070 operating in FIPS mode. The module generates random strings whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Linux kernel Crypto API implemented in Red Hat Enterprise Linux 7.4 provides services operating inside the Linux kernel with various ciphers, message digests and an approved random number generator." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3144", "Certificate Number": "3144", "Vendor Name": "Palo Alto Networks", "Module Name": "Palo Alto Networks VM-Series", "Module Type": "Software", "Validation Date": "03/05/201806/18/201807/06/201810/31/201802/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3144.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3144", "detail_available": true, "module_name": "Palo Alto Networks VM-Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The VM-Series allows you to protect your applications and data from cyber threats with our next-generation firewall security and advanced threat prevention features." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3143", "Certificate Number": "3143", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux 7 NSS Cryptographic Module", "Module Type": "Software", "Validation Date": "03/01/201809/25/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3143.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3143", "detail_available": true, "module_name": "Oracle Linux 7 NSS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Oracle Linux 7 NSS Cryptographic Module is a set of libraries designed to support cross-platform development of security-enabled applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3142", "Certificate Number": "3142", "Vendor Name": "F5 Networks", "Module Name": "F5® Device Cryptographic Module", "Module Type": "Hardware", "Validation Date": "02/28/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3142.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3142", "detail_available": true, "module_name": "F5® Device Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS Mode and configured as specified in the section 8 of the Security Policy with tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "F5® Device Cryptographic Module, Application Delivery Controller and Firewall software running on F5 BIG-IP and VIPRION hardware." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3141", "Certificate Number": "3141", "Vendor Name": "DocuSign, Inc.", "Module Name": "DocuSign Signature Appliance", "Module Type": "Hardware", "Validation Date": "02/27/201808/17/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3141.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3141", "detail_available": true, "module_name": "DocuSign Signature Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. This module contains the embedded module eToken 5105 validated to FIPS 140-2 under Cert. #1883 operating in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The DocuSign Signature Appliance is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization's end-users. End-users will connect securely to the appliance from their PC for the purpose of signing documents and data." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3140", "Certificate Number": "3140", "Vendor Name": "Trend Micro Inc.", "Module Name": "Trend Micro Java Crypto Module", "Module Type": "Software", "Validation Date": "02/26/201809/24/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3140.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3140", "detail_available": true, "module_name": "Trend Micro Java Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Trend Micro Java Crypto Module provides FIPS-approved cryptographic algorithms for Trend Micro products including Trend Micro Deep Security", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3139", "Certificate Number": "3139", "Vendor Name": "Amazon Web Services, Inc.", "Module Name": "AWS Key Management Service HSM", "Module Type": "Hardware", "Validation Date": "02/26/201810/22/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3139.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3139", "detail_available": true, "module_name": "AWS Key Management Service HSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Amazon AWS Key Management Service HSM is a multi-chip standalone hardware cryptographic appliance designed to provide dedicated cryptographic functions to meet the security and scalability requirements of the AWS Key Management Service (KMS). The cryptographic boundary is defined as the secure chassis of the appliance. All key materials are maintained exclusively in volatile memory in the appliance and are erased immediately upon detection of physical tampering.", "algorithms": [ "AES", "CVL", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3138", "Certificate Number": "3138", "Vendor Name": "Hewlett Packard Enterprise", "Module Name": "OneView Java Crypto Module", "Module Type": "Software", "Validation Date": "02/26/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3138.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3138", "detail_available": true, "module_name": "OneView Java Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The OneView Java Cryptographic Module provides FIPS-approved cryptographic algorithms for HPE OneView.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3137", "Certificate Number": "3137", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks vSRX Virtual Firewall", "Module Type": "Software", "Validation Date": "02/26/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3137.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3137", "detail_available": true, "module_name": "Juniper Networks vSRX Virtual Firewall", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The vSRX delivers a complete and integrated virtual security solution, including unified threat management(UTM), intrusion detection and prevention (IDP), granular application control and robust networking. It provides seamless automated life cycle management capabilities making it an ideal solution for Service Providers, Cloud and Enterprise deployments. The vSRX supports Juniper Networks Contrail, OpenContrail, Openstack and other third-party solutions.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3136", "Certificate Number": "3136", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SRX1500, SRX4100 and SRX4200 Services Gateways", "Module Type": "Hardware", "Validation Date": "02/23/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3136.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3136", "detail_available": true, "module_name": "Juniper Networks SRX1500, SRX4100 and SRX4200 Services Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The SRX1500, SRX4100, SRX4200 Service Gateways offer outstanding protection, performance, scalability, availability, and integrated security services. Designed for high-performance security services architecture, and seamless integration of networking and security in a single platform, the SRX1500, SRX4100, and SRX4200 are best suited for campuses, regional headquarters and enterprise data centers with a focus on application visibility and control, intrusion prevention, advanced threat protection, authentication, confidentiality of information, and integrated cloud-based security.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3135", "Certificate Number": "3135", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade® 7840 Extension Switch", "Module Type": "Hardware", "Validation Date": "02/22/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3135.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3135", "detail_available": true, "module_name": "Brocade® 7840 Extension Switch", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When configured and initialized as per Section 3.1 of the Security Policy and when operated in FIPS mode with tamper evident labels installed as indicated in Appendix A. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Brocade 7840 Extension Switch provides fast, reliable WN/MAN connectivity for remote data replication, backup, and migration with Fibre Channel and advanced Fibre Channel over IP (FCIP) technology." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3134", "Certificate Number": "3134", "Vendor Name": "Seagate Technology LLC", "Module Name": "Seagate Secure® TCG Opal SSC Self-Encrypting Drive", "Module Type": "Hardware", "Validation Date": "02/21/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3134.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3134", "detail_available": true, "module_name": "Seagate Secure® TCG Opal SSC Self-Encrypting Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. This validation entry is a non-security-relevant modification to Cert. #1826", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Seagate Secure® TCG Opal SSC Self-Encrypting Drive is embedded in Seagate Momentus® Thin Self-Encrypting Drives (SEDs). The cryptographic module (CM) provides a wide range of cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, instantaneous user data disposal with cryptographic erase, independently controlled and protected user data LBA ranges, and authenticated FW download. The services are provided through an industry-standard TCG Opal SSC interface.", "algorithms": [ "AES", "DRBG", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3133", "Certificate Number": "3133", "Vendor Name": "Palo Alto Networks", "Module Name": "PA-200, PA-220, PA-500, PA-800 Series, PA-3000 Series, PA-5000 Series, PA-5200 Series and PA-7000 Series Firewalls", "Module Type": "Hardware", "Validation Date": "02/21/201805/18/201810/31/201802/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3133.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3133", "detail_available": true, "module_name": "PA-200, PA-220, PA-500, PA-800 Series, PA-3000 Series, PA-5000 Series, PA-5200 Series and PA-7000 Series Firewalls", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Palo Alto Networks PA-200, PA-220, PA-500, PA-800 Series, PA-3000 Series, PA-5000 Series, PA-5200 Series, and PA-7000 Series Firewalls are multi-chip standalone modules that provide network security by enabling enterprises to see and control applications, users, and content using three unique identification technologies: App-ID, User-ID, and Content-ID. These identification technologies enable enterprises to create business-relevant security polices - safely enabling organizations to adopt new applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3132", "Certificate Number": "3132", "Vendor Name": "FireEye, Inc.", "Module Name": "FireEye NX Series: NX1500V, NX2500V, NX2550V, NX4500V, NX6500V", "Module Type": "Software", "Validation Date": "02/20/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3132.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3132", "detail_available": true, "module_name": "FireEye NX Series: NX1500V, NX2500V, NX2550V, NX4500V, NX6500V", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The FireEye Network Threat Prevention Platform identifies and blocks zero-day Web exploits, droppers (binaries), and multi-protocol callbacks to help organizations scale their advanced threat defenses across a range of deployments, from the multi-gigabit headquarters down to remote, branch, and mobile offices. FireEye Network with Intrusion Prevention System (IPS) technology further optimizes spend, substantially reduces false positives, and enables compliance while driving security across known and unknown threats.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3131", "Certificate Number": "3131", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "02/16/201810/23/201810/21/202007/09/202104/18/202209/15/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3131.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3131", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3130", "Certificate Number": "3130", "Vendor Name": "EnterpriseDB", "Module Name": "EnterpriseDB Cryptographic Module", "Module Type": "Software", "Validation Date": "02/15/201803/03/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3130.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3130", "detail_available": true, "module_name": "EnterpriseDB Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #2038.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "EnterpriseDB Postgres Advanced Server for Windows is an enterprise distribution of Postgres for the MS Windows platform. In addition to other enhanced security, performance, tooling, and Oracle compatibility features, this Postgres distribution contains robust encryption algorithm support, including FIPS 140-2 compliance.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3129", "Certificate Number": "3129", "Vendor Name": "Trend Micro, Inc.", "Module Name": "Trend Micro Mobile Cryptographic Module", "Module Type": "Software", "Validation Date": "02/15/201803/09/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3129.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3129", "detail_available": true, "module_name": "Trend Micro Mobile Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security-relevant modification to Cert. #1938.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Trend Micro Mobile Cryptographic Module provides FIPS-approved cryptographic algorithms for Trend Micro products including Trend Micro Deep Security.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3128", "Certificate Number": "3128", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade® G620 FC Switch", "Module Type": "Hardware", "Validation Date": "02/14/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3128.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3128", "detail_available": true, "module_name": "Brocade® G620 FC Switch", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident seals installed as indicated in the Security Policy. When installed, initialized and configured as specified in Security Policy Section 3.1.3", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Brocade® G620 switch provides a reliable, scalable Fibre Channel switching infrastructure with Gen 6 32 Gbps technology and capabilities that support demanding, enterprise-class private cloud storage and highly virtualized environments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3127", "Certificate Number": "3127", "Vendor Name": "FireEye, Inc.", "Module Name": "FireEye CMS Series: CM2500V, CM7500V", "Module Type": "Software", "Validation Date": "02/14/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3127.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3127", "detail_available": true, "module_name": "FireEye CMS Series: CM2500V, CM7500V", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The FireEye CM series is a group of management platforms that consolidates the administration, reporting, and data sharing of the FireEye NX, EX, FX and AX series in one easy-to-deploy, network-based platform. Within the FireEye deployment, the FireEye CM enables real-time sharing of the auto-generated threat intelligence to identify and block advanced attacks targeting the organization. It also enables centralized configuration, management, and reporting of FireEye platforms.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3126", "Certificate Number": "3126", "Vendor Name": "Splunk Inc.", "Module Name": "Splunk Cryptographic Module", "Module Type": "Software", "Validation Date": "02/13/201803/13/201803/22/201802/14/202010/02/202003/17/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3126.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3126", "detail_available": true, "module_name": "Splunk Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy and operated in FIPS mode. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security relevant modification to Cert. #2398", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Splunk Cryptographic Module is a general purpose cryptographic module integrated in Splunk's products to provide FIPS 140-2 validated cryptography for the protection of sensitive information.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3125", "Certificate Number": "3125", "Vendor Name": "Trend Micro, Inc.", "Module Name": "Trend Micro Cryptographic Module", "Module Type": "Software", "Validation Date": "02/12/201807/10/201803/03/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3125.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3125", "detail_available": true, "module_name": "Trend Micro Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #2038.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Trend Micro Cryptographic Module provides FIPS-approved cryptographic algorithms for Trend Micro products including Trend Micro Deep Security.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3124", "Certificate Number": "3124", "Vendor Name": "Qualcomm Technologies, Inc.", "Module Name": "Qualcomm® Inline Crypto Engine (UFS)", "Module Type": "Hardware", "Validation Date": "02/09/201805/22/201901/29/202003/20/202003/30/202105/06/202109/15/202212/15/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3124.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3124", "detail_available": true, "module_name": "Qualcomm® Inline Crypto Engine (UFS)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Qualcomm Inline Crypto Engine (UFS) provides high throughput storage data encryption and decryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3123", "Certificate Number": "3123", "Vendor Name": "Qualcomm Technologies, Inc.", "Module Name": "QTI Crypto Engine Core", "Module Type": "Hardware", "Validation Date": "02/09/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3123.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3123", "detail_available": true, "module_name": "QTI Crypto Engine Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "QTI Crypto Engine Core is a general purpose cryptographic hardware engine capable of securely processing various confidentiality and integrity algorithms across multiple execution environments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3122", "Certificate Number": "3122", "Vendor Name": "Hewlett Packard Enterprise Development LP", "Module Name": "iLO 5 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "02/08/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3122.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3122", "detail_available": true, "module_name": "iLO 5 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The HP Integrated Lights-Out 5 (HP iLO 5) built into HP ProLiant Gen10 and Synergy(480 and 660) servers is an autonomous secure management component embedded directly on the server motherboard. iLO helps simplify initial server setup, power and thermal optimization, remote server administration, and provides server health monitoring with the HP Active Health System (AHS).", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3121", "Certificate Number": "3121", "Vendor Name": "FireEye, Inc.", "Module Name": "FireEye VX Series: VX-5500, VX-12500", "Module Type": "Hardware", "Validation Date": "02/07/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3121.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3121", "detail_available": true, "module_name": "FireEye VX Series: VX-5500, VX-12500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FireEye Network Threat Prevention Platform identifies and blocks zero-day Web exploits, droppers (binaries), and multi-protocol callbacks to help organizations scale their advanced threat defenses across a range of deployments, from the multi-gigabit headquarters down to remote, branch, and mobile offices. FireEye Network with Intrusion Prevention System (IPS) technology further optimizes spend, substantially reduces false positives, and enables compliance while driving security across known and unknown threats.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3120", "Certificate Number": "3120", "Vendor Name": "FireEye, Inc.", "Module Name": "FireEye EX Series: EX-3500, EX-5500, EX-8500", "Module Type": "Hardware", "Validation Date": "02/07/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3120.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3120", "detail_available": true, "module_name": "FireEye EX Series: EX-3500, EX-5500, EX-8500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FireEye EX series secures against advanced email attacks. As part of the FireEye Threat Prevention Platform, the FireEye EX uses signature-less technology to analyze every email attachment and successfully quarantine spear-phishing emails used in advanced targeted attacks.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3119", "Certificate Number": "3119", "Vendor Name": "FireEye, Inc.", "Module Name": "FireEye CM Series: CM-4500, CM-7500, CM-9500", "Module Type": "Hardware", "Validation Date": "02/07/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3119.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3119", "detail_available": true, "module_name": "FireEye CM Series: CM-4500, CM-7500, CM-9500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FireEye CM series is a group of management platforms that consolidates the administration, reporting, and data sharing of the FireEye NX, EX, FX and AX series in one easy-to-deploy, network-based platform. Within the FireEye deployment, the FireEye CM enables real-time sharing of the auto-generated threat intelligence to identify and block advanced attacks targeting the organization. It also enables centralized configuration, management, and reporting of FireEye platforms.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3118", "Certificate Number": "3118", "Vendor Name": "iRhythm Technologies, Inc.", "Module Name": "iRhythm Cryptographic Module", "Module Type": "Software", "Validation Date": "02/07/201805/15/202005/29/202003/03/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3118.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3118", "detail_available": true, "module_name": "iRhythm Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #2038.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The iRhythm Cryptographic module is a standards-based, FIPS 140-2 compliant solution for zioreports.com. The module features robust algorithm support, including Suite B algorithm compliance.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3117", "Certificate Number": "3117", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade® X6-8 and X6-4 Directors", "Module Type": "Hardware", "Validation Date": "02/06/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3117.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3117", "detail_available": true, "module_name": "Brocade® X6-8 and X6-4 Directors", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and when tamper evident labels are installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Brocade® X6-8 and X6-4 directors provide a reliable, scalable Fibre Channel switching infrastructure with Gen 6 32 Gbps technology and capabilities that support demanding, enterprise-class private cloud storage and highly virtualized environments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3116", "Certificate Number": "3116", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Voice Processing Module Cryptographic Module (VPMCM) / Telephone Media Gateway Cryptographic Module (TMGCM)", "Module Type": "Hardware", "Validation Date": "02/02/201807/03/201807/16/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3116.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3116", "detail_available": true, "module_name": "Voice Processing Module Cryptographic Module (VPMCM) / Telephone Media Gateway Cryptographic Module (TMGCM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Motorola VPMCM/TMGCM provides cryptographic services to the Voice Processing Module in which it is embedded. The Voice Processing Module provides dispatch console audio routing between a dispatch operator (e.g., 911 dispatcher), peripherals, and a local network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3115", "Certificate Number": "3115", "Vendor Name": "Palo Alto Networks", "Module Name": "Panorama M-100 and M-500", "Module Type": "Hardware", "Validation Date": "01/31/201805/18/201810/31/201802/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3115.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3115", "detail_available": true, "module_name": "Panorama M-100 and M-500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Panorama on the M-100 and M-500 provides centralized management and visibility of multiple Palo Alto Networks next-generation firewalls and supports distributed management and logging functions. It allows you to oversee all applications, users, and content traversing the network and then create application enablement policies that protect and control the entire network. The M-500 provides an additional service, the PAN-DB private cloud, which is an on-premise solution suitable for organizations that prohibit or restrict the use of the PAN-DB public cloud service." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3114", "Certificate Number": "3114", "Vendor Name": "Qualcomm Technologies, Inc.", "Module Name": "Qualcomm® Pseudo Random Number Generator", "Module Type": "Hardware", "Validation Date": "01/29/201802/12/201804/08/201901/29/202010/02/202001/25/202104/02/202108/23/202210/15/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3114.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3114", "detail_available": true, "module_name": "Qualcomm® Pseudo Random Number Generator", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Qualcomm® Pseudo Random Number Generator is a hardware random number generator that provides cryptographic functions through on-chip entropy sources and hash based DRBG. Qualcomm Pseudo Random Number Generator versions 2.1.0 [1], 2.3.1 [2] and 2.4.0 [3] are supported by various Qualcomm platforms including Snapdragon®820 [1], Snapdragon 845 [2], Snapdragon 855 [2], Qualcomm Snapdragon 865 Mobile Platform [2], Qualcomm Snapdragon™ 888 5G Mobile Platform [3], Snapdragon 8cx Gen 3 Mobile Compute Platform [3], QCM8250 [2], and QCS8250 [2]." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3113", "Certificate Number": "3113", "Vendor Name": "Forcepoint", "Module Name": "Forcepoint Java Crypto Module", "Module Type": "Software", "Validation Date": "01/26/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3113.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3113", "detail_available": true, "module_name": "Forcepoint Java Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Forcepoint Java Crypto Module is a standards-based \"Drop-in Compliance\" cryptographic engine for native Java environments. The module delivers core cryptographic functions to mobile and server platforms and features robust algorithm support, including Suite B algorithms. The Forcepoint Java Crypto Module offloads secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3112", "Certificate Number": "3112", "Vendor Name": "Axway Inc.", "Module Name": "Axway Security Kernel", "Module Type": "Software", "Validation Date": "01/25/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3112.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3112", "detail_available": true, "module_name": "Axway Security Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Axway Validation Authority Suite: a collection of products that provide flexible and robust OCSP/SCVP certificate validation for standard and custom desktop and server applications, supporting established security standards and technologies. These products may be used together or integrated with existing solutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3111", "Certificate Number": "3111", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux 6 NSS Cryptographic Module", "Module Type": "Software", "Validation Date": "01/24/201802/06/201807/06/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3111.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3111", "detail_available": true, "module_name": "Oracle Linux 6 NSS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Oracle Linux 6 NSS Cryptographic Module is a set of libraries designed to support cross-platform development of security-enabled applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3110", "Certificate Number": "3110", "Vendor Name": "Oracle Communications", "Module Name": "Acme Packet 1100 and Acme Packet 3900", "Module Type": "Hardware", "Validation Date": "01/19/201803/22/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3110.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3110", "detail_available": true, "module_name": "Acme Packet 1100 and Acme Packet 3900", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Acme Packet 1100 and 3900 appliances are specifically designed to meet the unique price performance and manageability requirements of the small to medium sized enterprise and remote office/ branch office. Ideal for small site border control and Session Initiation Protocol (SIP) trunking service termination applications, the Acme Packet 1100 and 3900 appliances deliver Oracle’s industry leading ESBC capabilities in a small form factor appliance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3109", "Certificate Number": "3109", "Vendor Name": "FireEye, Inc.", "Module Name": "FireEye NX Series: NX-1500, NX-2500, NX-2550, NX-3500, NX-4500, NX-5500, NX-10450", "Module Type": "Hardware", "Validation Date": "01/19/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3109.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3109", "detail_available": true, "module_name": "FireEye NX Series: NX-1500, NX-2500, NX-2550, NX-3500, NX-4500, NX-5500, NX-10450", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FireEye Network Threat Prevention Platform identifies and blocks zero-day Web exploits, droppers (binaries), and multi-protocol callbacks to help organizations scale their advanced threat defenses across a range of deployments, from the multi-gigabit headquarters down to remote, branch, and mobile offices. FireEye Network with Intrusion Prevention System (IPS) technology further optimizes spend, substantially reduces false positives, and enables compliance while driving security across known and unknown threats.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3108", "Certificate Number": "3108", "Vendor Name": "Marvell Semiconductor, Inc.", "Module Name": "NITROXIII CNN35XX-NFBE HSM Family", "Module Type": "Hardware", "Validation Date": "01/18/201803/07/201804/10/201810/12/201810/31/201802/20/201905/08/201908/19/202009/30/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3108.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3108", "detail_available": true, "module_name": "NITROXIII CNN35XX-NFBE HSM Family", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "CNN35XX-NFBE HSM Family is a high performance purpose built solution for key management and crypto acceleration compliance to FIPS 140-2. The module supports flexible key store that can be partitioned up to 32 individually managed and isolated partitions. This is a SRIOV capable PCIe adapter and can be used in a virtualization environment to extend services like virtual key management, crypto and TLS offloads to VMs in dedicated I/O channels. This product is suitable for PKI vendors, SSL servers/load balancers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3107", "Certificate Number": "3107", "Vendor Name": "Carbon Black, Inc.", "Module Name": "Carbon Black Cryptographic Module", "Module Type": "Software", "Validation Date": "01/09/201802/13/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3107.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3107", "detail_available": true, "module_name": "Carbon Black Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security relevant modification to Cert. #2038.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Carbon Black Cryptographic Module delivers core cryptographic functions (including Suite B algorithms) to Cb Response and Cb Protection. These products rely on the Carbon Black Cryptographic Module for secure key management, data integrity, data at rest encryption, and secure communications.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3106", "Certificate Number": "3106", "Vendor Name": "Distech Controls Inc.", "Module Name": "Distech SSL Cryptographic Module", "Module Type": "Firmware", "Validation Date": "01/09/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3106.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3106", "detail_available": true, "module_name": "Distech SSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-Chip Embedded", "description": "The Distech SSL Cryptographic Module provides cryptographic functionality to Distech's series of building management appliances. The module is classified under FIPS 140-2 as a firmware based, multichip-standalone module embodiment.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3105", "Certificate Number": "3105", "Vendor Name": "Information Security Corporation", "Module Name": "ISC Cryptographic Development Kit (CDK)", "Module Type": "Software", "Validation Date": "01/05/201808/15/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3105.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3105", "detail_available": true, "module_name": "ISC Cryptographic Development Kit (CDK)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The CDK is a software module. The physical embodiment of the computer hardware on which it runs is a \"multi-chip standalone module\" in FIPS 140-2 terminology. The \"physical cryptographic boundary\" is defined to be the entire computer on which the CDK software runs. As a software module, the \"logical boundary\" contains the software modules that comprise the CDK shared link library.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3104", "Certificate Number": "3104", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiWeb-3000E/4000E", "Module Type": "Hardware", "Validation Date": "01/05/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3104.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3104", "detail_available": true, "module_name": "FortiWeb-3000E/4000E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and configured according to the Entropy Token Section of the Security Policy. There is no assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiWeb OS is a firmware operating system that runs exclusively on Fortinet's FortiWeb product family. FortiWeb units are PC-based, purpose built appliances." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3103", "Certificate Number": "3103", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiWeb 5.6", "Module Type": "Firmware", "Validation Date": "01/05/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3103.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3103", "detail_available": true, "module_name": "FortiWeb 5.6", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and configured according to the Entropy Token Section of the Security Policy. There is no assurance of the minimum strength of generated keys", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiWeb OS is a firmware operating system that runs exclusively on Fortinet's FortiWeb product family. FortiWeb units are PC-based, purpose built appliances." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3102", "Certificate Number": "3102", "Vendor Name": "Palo Alto Networks", "Module Name": "WildFire WF-500", "Module Type": "Hardware", "Validation Date": "01/02/201805/18/201810/31/201802/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3102.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3102", "detail_available": true, "module_name": "WildFire WF-500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "WildFire WF-500 identifies unknown malware, zero-day exploits, and Advanced Persistent Threats (APTs) through dynamic analysis, and automatically disseminates protection in near real-time to help security teams meet the challenge of advanced cyber-attacks" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3101", "Certificate Number": "3101", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SRX300, SRX340, and SRX345 Services Gateways", "Module Type": "Hardware", "Validation Date": "01/02/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3101.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3101", "detail_available": true, "module_name": "Juniper Networks SRX300, SRX340, and SRX345 Services Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Juniper Networks® SRX300 line of services gateways delivers a next-generation security and networking solution that supports the changing needs of cloud-enabled enterprise networks. By consolidating security, switching and routing in a single device, enterprises can protect against advanced security threats, overcome network complexity and improve application performance while reducing total cost of ownership. Customers can further enable secure SD-WAN capabilities that reduce band-width costs, simplify management and automate their WAN infrastructure.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3100", "Certificate Number": "3100", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SRX300, SRX320, SRX340, SRX345 and SRX550-M Services Gateways", "Module Type": "Hardware", "Validation Date": "01/02/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3100.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3100", "detail_available": true, "module_name": "Juniper Networks SRX300, SRX320, SRX340, SRX345 and SRX550-M Services Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Juniper Networks® SRX300 and SRX550 lines of services gateways delivers a next-generation security and networking solution that supports the changing needs of cloud-enabled enterprise networks. By consolidating security, switching and routing in a single device, enterprises can protect against advanced security threats, overcome network complexity and improve application performance while reducing total cost of ownership. Customers can further enable secure SD-WAN capabilities that reduce band-width costs, simplify management and automate their WAN infrastructure.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3099", "Certificate Number": "3099", "Vendor Name": "SUSE, LLC", "Module Name": "SUSE Linux Enterprise Server - Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "01/02/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3099.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3099", "detail_available": true, "module_name": "SUSE Linux Enterprise Server - Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module SUSE Linux Enterprise Server 12 - OpenSSL Module v2.0 validated to FIPS 140-2 under Cert. #3038 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SUSE Linux Enterprise Server Kernel Crypto API Module provides cryptographic services to the Linux operating system kernel." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3098", "Certificate Number": "3098", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Systems 2504, 5520, 8510 and 8540 Wireless LAN Controllers", "Module Type": "Hardware", "Validation Date": "01/02/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3098.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3098", "detail_available": true, "module_name": "Cisco Systems 2504, 5520, 8510 and 8540 Wireless LAN Controllers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Series Wireless Controllers, are a highly scalable and flexible platform that enables system-wide services for mission-critical wireless networking in medium-sized to large enterprises and campus environments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3097", "Certificate Number": "3097", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Systems 5508 Wireless LAN Controller", "Module Type": "Hardware", "Validation Date": "01/02/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3097.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3097", "detail_available": true, "module_name": "Cisco Systems 5508 Wireless LAN Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode with the tamper evident labels installed", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco 5500 Series Wireless Controller, is a highly scalable and flexible platform that enables system-wide services for mission-critical wireless networking in medium-sized to large enterprises and campus environments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3096", "Certificate Number": "3096", "Vendor Name": "Microsoft Corporation", "Module Name": "Secure Kernel Code Integrity", "Module Type": "Software", "Validation Date": "04/11/201810/16/201807/15/201908/27/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3096.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3096", "detail_available": true, "module_name": "Secure Kernel Code Integrity", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules Windows OS Loader validated to FIPS 140-2 under Cert. #3090, #3194 or #3480 operating in FIPS mode or Windows Resume validated to FIPS 140-2 under Cert. #3091 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Secure Kernel Code Integrity (SKCI) running in the Virtual Secure Mode (VSM) of the Hyper-V hypervisor will only grant execute access to physical pages in the kernel that have been successfully verified. Executable pages will not have write permission outside of Hyper-V. Therefore, only verified code can be executed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3095", "Certificate Number": "3095", "Vendor Name": "Microsoft Corporation", "Module Name": "Cryptographic Primitives Library", "Module Type": "Software", "Validation Date": "03/22/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3095.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3095", "detail_available": true, "module_name": "Cryptographic Primitives Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules Kernel Mode Cryptographic Primitives Library validated to FIPS 140-2 under Cert. #3094 operating in FIPS mode and Code Integrity validated to FIPS 140-2 under Cert. #3093 operating in FIPS mode or Secure Kernel Code Integrity validated to FIPS 140-2 under Cert. #3096 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) provides cryptographic services to Windows components and applications. It includes cryptographic algorithms in an easy-to-use cryptographic module via the Cryptography Next Generation (CNG) API. It can be dynamically linked into applications for the use of general-purpose FIPS 140-2 validated cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3094", "Certificate Number": "3094", "Vendor Name": "Microsoft Corporation", "Module Name": "Kernel Mode Cryptographic Primitives Library", "Module Type": "Software", "Validation Date": "03/22/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3094.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3094", "detail_available": true, "module_name": "Kernel Mode Cryptographic Primitives Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules Windows OS Loader validated to FIPS 140-2 under Cert. #3090 operating in FIPS mode or Windows Resume validated to FIPS 140-2 under Cert. #3091 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Kernel Mode Cryptographic Primitives Library (cng.sys) runs as a kernel mode export driver, and provides cryptographic services, through their documented interfaces, to Windows kernel components. It supports several cryptographic algorithms accessible via a FIPS function table request IRP (I/O request packet)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3093", "Certificate Number": "3093", "Vendor Name": "Microsoft Corporation", "Module Name": "Code Integrity", "Module Type": "Software", "Validation Date": "03/22/201806/17/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3093.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3093", "detail_available": true, "module_name": "Code Integrity", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules Windows OS Loader validated to FIPS 140-2 under Cert. #3090 operating in FIPS mode or Windows Resume validated to FIPS 140-2 under Cert. #3091 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Code Integrity (ci.dll) verifies the integrity of executable files, including kernel mode drivers, critical system components, and user mode cryptographic modules as they are loaded into memory from the disk." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3092", "Certificate Number": "3092", "Vendor Name": "Microsoft Corporation", "Module Name": "BitLocker Dump Filter", "Module Type": "Software", "Validation Date": "03/22/201811/09/201807/09/201906/05/202010/05/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3092", "detail_available": true, "module_name": "BitLocker Dump Filter", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with the module Code Integrity under Cert. #3093, #3195 or #3644 operating in FIPS mode or Secure Kernel Code Integrity under Cert. #3096 or #3651 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The BitLocker® Dump Filter (dumpfve.sys) is the full volume encryption filter that resides in the system dump stack. Whenever the dump stack is called (in the event of a system crash or for hibernation), this filter ensures that all data is encrypted before it gets written to the disk as a dump file or hibernation file." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3091", "Certificate Number": "3091", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Resume", "Module Type": "Software", "Validation Date": "03/22/201806/13/201806/17/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3091.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3091", "detail_available": true, "module_name": "Windows Resume", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Boot Manager validated to FIPS 140-2 under Cert. #3089 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "BitLocker® Windows Resume is an operating system loader which loads the Windows OS kernel (ntoskrnl.exe) and other boot stage binary image files, as well as previous operating system state information, when Windows has been previously put into a sleep or hibernate power state." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3090", "Certificate Number": "3090", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows OS Loader", "Module Type": "Software", "Validation Date": "03/22/201806/17/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3090.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3090", "detail_available": true, "module_name": "Windows OS Loader", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Boot Manager validated to FIPS 140-2 under Cert. #3089 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The BitLocker® Windows OS Loader loads the boot-critical driver and OS kernel image files." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3089", "Certificate Number": "3089", "Vendor Name": "Microsoft Corporation", "Module Name": "Boot Manager", "Module Type": "Software", "Validation Date": "03/22/201806/13/201802/15/201906/20/201908/15/201911/18/201903/23/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3089", "detail_available": true, "module_name": "Boot Manager", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Windows system boot manager is called by the bootstrapping code that resides in the boot sector. It checks its own integrity, checks the integrity of the Windows OS Loader, and then launches it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3088", "Certificate Number": "3088", "Vendor Name": "Zebra Technologies Corporation", "Module Name": "QTI Cryptographic Module on Crypto 5 Core", "Module Type": "Software-Hybrid", "Validation Date": "12/28/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3088.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3088", "detail_available": true, "module_name": "QTI Cryptographic Module on Crypto 5 Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "This cryptographic module implements block ciphers including AES, Triple-DES, hash functions SHA-1 and SHA-256, Message Authentication Code functions HMAC and CMAC and DRBG 800-90A." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3087", "Certificate Number": "3087", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Motorola Solutions Cryptographic Firmware Module", "Module Type": "Firmware", "Validation Date": "12/22/201704/25/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3087.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3087", "detail_available": true, "module_name": "Motorola Solutions Cryptographic Firmware Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "No assurance of the minimum strength of generated keys", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The Crypto module is a comprehensive suite of FIPS Approved algorithms implemented in C and crossed compiled on Linux build server. The module is delivered to target application team as static library which is the logical boundary of the cryptographic module. Cryptographic module used in Motorola Solutions Astro APX series and VX series subscribers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3086", "Certificate Number": "3086", "Vendor Name": "nCipher Security Limited", "Module Name": "nToken", "Module Type": "Hardware", "Validation Date": "12/21/201701/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3086.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3086", "detail_available": true, "module_name": "nToken", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The nToken Hardware Security Module improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3085", "Certificate Number": "3085", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade® MLXe® Series Ethernet Routers", "Module Type": "Hardware", "Validation Date": "12/19/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3085.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3085", "detail_available": true, "module_name": "Brocade® MLXe® Series Ethernet Routers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident labels installed and configured as specified in Section 11 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Brocade MLXe Series routers feature industry-leading Gigabit Ethernet ports with wire-speed density; advanced Layer 2 switching; rich IPv4, IPv6, Multi-VRF, MPLS, L2/L3 Virtual Private Networks (VPN), IKEv2/IPsec and PHY based MACsec capabilities without compromising performance.", "algorithms": [ "AES", "DES", "DRBG", "ECDH", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3084", "Certificate Number": "3084", "Vendor Name": "GE MDS LLC", "Module Name": "Orbit MCR and Orbit ECR", "Module Type": "Hardware", "Validation Date": "12/19/201701/02/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3084.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3084", "detail_available": true, "module_name": "Orbit MCR and Orbit ECR", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The GE MDS Orbit Multiservice Connect Router (MCR) and Edge Connect Router (ECR) modules are secure wireless communications devices, which operate on cellular bands (2G/3G/4G LTE), licensed and unlicensed bands, and 802.11 Wi-Fi. The modules are available in two form factors (MCR and ECR), with different port/interface configurations available for each.", "algorithms": [ "AES", "DES", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3083", "Certificate Number": "3083", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux Libreswan Cryptographic Module", "Module Type": "Software", "Validation Date": "12/19/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3083.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3083", "detail_available": true, "module_name": "Red Hat Enterprise Linux Libreswan Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "With module Red Hat Enterprise Linux NSS Cryptographic Module validated to FIPS 140-2 under Cert. #3070 operating in FIPS mode and Red Hat Enterprise Linux OpenSSL Module validated to FIPS 140-2 under Cert. #3016 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Red Hat Enterprise Linux Libreswan Cryptographic Module is a software only cryptographic module that provides the IKE protocol version 1 and version 2 key agreement services required for IPSec." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3082", "Certificate Number": "3082", "Vendor Name": "Symantec Corporation", "Module Name": "Symantec Java Cryptographic Module", "Module Type": "Software", "Validation Date": "12/18/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3082.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3082", "detail_available": true, "module_name": "Symantec Java Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. This module contains the embedded module RSA BSAFE® Crypto-J Software Module validated to FIPS 140-2 under Cert. #2057 operating in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Symantec Java Cryptographic Module provides a comprehensive set of cryptographic services for Symantec products including, but not limited to, the Symantec Data Loss Prevention Suite.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3081", "Certificate Number": "3081", "Vendor Name": "Oracle Communications", "Module Name": "Acme Packet VME", "Module Type": "Software", "Validation Date": "12/13/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3081.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3081", "detail_available": true, "module_name": "Acme Packet VME", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Acme Packet VME (Virtual Machine Edition) is specifically designed to meet the unique price performance and manageability requirements of the small to medium sized enterprise and remote office/branch office. Ideal for small site border control and Session Initiation Protocol (SIP) trunking service termination applications, the Acme Packet VME deliver Oracle’s industry leading ESBC capabilities in binary packaged executable that can be run in a virtual environment." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3080", "Certificate Number": "3080", "Vendor Name": "SafeLogic Inc.", "Module Name": "CryptoComply for Java", "Module Type": "Software", "Validation Date": "12/13/201703/29/201805/23/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3080.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3080", "detail_available": true, "module_name": "CryptoComply for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SafeLogic's CryptoComply for Java is designed to provide FIPS 140-2 validated cryptographic functionality and is available for licensing.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3079", "Certificate Number": "3079", "Vendor Name": "Datrium", "Module Name": "Datrium FIPS Object Module", "Module Type": "Software", "Validation Date": "12/11/201702/15/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3079.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3079", "detail_available": true, "module_name": "Datrium FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Datrium FIPS Object Module is a general purpose cryptographic module delivered as open source code. It is designed for ease of use with the popular OpenSSL cryptographic library and toolkit and is available for use without charge for a wide variety of platforms. The basic validation can also be extended quickly and affordably to accommodate new platforms and many types of modifications.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3078", "Certificate Number": "3078", "Vendor Name": "Trusted Concepts, Inc.", "Module Name": "TrustedKeep Encryption Module", "Module Type": "Software", "Validation Date": "12/11/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3078.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3078", "detail_available": true, "module_name": "TrustedKeep Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode as assumed by the Crypto Officer role and as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from the procedures outlined in the Security Policy will result in a non FIPS 140-2 compliant module.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "TrustedKeep is a secure object storage and sharing solution, providing robust access controls around your objects and securing them both in transit and at rest. It is designed from the ground up for object-level encryption, assigning a unique key to each object being stored, and capable of managing billions of objects in a single cluster. TrustedKeep handles all encryption and decryption at the boundaries, maintaining control at all times over key material, so that engineering mistakes do not result in key material (or sensitive data) being swapped to disk or left in memory.", "algorithms": [ "CVL", "DES", "DRBG", "DSA", "ECDSA", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3077", "Certificate Number": "3077", "Vendor Name": "Symantec, A Division of Broadcom", "Module Name": "Blue Coat Secure Web Gateway Virtual Appliance", "Module Type": "Software", "Validation Date": "12/11/201712/20/201711/13/201902/16/202105/27/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3077.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3077", "detail_available": true, "module_name": "Blue Coat Secure Web Gateway Virtual Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Blue Coat ProxySG physical and virtual appliances are the core of Symantec’s Unified Security and Optimization solutions for business assurance. The appliances offer complete security and control of web traffic, providing rich policy constructs for threat protection, SSL traffic, authentication, filtering, data loss prevention and logging. SWG VA identifies malicious payloads and then filters, strips, blocks or replaces web content to mitigate risks and prevent data loss. The appliances also optimize web and internal application traffic for data, video, cloud and web applications.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDH", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3076", "Certificate Number": "3076", "Vendor Name": "Symantec Corporation", "Module Name": "Symantec SymSSLf Cryptographic Module", "Module Type": "Software", "Validation Date": "12/07/201712/20/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3076.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3076", "detail_available": true, "module_name": "Symantec SymSSLf Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Symantec SymSSLf Cryptographic Module is a Windows software library that provides FIPS 140-2 validated cryptographic algorithm support to Symantec products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3075", "Certificate Number": "3075", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung Flash Memory Protector V1.2.1", "Module Type": "Software-Hybrid", "Validation Date": "12/06/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3075.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3075", "detail_available": true, "module_name": "Samsung Flash Memory Protector V1.2.1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The driver for the on-the-fly Hardware encryption module to flash memory for Disk/File Encryption solution. The hardware module supports AES with CBC mode and XTS-AES cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3074", "Certificate Number": "3074", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "ASTRO PDEG Motorola Advanced Crypto Engine (MACE)", "Module Type": "Hardware", "Validation Date": "12/06/201712/14/201704/25/201807/16/201806/01/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3074.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3074", "detail_available": true, "module_name": "ASTRO PDEG Motorola Advanced Crypto Engine (MACE)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The ASTRO PDEG MACE provides secure key management and data encryption for the Astro System." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3073", "Certificate Number": "3073", "Vendor Name": "VMware, Inc.", "Module Name": "VMware VMkernel Cryptographic Module", "Module Type": "Software", "Validation Date": "12/05/201706/19/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3073.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3073", "detail_available": true, "module_name": "VMware VMkernel Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The VMware VMkernel Cryptographic Module is a software cryptographic library that provides FIPS 140-2 Approved cryptographic services for VMware products and platforms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3072", "Certificate Number": "3072", "Vendor Name": "NetApp, Inc.", "Module Name": "NetApp CryptoMod", "Module Type": "Software", "Validation Date": "12/04/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3072.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3072", "detail_available": true, "module_name": "NetApp CryptoMod", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "NetApp CryptoMod will be integrated into select NetApp ONTAP releases for the purpose of supporting FIPS 140-2 compliant data-at-rest encryption and key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3071", "Certificate Number": "3071", "Vendor Name": "Alcatel-Lucent Enterprise USA Inc.", "Module Name": "OmniSwitch AOS 6.7.1.R04 Cryptographic Module", "Module Type": "Software", "Validation Date": "12/01/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3071.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3071", "detail_available": true, "module_name": "OmniSwitch AOS 6.7.1.R04 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3.1. When operated in FIPS mode.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The AOS Cryptographic Module version 6.7.1.R04 provides cryptographic functionality to Alcatel-Lucent software applications present on the Alcatel-Lucent OmniSwitch series of routers.", "algorithms": [ "AES", "CVL", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3070", "Certificate Number": "3070", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux NSS Cryptographic Module", "Module Type": "Software", "Validation Date": "12/01/201702/08/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3070.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3070", "detail_available": true, "module_name": "Red Hat Enterprise Linux NSS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major Internet security standards. NSS is available free of charge under a variety of open source compatible licenses. See http://www.mozilla.org/projects/security/pki/nss/." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3069", "Certificate Number": "3069", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba IAP-214, IAP-215, IAP-224, IAP-225, IAP-274, IAP-275, IAP-277, RAP-108 and RAP-109 Wireless Access Points with Aruba Instant Firmware", "Module Type": "Firmware", "Validation Date": "11/27/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3069.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3069", "detail_available": true, "module_name": "Aruba IAP-214, IAP-215, IAP-224, IAP-225, IAP-274, IAP-275, IAP-277, RAP-108 and RAP-109 Wireless Access Points with Aruba Instant Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated only on the specific platforms specified on the certificate in FIPS mode with tamper evident labels installed as indicated in the Security Policy. The protocols TLS, SNMP and IKEv2 shall not be used when operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's 802.11ac Wi-Fi access points operate at gigabit speeds, offering extreme performance for mobile devices. In FIPS 140-2 mode, Aruba APs in conjunction with a Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also support wireless intrusion detection/prevention services and wireless mesh topologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3068", "Certificate Number": "3068", "Vendor Name": "NetBrain Technologies, Inc.", "Module Name": "NetBrain OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "11/27/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3068.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3068", "detail_available": true, "module_name": "NetBrain OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The NetBrain OpenSSL Cryptographic Module is a C library of cryptographic functions which provides cryptographic services to applications via easy-to-use API. It can be dynamically linked into applications for the use of general-purpose FIPS 140-2 validated cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3067", "Certificate Number": "3067", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux OpenSSH Client Cryptographic Module", "Module Type": "Software", "Validation Date": "11/27/201706/15/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3067.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3067", "detail_available": true, "module_name": "Red Hat Enterprise Linux OpenSSH Client Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode with module Red Hat Enterprise Linux OpenSSL Module validated to FIPS 140-2 under Cert. #3016 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The OpenSSH Server cryptographic module provides the server-side component for an SSH protocol version 2 protected communication channel. OpenSSH is the standard SSH implementation and shipped with RHEL 7. Its cryptographic mechanisms use the OpenSSL library in FIPS 140-2 mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3066", "Certificate Number": "3066", "Vendor Name": "STMicroelectronics", "Module Name": "Trusted Platform Module ST33TPHF2ESPI & ST33TPHF2EI2C", "Module Type": "Hardware", "Validation Date": "11/15/201701/27/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3066.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3066", "detail_available": true, "module_name": "Trusted Platform Module ST33TPHF2ESPI & ST33TPHF2EI2C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "ST Microelectronics Trusted Platform Module is a hardware cryptographic module which implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography, as well as key generation and random number generation as defined by the Trusted Computing Group (TCG) version 1.2 and version 2.0 specification." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3065", "Certificate Number": "3065", "Vendor Name": "STMicroelectronics", "Module Name": "Trusted Platform Module ST33TPHF20SPI & ST33TPHF20I2C", "Module Type": "Hardware", "Validation Date": "11/15/201702/08/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3065.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3065", "detail_available": true, "module_name": "Trusted Platform Module ST33TPHF20SPI & ST33TPHF20I2C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Section 1.7 of the Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The Trusted Platform Module ST33TPHF20SPI & ST33TPHF20I2C (TPM) is a hardware cryptographic module which implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography, as well as key and random number generation. The TPM is a complete solution implementing the Trusted Platform Module Library Specification, Family \"2.0\", Level 00, Revision 01.16, October 2014 (ISO/IEC 11889:2015, Parts 1-4). See www.trustedcomputinggroup.org for further information on TCG and TPM." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3064", "Certificate Number": "3064", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® Crypto for C", "Module Type": "Software", "Validation Date": "11/14/201707/10/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3064.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3064", "detail_available": true, "module_name": "IBM® Crypto for C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The IBM Crypto for C version 8.6.0.0 (ICC) cryptographic module is implemented in the C programming language. It is packaged as dynamic (shared) libraries usable by applications written in a language that supports C language linking conventions (e.g. C, C++, Java, Assembler, etc.) for use on commercially available operating systems. The ICC allows these applications to access cryptographic functions using an Application Programming Interface (API) provided through an ICC import library and based on the API defined by the OpenSSL group." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3063", "Certificate Number": "3063", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux OpenSSH Server Cryptographic Module", "Module Type": "Software", "Validation Date": "11/14/201706/15/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3063.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3063", "detail_available": true, "module_name": "Red Hat Enterprise Linux OpenSSH Server Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode with module Red Hat Enterprise Linux OpenSSL Module validated to FIPS 140-2 under Cert. #3016 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The OpenSSH Server cryptographic module provides the server-side component for an SSH protocol version 2 protected communication channel. OpenSSH is the standard SSH implementation and shipped with RHEL 7. Its cryptographic mechanisms use the OpenSSL library in FIPS 140-2 mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3062", "Certificate Number": "3062", "Vendor Name": "MikroM GmbH", "Module Name": "MVC201", "Module Type": "Hardware", "Validation Date": "11/14/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3062.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3062", "detail_available": true, "module_name": "MVC201", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "MVC201 - Digital Cinema Image Media Block for integration into a TI Series 2 DLP Cinema projector" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3061", "Certificate Number": "3061", "Vendor Name": "HGST, a Western Digital brand", "Module Name": "HGST Ultrastar SS200 TCG Enterprise SSD", "Module Type": "Hardware", "Validation Date": "11/10/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3061.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3061", "detail_available": true, "module_name": "HGST Ultrastar SS200 TCG Enterprise SSD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "HGST's Ultrastar SS200 TCG Enterprise self-encryptinig SSDs implement TCG Storage specifications that meet or exceed the most demanding performance and security requirements. The Ultrastar SS200 family combines enterprise-grade MLC NAND Flash memory and advanced endurance management firmware. The power loss data management techniques utilized by the Ultrastar SS200, extend reliability, improve endurance, and sustain performance over the life of the SSD.", "algorithms": [ "DRBG", "HMAC", "KDF" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3060", "Certificate Number": "3060", "Vendor Name": "CommVault Systems, Inc.", "Module Name": "CommVault Crypto Library", "Module Type": "Software", "Validation Date": "11/09/201711/16/201702/05/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3060.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3060", "detail_available": true, "module_name": "CommVault Crypto Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "CommVault Crypto Library (CVCL) is a cryptographic software module used in various products by CommVault Systems, Inc. The module provides a collection of FIPS Approved and Non-FIPS Approved cryptographic services for key generation, symmetric and asymmetric encryption, hash, HMAC and signature generation/verification." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3059", "Certificate Number": "3059", "Vendor Name": "Utimaco Inc.", "Module Name": "Atalla Cryptographic Subsystem (ACS)", "Module Type": "Hardware", "Validation Date": "11/09/201712/11/201810/22/201912/18/201904/08/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3059.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3059", "detail_available": true, "module_name": "Atalla Cryptographic Subsystem (ACS)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The ACS is a multi-chip embedded cryptographic module. It consists of a secure hardware platform, a firmware secure loader, and three separate microcontrollers, collectively called the Physical Security Monitor Central Unit or PSMCU). The purpose of the cryptographic module is to load Approved (RSA and ECDSA signed) application programs, called \"personalities,\" in a secure manner." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3058", "Certificate Number": "3058", "Vendor Name": "Huawei Technologies Co., Ltd.", "Module Name": "Huawei USG 9520/9560/9580 Firewall", "Module Type": "Hardware", "Validation Date": "11/07/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3058.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3058", "detail_available": true, "module_name": "Huawei USG 9520/9560/9580 Firewall", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Huawei USG Firewalls ensure secure services for large data centers, cloud computing environments, and enterprise campus networks. Integrated switching, routing, and security enable smooth upgrades, easy virtualization, and terabit-level processing capability - all with carrier-grade reliability in a compact, space-saving form factor. NP + multi-core + distributed architecture integrates security, virtualization, and comprehensive service awareness with continuous database updates to optimize protection." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3057", "Certificate Number": "3057", "Vendor Name": "IBM Corporation", "Module Name": "IBM® z/OS® Version 2 Release 2 System SSL Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "11/07/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3057.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3057", "detail_available": true, "module_name": "IBM® z/OS® Version 2 Release 2 System SSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules IBM(R) z/OS(R) Version 2 Release 2 Security Server RACF(R) Signature Verification Module version 1.0 validated to FIPS 140-2 under Cert. #2691 operating in FIPS mode and IBM(R) z/OS(R) Version 2 Release 2 ICSF PKCS #11 Cryptographic Module validated to FIPS 140-2 under Cert. #3019 operating in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "z/OS® System SSL provides a rich set of C based application programming interfaces that allow applications to protect data using the SSL/TLS protocols and through PKCS#7 cryptographic messages. z/OS System SSL also enables applications to create and manage X.509 V3 certificates and keys within key database files and PKCS#11 tokens." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3056", "Certificate Number": "3056", "Vendor Name": "VT iDirect, Inc.", "Module Name": "TRANSEC Module", "Module Type": "Hardware", "Validation Date": "11/02/201703/09/201808/31/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3056.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3056", "detail_available": true, "module_name": "TRANSEC Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "VT iDirect, Inc.’s satellite-based IP communications technology enables constant connectivity for voice, video, and data applications in any environment. iDirect provides the leading TRANSEC-compliant, bandwidth-efficient satellite platforms for government and military communications. The Secure Satellite Broadband Solutions have uses across a wide range of applications, including maritime connectivity, aeronautical connectivity, military defense, and emergency relief." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3055", "Certificate Number": "3055", "Vendor Name": "Saviynt", "Module Name": "Saviynt Cryptographic Module", "Module Type": "Software", "Validation Date": "10/27/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3055.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3055", "detail_available": true, "module_name": "Saviynt Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security relevant modification to Cert. #2038.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Saviynt cryptographic module provides core cryptographic functions to the Saviynt Security Manager platform.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3054", "Certificate Number": "3054", "Vendor Name": "SPAWAR Systems Center Pacific", "Module Name": "CryptoSSC", "Module Type": "Software", "Validation Date": "10/27/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3054.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3054", "detail_available": true, "module_name": "CryptoSSC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security relevant modification to Cert. #2038.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "CryptoSSC is used to support secure data creation, storage and transport on SSC-PAC developed systems.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3053", "Certificate Number": "3053", "Vendor Name": "Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)", "Module Name": "CN Series Ethernet Encryptors", "Module Type": "Hardware", "Validation Date": "10/19/201712/08/201702/07/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3053.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3053", "detail_available": true, "module_name": "CN Series Ethernet Encryptors", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The CN4010, CN4020, CN6010 and CN6140 are high-speed hardware encryption platforms that secure data over twisted-pair and optical Ethernet networks. The modules support line rates from 10Mb/s to 10Gb/s. The CN4020, CN6010 and CN6140 are equipped with pluggable transceivers to support a variety of optical network interfaces. Data privacy is provided by FIPS approved AES algorithms in CFB, CTR and GCM modes. Additional transmission security is provided via TRANSEC (Traffic Flow Security) which can be used to remove patterns in network traffic and prevent traffic analysis attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3052", "Certificate Number": "3052", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung SAS 12G TCG Enterprise SSC SEDs PM1633a LC Series", "Module Type": "Hardware", "Validation Date": "10/19/201710/01/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3052.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3052", "detail_available": true, "module_name": "Samsung SAS 12G TCG Enterprise SSC SEDs PM1633a LC Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Rules Section of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Samsung SAS 12G TCG Enterprise SSC SEDs PM1633a LC Series are a high-performance Self-Encrypting SSDs supporting SAS 12G Interface that provides on-the-fly encryption/decryption of user data without performance loss. It implements AES256-XTS for user data encryption, ECDSA P-224 for FW authentication, and CTR_DRBG for key generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3051", "Certificate Number": "3051", "Vendor Name": "Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)", "Module Name": "CN9000 Series Encryptors", "Module Type": "Hardware", "Validation Date": "10/18/201712/07/201702/07/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3051.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3051", "detail_available": true, "module_name": "CN9000 Series Encryptors", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The CN9000 Series are high-speed hardware encryption platforms that secure data over optical Ethernet networks. The models included are the CN9100 and CN9120 100G Ethernet Encryptors, operating at line rates of 100Gb/s with pluggable transceivers to support a variety of optical network interfaces. Data privacy is provided by FIPS approved AES CTR algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3050", "Certificate Number": "3050", "Vendor Name": "Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)", "Module Name": "CN6000 Series Encryptors", "Module Type": "Hardware", "Validation Date": "10/17/201712/08/201702/07/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3050.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3050", "detail_available": true, "module_name": "CN6000 Series Encryptors", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The CN6000 Series are high-speed hardware encryption platforms that secure data over optical and twisted-pair Ethernet and Fibre Channel networks. Models included are the CN6100 10G Ethernet; operating at a line rate of 10Gb/s and the CN6040 Ethernet and FC selectable model, operating at data rates up to 4Gb/s. Data privacy is provided by FIPS approved AES CFB and CTR algorithms. GCM is also available for applications that demand authentication. TRANSEC (aka Traffic Flow Security or TFS) can be used to remove patterns in network traffic and prevent traffic analysis." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3049", "Certificate Number": "3049", "Vendor Name": "Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet) and ID Quantique SA", "Module Name": "CN8000 Multi-slot Encryptor", "Module Type": "Hardware", "Validation Date": "10/17/201712/08/201702/07/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3049.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3049", "detail_available": true, "module_name": "CN8000 Multi-slot Encryptor", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The CN8000 is a high-speed multi-slot hardware encryption platform that secures data over optical Ethernet and Fibre Channel networks. The CN8000 supports up to 10 high speed encryption slots. Each slot can be configured by the user to support 1-10Gb/s Ethernet or 1-8Gb/s Fibre Channel. The CN8000 module contains removable SFP+ transceivers to provide flexibility in connecting to the physical network. Data privacy is provided by FIPS approved AES CFB and CTR algorithms. GCM is also available for applications that demand authentication." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3048", "Certificate Number": "3048", "Vendor Name": "Symantec, A Division of Broadcom", "Module Name": "Blue Coat Reverse Proxy S400-20 [1], S400-30 [2], S400-40 [3], S500-10 [4], S500-20 [5] and S500-30 [6]", "Module Type": "Hardware", "Validation Date": "10/17/201711/16/201701/05/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3048.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3048", "detail_available": true, "module_name": "Blue Coat Reverse Proxy S400-20 [1], S400-30 [2], S400-40 [3], S500-10 [4], S500-20 [5] and S500-30 [6]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and the opacity baffles installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Blue Coat Reverse Proxy appliances provide a termination point where deep inspection for malware and mission-critical policy is applied to inbound traffic. The Reverse Proxy gives organizations the ability to govern traffic and payloads on a wide variety of parameters, including location, devices, clients, software, protocols, and more. It can be used with either public-facing or internally facing web servers.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDH", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3047", "Certificate Number": "3047", "Vendor Name": "Xirrus, Inc.", "Module Name": "Xirrus XR Series Wi-Fi Products", "Module Type": "Hardware", "Validation Date": "10/17/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3047.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3047", "detail_available": true, "module_name": "Xirrus XR Series Wi-Fi Products", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in Sections 9 and 10 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "802.11 wireless LAN Access Points" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3046", "Certificate Number": "3046", "Vendor Name": "Distech Controls Inc.", "Module Name": "Distech Java Cryptographic Module", "Module Type": "Firmware", "Validation Date": "10/17/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3046.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3046", "detail_available": true, "module_name": "Distech Java Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-Chip Embedded", "description": "The Distech Java Cryptographic Module provides cryptographic functionality to Distech's series of building management appliances. The module is classified under FIPS 140-2 as a firmware based, multichip-standalone module embodiment.", "algorithms": [ "AES", "DES", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3045", "Certificate Number": "3045", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "10/16/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3045.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3045", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3044", "Certificate Number": "3044", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "10/16/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3044.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3044", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3043", "Certificate Number": "3043", "Vendor Name": "CA, Inc. dba CA Technologies", "Module Name": "CA Technologies C-Security Kernel", "Module Type": "Software", "Validation Date": "10/13/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3043.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3043", "detail_available": true, "module_name": "CA Technologies C-Security Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "CA Technologies C-Security Kernel is a comprehensive suite of FIPS Approved algorithms. All key sizes and modes have been implemented to allow flexibility and efficiency.", "algorithms": [ "AES", "DES", "HMAC", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3042", "Certificate Number": "3042", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Datacryptor® 100M Ethernet", "Module Type": "Hardware", "Validation Date": "10/11/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3042.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3042", "detail_available": true, "module_name": "Datacryptor® 100M Ethernet", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When configured as indicated in Section 1 of the Security Policy with the Point-Point license", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Datacryptor® 100 Mbps Ethernet Layer 2 is rack-mountable multi-chip standalone cryptographic modules which facilitate secure data transmission across public Ethernet Layer 2 networks. The Datacryptor® uses 100BaseT ports to connect the host and public sides of the network. The Datacryptor® offers user verification services via ECDSA enabled X.509 v.3 certificates, key management based on a Elliptic Curve Diffie-Hellman key agreement scheme, and AES encryption of data passing over public networks. Management of the Datacryptor® is performed via a remote management interface." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3041", "Certificate Number": "3041", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Datacryptor® Gig Ethernet and 10 Gig Ethernet", "Module Type": "Hardware", "Validation Date": "10/11/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3041.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3041", "detail_available": true, "module_name": "Datacryptor® Gig Ethernet and 10 Gig Ethernet", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When configured as indicated in Section 1 of the Security Policy with the Point-Point license", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Datacryptor® 1 Gig Ethernet and 10 Gig Ethernet are rack-mountable multi-chip standalone cryptographic modules which facilitate secure data transmission across public Ethernet Layer 2 networks. The 1 Gig and 10 Gig units use an standard SFP/XFP optical transceivers for their host and network connections. The Datacryptor® offers user verification services via ECDSA enabled X.509 v.3 certificates, key management based on a Elliptic Curve Diffie-Hellman key agreement scheme, and AES encryption of data passing over public networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3040", "Certificate Number": "3040", "Vendor Name": "nCipher Security Limited", "Module Name": "nShield Solo XC F2", "Module Type": "Hardware", "Validation Date": "10/10/201711/07/201707/18/201806/03/201903/23/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3040.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3040", "detail_available": true, "module_name": "nShield Solo XC F2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The nShield XC F2 PCIe card, sold as nShield XC F2 PCIe server-embedded hardware security modules (HSMs) are multi-tasking HSMs optimized for symmetric and asymmetric operations on protected keys. The nShield module is FIPS 140-2 Level 2 embedded devices for applications including but not limited to PKI, SSL/TLS, Secure Manufacturing, Data Protection, Key Management and Provisioning." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3039", "Certificate Number": "3039", "Vendor Name": "Oberthur Technologies", "Module Name": "ID-One PIV on Cosmo V8.1 - SPE Configurations", "Module Type": "Hardware", "Validation Date": "10/06/201711/09/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3039.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3039", "detail_available": true, "module_name": "ID-One PIV on Cosmo V8.1 - SPE Configurations", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per the Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "ID-One PIV on Cosmo V8.1 is the next generation of Personal Identification and Verification cards, avalaible in multiple FIPS 140-2 validated configurations. The SPE configurations are extensions to the PIV/CIV configurations where the module enforces the encryption of the PIN when submitted to the module for card holder verification, regardless of the communication interface being used (contact & contactless). The EP (Enhanced Privacy) option added to the default SPE configuration prevents the leaking from the card of any traceable or PII over the contactless interface.", "algorithms": [ "AES", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3038", "Certificate Number": "3038", "Vendor Name": "SUSE, LLC", "Module Name": "SUSE Linux Enterprise Server OpenSSL Module", "Module Type": "Software", "Validation Date": "10/05/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3038.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3038", "detail_available": true, "module_name": "SUSE Linux Enterprise Server OpenSSL Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "OpenSSL is an open-source library of various cryptographic algorithms written mainly in C.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3037", "Certificate Number": "3037", "Vendor Name": "Symantec Corporation", "Module Name": "Symantec Advanced Secure Gateway S400-20 [1], S400-30 [2], S400-40 [3], S500-10 [4] and S500-20 [5]", "Module Type": "Hardware", "Validation Date": "10/04/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3037.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3037", "detail_available": true, "module_name": "Symantec Advanced Secure Gateway S400-20 [1], S400-30 [2], S400-40 [3], S500-10 [4] and S500-20 [5]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and the opacity baffles installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Symantec Advanced Secure Gateway combines the functionality of Symantec’s industry-leading ProxySG with the intelligence of the Symantec Content Analysis to offer a single, powerful web security solution that delivers world-class threat protection. The Symantec Advanced Secure Gateway is a scalable proxy designed to secure your web communications and accelerate your business applications. The Gateway’s unique proxy architecture allows it to effectively monitor, control and secure traffic to ensure a safe web and experience.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDH", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3036", "Certificate Number": "3036", "Vendor Name": "Huawei Technologies Co., Ltd.", "Module Name": "Huawei USG 6000 Series Firewall", "Module Type": "Hardware", "Validation Date": "10/04/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3036.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3036", "detail_available": true, "module_name": "Huawei USG 6000 Series Firewall", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Huawei USG6000 Series Firewalls is designed for large- and medium sized enterprises and next-generation data centers. Provide fine-grained service access control and service acceleration through context awareness by Application, Content, Time, User, Attack, or location (ACTUAL). The USG6000 integrates application-layer protection functions, such as Intrusion Prevention System (IPS), anti-virus, and URL filtering with application identification technologies to improve the threat defense efficiency and accuracy." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3035", "Certificate Number": "3035", "Vendor Name": "nCipher Security Limited", "Module Name": "nShield Solo XC F3 [1] and nShield Solo XC F3 for nShield Connect XC [2]", "Module Type": "Hardware", "Validation Date": "10/03/201711/07/201707/18/201806/03/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3035.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3035", "detail_available": true, "module_name": "nShield Solo XC F3 [1] and nShield Solo XC F3 for nShield Connect XC [2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The nShield XC F3 PCIe card, sold as nShield XC F3 PCIe server-embedded hardware security modules (HSMs) and also used in the nShield Connect XC network appliance HSMs, are multi-tasking HSMs optimized for symmetric and asymmetric operations on protected keys. The nShield modules are FIPS 140-2 Level 2 embedded devices for applications including but not limited to PKI, SSL/TLS, Secure Manufacturing, Data Protection, Key Management and Provisioning." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3034", "Certificate Number": "3034", "Vendor Name": "Symantec, A Division of Broadcom", "Module Name": "Blue Coat ProxySG S400-20 [1], S400-30 [2], S400-40 [3], S500-10 [4], S500-20 [5] and S500-30 [6]", "Module Type": "Hardware", "Validation Date": "10/02/201701/07/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3034.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3034", "detail_available": true, "module_name": "Blue Coat ProxySG S400-20 [1], S400-30 [2], S400-40 [3], S500-10 [4], S500-20 [5] and S500-30 [6]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and the opacity baffles installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Blue Coat ProxySG physical and virtual appliances are the core of Symantec’s Unified Security and Optimization solutions for business assurance. The appliances offer complete security and control of web traffic, providing rich policy constructs for threat protection, SSL traffic, authentication, filtering, data loss prevention and logging. ProxySG identifies malicious payloads and then filters, strips, blocks or replaces web content to mitigate risks and prevent data loss. The appliances also optimize web and internal application traffic for data, video, cloud and web applications.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDH", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3033", "Certificate Number": "3033", "Vendor Name": "Google, Inc.", "Module Name": "Titan Key", "Module Type": "Hardware", "Validation Date": "10/02/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3033.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3033", "detail_available": true, "module_name": "Titan Key", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Implemented with Google’s \"Titan\" secure microcontroller and custom firmware, the Titan Key is a FIPS-compliant Universal 2nd Factor (U2F) authenticator and hardware root of trust." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3032", "Certificate Number": "3032", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux 7 OpenSSH Client Cryptographic Module", "Module Type": "Software", "Validation Date": "09/29/201705/24/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3032.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3032", "detail_available": true, "module_name": "Oracle Linux 7 OpenSSH Client Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Oracle Linux OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #3017 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Oracle Linux OpenSSH Cryptographic Module is a software module that supplies cryptographic support for the SSH protocol." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3031", "Certificate Number": "3031", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux 6 OpenSSH Server Cryptographic Module", "Module Type": "Software", "Validation Date": "09/29/201706/12/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3031.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3031", "detail_available": true, "module_name": "Oracle Linux 6 OpenSSH Server Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Oracle Linux OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #3017 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Oracle Linux OpenSSH Cryptographic Module is a software module that supplies cryptographic support for the SSH protocol." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3030", "Certificate Number": "3030", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux 6 OpenSSH Client Cryptographic Module", "Module Type": "Software", "Validation Date": "09/28/201706/12/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3030.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3030", "detail_available": true, "module_name": "Oracle Linux 6 OpenSSH Client Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Oracle Linux OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #3017 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Oracle Linux OpenSSH Cryptographic Module is a software module that supplies cryptographic support for the SSH protocol." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3029", "Certificate Number": "3029", "Vendor Name": "Engage Communication, Inc.", "Module Name": "BlackVault HSM", "Module Type": "Hardware", "Validation Date": "09/27/201703/08/201807/03/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3029.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3029", "detail_available": true, "module_name": "BlackVault HSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The BlackVault HSM is a portable or embeddable Ethernet attached Hardware Security Module that combines a cryptographically advanced HSM with a Smart Card Reader and integrated touch screen display. The BlackVault HSM is a standards based security module that performs key management and cryptographic operations for: application data, regulatory compliance and critical security systems employed by governments, PKI, and enterprises. Two-factor authentication and administrator roles with M of N prevents unauthorized access to critical security parameters.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3028", "Certificate Number": "3028", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux 7 OpenSSH Server Cryptographic Module", "Module Type": "Software", "Validation Date": "09/27/201705/24/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3028.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3028", "detail_available": true, "module_name": "Oracle Linux 7 OpenSSH Server Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Oracle Linux OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #3017 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Oracle Linux OpenSSH Cryptographic Module is a software module that supplies cryptographic support for the SSH protocol." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3027", "Certificate Number": "3027", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung SCrypto Cryptographic Module", "Module Type": "Software", "Validation Date": "09/25/201710/27/201707/20/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3027.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3027", "detail_available": true, "module_name": "Samsung SCrypto Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SCrypto is secure library which is used to provide a standardized common cryptographic API to trusted applications for the secure world/TEE environment.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3026", "Certificate Number": "3026", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba 7200 Series Controllers with ArubaOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "09/22/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3026.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3026", "detail_available": true, "module_name": "Aruba 7200 Series Controllers with ArubaOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's family of Mobility Controllers are network infrastructure devices providing secure, scalable solutions for enterprise Wi-Fi, network security policy enforcement, VPN services, and wireless intrusion detection and prevention. Mobility controllers serve as central points of authentication, encryption, access control, and network coordination for all mobile network services.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3025", "Certificate Number": "3025", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba 7XXX Series Controllers with ArubaOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "09/22/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3025.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3025", "detail_available": true, "module_name": "Aruba 7XXX Series Controllers with ArubaOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's family of Mobility Controllers are network infrastructure devices providing secure, scalable solutions for enterprise Wi-Fi, network security policy enforcement, VPN services, and wireless intrusion detection and prevention. Mobility controllers serve as central points of authentication, encryption, access control, and network coordination for all mobile network services.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3024", "Certificate Number": "3024", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba AP-224 and AP-225 Wireless Access Points", "Module Type": "Hardware", "Validation Date": "09/22/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3024.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3024", "detail_available": true, "module_name": "Aruba AP-224 and AP-225 Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's 802.11ac Wi-Fi access points operate at gigabit speeds, offering extreme performance for mobile devices. In FIPS 140-2 mode, Aruba APs in conjunction with a Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also support wireless intrusion detection/prevention services and wireless mesh topologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3023", "Certificate Number": "3023", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba RAP-108 and RAP-109 Wireless Access Points", "Module Type": "Hardware", "Validation Date": "09/22/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3023.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3023", "detail_available": true, "module_name": "Aruba RAP-108 and RAP-109 Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's 802.11n wired and wireless access points offer the highest performance for mobile devices. In FIPS 140-2 mode, Aruba APs in conjunction with a Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also support wireless intrusion detection/prevention services and wireless mesh topologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3022", "Certificate Number": "3022", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba AP-214, AP-215, AP-274, AP-275, AP-277 and AP-228 Wireless Access Points", "Module Type": "Hardware", "Validation Date": "09/22/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3022.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3022", "detail_available": true, "module_name": "Aruba AP-214, AP-215, AP-274, AP-275, AP-277 and AP-228 Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's 802.11ac Wi-Fi access points operate at gigabit speeds, offering extreme performance for mobile devices. In FIPS 140-2 mode, Aruba APs in conjunction with a Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also support wireless intrusion detection/prevention services and wireless mesh topologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3021", "Certificate Number": "3021", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba AP-204, AP-205 and AP-205H Wireless Access Points", "Module Type": "Hardware", "Validation Date": "09/22/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3021.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3021", "detail_available": true, "module_name": "Aruba AP-204, AP-205 and AP-205H Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's 802.11ac Wi-Fi access points operate at gigabit speeds, offering extreme performance for mobile devices. In FIPS 140-2 mode, the AP 204, 205, & 205H support encrypted management and WPA2 tunneled pass through to Aruba Mobility Controllers. Aruba APs also support wireless intrusion detection/prevention services and wireless mesh topologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3020", "Certificate Number": "3020", "Vendor Name": "INTEGRITY Security Services", "Module Name": "INTEGRITY Security Services High Assurance Embedded Cryptographic Toolkit", "Module Type": "Software", "Validation Date": "09/21/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3020.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3020", "detail_available": true, "module_name": "INTEGRITY Security Services High Assurance Embedded Cryptographic Toolkit", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Green Hills Software/INTEGRITY Security Services (ISS) ECT is a standards-based crypto toolkit providing a flexible framework to integrate encryption, digital signatures and other security mechanisms into a wide range of applications. ISS ECT is designed to support multiple cryptographic providers with a single common API, easily targeted to a variety of Operating Systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3019", "Certificate Number": "3019", "Vendor Name": "IBM Corporation", "Module Name": "IBM® z/OS® Version 2 Release 2 ICSF PKCS #11 Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "09/21/201702/20/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3019.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3019", "detail_available": true, "module_name": "IBM® z/OS® Version 2 Release 2 ICSF PKCS #11 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module IBM(R) z/OS(R) Version 2 Release 2 Security Server RACF(R) Signature Verification Module validated to FIPS 140-2 under Cert. #2691 operating in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "ICSF is a software element of z/OS that works with hardware cryptographic features and the Security Server (RACF) to provide secure, high-speed cryptographic services in the z/OS environment. ICSF, which runs as a started task, provides the application programming interfaces by which applications request the cryptographic services.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3018", "Certificate Number": "3018", "Vendor Name": "Hewlett Packard Enterprise", "Module Name": "Hewlett Packard Enterprise SSL crypto module", "Module Type": "Software", "Validation Date": "09/21/201703/13/201804/03/201808/29/201810/01/201804/16/201905/22/201907/29/202002/11/202103/11/202103/03/202201/11/202307/11/202312/30/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3018.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3018", "detail_available": true, "module_name": "Hewlett Packard Enterprise SSL crypto module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #2038", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Hewlett Packard Enterprise SSL crypto module is the FIPS validated OpenSSL cryptographic provider for Hewlett Packard Enterprise components. The module features robust algorithm support including CNSA algorithms. The module provides services for secure communications, secure key management, data integrity and data encryption.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3017", "Certificate Number": "3017", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Linux OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "09/20/201705/17/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3017.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3017", "detail_available": true, "module_name": "Oracle Linux OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Oracle Linux OpenSSL Cryptographic Module is a software module supporting FIPS 140-2 approved cryptographic algorithms for general use by vendors." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3016", "Certificate Number": "3016", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "09/15/201706/08/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3016.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3016", "detail_available": true, "module_name": "Red Hat Enterprise Linux OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The OpenSSL FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the OpenSSL library." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3015", "Certificate Number": "3015", "Vendor Name": "NEC Corporation", "Module Name": "iPASOLINK AES MODEM Card (MODEM-AEH)", "Module Type": "Hardware", "Validation Date": "09/15/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3015.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3015", "detail_available": true, "module_name": "iPASOLINK AES MODEM Card (MODEM-AEH)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "iPASOLINK is NEC's most advanced and comprehensive optical and radio converged transport product family, in which iPASOLINK AES MODEM Card is implemented as a cryptographic module. The module provides encryption/decryption services by AES-CTR." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3014", "Certificate Number": "3014", "Vendor Name": "Enova Technology Corporation", "Module Name": "X-Wall MX+", "Module Type": "Hardware", "Validation Date": "09/13/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3014.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3014", "detail_available": true, "module_name": "X-Wall MX+", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "X-Wall MX+ is a real-time SATA-to-SATA single chip crypto module. It sits between a SATA host and a SATA device and provides in-line 6Gbps AES ECB/CBC/XTS 256-bit cryptographic throughput to the connected SATA disk drive (SSD included), including boot sector, temp files, swap files, and the operating system. X-Wall MX+ is an ASIC (Application Specific Integrated Circuit) that can be populated directly onto either the SATA host or SATA device interface. It is OS independent and doesn’t occupy host CPU and memory resources." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3013", "Certificate Number": "3013", "Vendor Name": "Enova Technology Corporation", "Module Name": "X-Wall MX+", "Module Type": "Hardware", "Validation Date": "09/13/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3013.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3013", "detail_available": true, "module_name": "X-Wall MX+", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "X-Wall MX+ is a real-time SATA-to-SATA single chip crypto module. It sits between a SATA host and a SATA device and provides in-line 6Gbps AES ECB/CBC/XTS 256-bit cryptographic throughput to the connected SATA disk drive (SSD included), including boot sector, temp files, swap files, and the operating system. X-Wall MX+ is an ASIC (Application Specific Integrated Circuit) that can be populated directly onto either the SATA host or SATA device interface. It is OS independent and doesn’t occupy host CPU and memory resources." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3012", "Certificate Number": "3012", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux GnuTLS Cryptographic Module", "Module Type": "Software", "Validation Date": "09/08/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3012.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3012", "detail_available": true, "module_name": "Red Hat Enterprise Linux GnuTLS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "GnuTLS is a secure communications library implementing the TLS and DTLS protocols. It provides a simple C language application programming interface to access the secure communications protocols as well as APIs to parse and write X.509, PCKS#12, and other required structures which is shipped with Red Hat Enterprise Linux 7.4." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3011", "Certificate Number": "3011", "Vendor Name": "Comtech EF Data Corporation", "Module Name": "Unified Crypto Module", "Module Type": "Hardware", "Validation Date": "09/07/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3011.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3011", "detail_available": true, "module_name": "Unified Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Comtech Unified Crypto Module features an FPGA to perform bulk encryption/decryption for Ethernet data traffic via Comtech Satellite Modems, as well as firmware to provide the cryptographic functions needed to act as a endpoint for secure TLS- and SSH-based management and control traffic." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3010", "Certificate Number": "3010", "Vendor Name": "Attivo Networks Inc.", "Module Name": "Attivo Cryptographic Provider", "Module Type": "Software", "Validation Date": "09/06/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3010.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3010", "detail_available": true, "module_name": "Attivo Cryptographic Provider", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Attivo Cryptographic Provider is a component of Attivo Networks’ products such as the Attivo Central Manager 200, BOTsink 3200, and BOTsink 5100. These products constitute the Attivo ThreatMatrix Deception and Response Platform which detects stolen credentials, ransomware, and targeted attacks within user networks, data centers, clouds, SCADA, and IoT environments by deceiving attackers into revealing themselves. The detections along with comprehensive attack analysis and actionable alerts empower accelerated incident response.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3009", "Certificate Number": "3009", "Vendor Name": "Amazon Web Services, Inc.", "Module Name": "AWS Key Management Service HSM", "Module Type": "Hardware", "Validation Date": "09/05/201710/17/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3009.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3009", "detail_available": true, "module_name": "AWS Key Management Service HSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Amazon AWS Key Management Service HSM is a multi-chip standalone hardware cryptographic appliance designed to provide dedicated cryptographic functions to meet the security and scalability requirements of the AWS Key Management Service (KMS). The cryptographic boundary is defined as the secure chassis of the appliance. All key materials are maintained exclusively in volatile memory in the appliance and are erased immediately upon detection of physical tampering.", "algorithms": [ "AES", "CVL", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3008", "Certificate Number": "3008", "Vendor Name": "Fatpipe, Inc.", "Module Name": "Fatpipe Crypto Module", "Module Type": "Software", "Validation Date": "08/31/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3008.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3008", "detail_available": true, "module_name": "Fatpipe Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Fatpipe Crypto Module, a patented router clustering device, is an essential part of Disaster Recovery and Business Continuity Planning for Virtual Private Network (VPN) connectivity. It is integrated with several Kernel Space cryptographic algorithms and other security mechanisms" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3007", "Certificate Number": "3007", "Vendor Name": "SafeLogic Inc.", "Module Name": "CryptoComply for Libgcrypt", "Module Type": "Software", "Validation Date": "08/28/201703/29/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3007.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3007", "detail_available": true, "module_name": "CryptoComply for Libgcrypt", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. This validation entry is a non-security relevant modification to Cert. #2657.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SafeLogic's CryptoComply for Libgcrypt is designed to provide FIPS 140-2 validated cryptographic functionality and is available for licensing.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3006", "Certificate Number": "3006", "Vendor Name": "KIOXIA Corporation", "Module Name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX05S model) Type C2", "Module Type": "Hardware", "Validation Date": "08/28/201711/09/201704/10/201810/12/201807/16/201910/02/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3006.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3006", "detail_available": true, "module_name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX05S model) Type C2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive is used for solid state drive data security. This Cryptographic Module (CM) provides various cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, cryptographic erase, independently protected user data LBA bands, and FW download." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3005", "Certificate Number": "3005", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "IPCryptR2", "Module Type": "Hardware", "Validation Date": "08/25/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3005.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3005", "detail_available": true, "module_name": "IPCryptR2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The IPCryptR2 provides secure key management and data encryption in Astro, Dimetra and Broadband Systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3004", "Certificate Number": "3004", "Vendor Name": "STMicroelectronics", "Module Name": "Trusted Platform Module ST33TPHF20SPI", "Module Type": "Hardware", "Validation Date": "08/25/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3004.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3004", "detail_available": true, "module_name": "Trusted Platform Module ST33TPHF20SPI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Section 1.7 of the Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "ST Microelectronics Trusted Platform Module is a hardware cryptographic module which implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography, as well as key generation and random number generation as defined by the Trusted Computing Group (TCG) version 2.0 specification." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3003", "Certificate Number": "3003", "Vendor Name": "Bull Atos Technologies", "Module Name": "CHR Cryptographic Module", "Module Type": "Hardware", "Validation Date": "08/24/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3003.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3003", "detail_available": true, "module_name": "CHR Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The BULL CHR is a multi-chip standalone security module providing functionality for the secure loading of applications. The CHR is the corner stone of a range of security products developed and signed by BULL as Application Provider and known as \"CRYPT2Protect HR\" and \"CRYPT2Pay HR\" product range available for different domain of applications including Banks and Financial Institutions. Additional products may be developed by Application Providers, based on the CHR." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3002", "Certificate Number": "3002", "Vendor Name": "Hewlett Packard Enterprise", "Module Name": "HPE FlexFabric 5700, 5900 and 5920 Switch Series", "Module Type": "Hardware", "Validation Date": "08/23/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3002.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3002", "detail_available": true, "module_name": "HPE FlexFabric 5700, 5900 and 5920 Switch Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels and opacity kits installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The HPE Networking devices are suitable for a range of uses: at the edge of a network, connecting server clusters in a data center, in an enterprise LAN core, and in large-scale industrial networks and campus networks. Each device is based on the HPE Comware Software, Version 7.1.045 platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3001", "Certificate Number": "3001", "Vendor Name": "KIOXIA Corporation", "Module Name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX05S model) Type C1", "Module Type": "Hardware", "Validation Date": "08/23/201709/22/201711/16/201712/08/201710/12/201807/16/201910/02/201912/06/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3001.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3001", "detail_available": true, "module_name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX05S model) Type C1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive is used for solid state drive data security. This Cryptographic Module (CM) provides various cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, cryptographic erase, independently protected user data LBA bands, and FW download." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3000", "Certificate Number": "3000", "Vendor Name": "Siemens Canada Ltd.", "Module Name": "RUGGEDCOM Ethernet Switches and RUGGEDCOM Serial Device Server", "Module Type": "Hardware", "Validation Date": "08/21/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3000.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3000", "detail_available": true, "module_name": "RUGGEDCOM Ethernet Switches and RUGGEDCOM Serial Device Server", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3. The tamper evident seals and baffles installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The RUGGEDCOM Ethernet Switches and RUGGEDCOM Serial Device Server are utility-grade, fully-managed Ethernet devices designed to operate reliably in electrically harsh and climatically demanding environments. The devices’ rugged hardware design, coupled with the embedded Rugged Operating System (ROS®) version 4.2.1.F, provides improved system reliability and advanced cybersecurity and networking features. This makes them ideally suited for creating secure Ethernet networks for mission-critical, real-time control applications.", "algorithms": [ "AES", "CVL", "DRBG", "ECDH", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2999", "Certificate Number": "2999", "Vendor Name": "Huawei Technologies Co., Ltd.", "Module Name": "Huawei R230D, R240D and R250D Remote Radio Units", "Module Type": "Hardware", "Validation Date": "08/21/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2999.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2999", "detail_available": true, "module_name": "Huawei R230D, R240D and R250D Remote Radio Units", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper-evident seals and opacity stickers installed as indicated in Section 8 of the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Huawei R230D, R240D, R250D Remote Radio Units are multi-chip standalone cryptographic modules enclosed in hard, commercial grade metal cases. The cryptographic boundary for these modules is the enclosure. The primary purpose of these modules is to provide secure communication for data transmitted between different networks. The modules provide network interfaces for data input and output." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2998", "Certificate Number": "2998", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle ILOM OpenSSL FIPS Object Module", "Module Type": "Software", "Validation Date": "08/18/201708/22/201708/22/201708/17/201808/20/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2998.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2998", "detail_available": true, "module_name": "Oracle ILOM OpenSSL FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Oracle ILOM OpenSSL FIPS Object Module is a software library providing a C language application program interface (API) for use by other processes that require cryptographic functionality and is classified by FIPS 1402 as a software module, multichip standalone module embodiment.", "algorithms": [ "AES", "DRBG", "DSA", "ECDH", "ECDSA", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2997", "Certificate Number": "2997", "Vendor Name": "SafeLogic Inc.", "Module Name": "CryptoComply for NSS", "Module Type": "Software", "Validation Date": "08/18/201702/07/201803/29/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2997.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2997", "detail_available": true, "module_name": "CryptoComply for NSS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security relevant modification to Cert. #2711", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SafeLogic's CryptoComply for NSS is designed to provide FIPS 140-2 validated cryptographic functionality and is available for licensing.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2996", "Certificate Number": "2996", "Vendor Name": "Alcatel-Lucent Enterprise USA Inc.", "Module Name": "OmniSwitch AOS 8.3.1.R01 Cryptographic Module", "Module Type": "Software", "Validation Date": "08/18/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2996.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2996", "detail_available": true, "module_name": "OmniSwitch AOS 8.3.1.R01 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3.1. When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The AOS Cryptographic Module version 8.3.1.R01 provides cryptographic functionality to Alcatel-Lucent software applications present on the Alcatel-Lucent OmniSwitch series of routers.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2995", "Certificate Number": "2995", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "Check Point Cryptographic Library", "Module Type": "Firmware", "Validation Date": "08/16/201708/18/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2995.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2995", "detail_available": true, "module_name": "Check Point Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the Security Policy Section 3 Secure Operation", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The Check Point Cryptographic Library is a firmware module that provides cryptographic services to Check Point products. The module provides a number of NIST validated cryptographic algorithms for services such as IPSec and TLS. The module provides applications with a library interface that enables them to access the various cryptographic algorithm functions supplied by the module. For the purposes of FIPS 140-2 testing, the module was evaluated running on the Check Point 12400 appliance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2994", "Certificate Number": "2994", "Vendor Name": "Huawei Technologies Co., Ltd.", "Module Name": "Huawei AP2030, AP4030, AP4130, AP5030, AP5130, AP6050, AP6150, AP7050 and AP8130 Wireless Access Points", "Module Type": "Hardware", "Validation Date": "08/14/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2994.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2994", "detail_available": true, "module_name": "Huawei AP2030, AP4030, AP4130, AP5030, AP5130, AP6050, AP6150, AP7050 and AP8130 Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in Section 5.1 of the Security Policy. The protocol TLS shall not be used when operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Huawei AP AP2030, AP4030, AP4130, AP5030, AP5130, AP6050, AP6150, AP7050 and AP8130 Wireless Access Points are multi-chip standalone cryptographic modules enclosed in hard, commercial grade plastic and metal cases. The cryptographic boundary for these modules is the enclosure. The primary purpose of these modules is to provide secure communication for data transmitted between different networks. The modules provide network interfaces for data input and output." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2993", "Certificate Number": "2993", "Vendor Name": "Huawei Technologies Co., Ltd.", "Module Name": "Huawei AD9430DN-12 Wireless Access Device", "Module Type": "Hardware", "Validation Date": "08/14/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2993.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2993", "detail_available": true, "module_name": "Huawei AD9430DN-12 Wireless Access Device", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in Section 5.1 of the Security Policy. The protocol TLS shall not be used when operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Huawei AD9430DN-12 Wireless Access Device is a multi-chip standalone cryptographic module enclosed in a hard, commercial grade metal plastic case. The cryptographic boundary for this module is the enclosure. The primary purpose of this module is to provide secure communication for data transmitted between different networks. The module provides network interfaces for data input and output." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2992", "Certificate Number": "2992", "Vendor Name": "Huawei Technologies Co., Ltd.", "Module Name": "Huawei AD9430DN-24 Wireless Access Device", "Module Type": "Hardware", "Validation Date": "08/14/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2992.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2992", "detail_available": true, "module_name": "Huawei AD9430DN-24 Wireless Access Device", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and baffles installed as indicated in Section 5.1 of the Security Policy. The protocol TLS shall not be used when operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Huawei AD9430DN-24 Wireless Access Device is a multi-chip standalone cryptographic module enclosed in a hard, commercial grade metal case. The cryptographic boundary for this module is the enclosure. The primary purpose of this module is to provide secure communication for data transmitted between different networks. The module provides network interfaces for data input and output." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2991", "Certificate Number": "2991", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung BoringSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "08/10/201710/27/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2991.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2991", "detail_available": true, "module_name": "Samsung BoringSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Provides general purpose cryptographic services to user-space applications on the mobile platform for the protection of data.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2990", "Certificate Number": "2990", "Vendor Name": "Aruba a Hewlett Packard Enterprise company", "Module Name": "Aruba 2920 Switch Series", "Module Type": "Hardware", "Validation Date": "08/10/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2990.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2990", "detail_available": true, "module_name": "Aruba 2920 Switch Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in the Security Policy Section 11", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Aruba 2920 Switch series is a scalable Basic Layer 3 switch series that delivers modular stacking, static & RIP routing, IPv6, ACLs, and sFlow for a better mobile-first campus network experience. With a powerful ProVision ASIC, the 2920 provides security, scalability, and ease of use for the enterprise campus, SMB, and branch office networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2989", "Certificate Number": "2989", "Vendor Name": "Aruba, a Hewlett Packard Enterprise company", "Module Name": "Aruba AP-324 and AP-325 Wireless Access Points", "Module Type": "Hardware", "Validation Date": "08/10/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2989.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2989", "detail_available": true, "module_name": "Aruba AP-324 and AP-325 Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's 802.11ac Wi-Fi access points operate at gigabit speeds, offering extreme performance for mobile devices. In FIPS 140-2 mode, Aruba APs in conjunction with a Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also support wireless intrusion detection/prevention services and wireless mesh topologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2988", "Certificate Number": "2988", "Vendor Name": "Citrix Systems, Inc.", "Module Name": "Citrix FIPS Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "08/10/201702/07/201908/23/201909/30/202001/06/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2988.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2988", "detail_available": true, "module_name": "Citrix FIPS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode. No assurance of the minimum strength of generated keys", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The Citrix FIPS Cryptographic Module is a software toolkit which provides various cryptographic functions to support the Citrix product portfolio.", "algorithms": [ "CVL", "DRBG", "ECDH", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2987", "Certificate Number": "2987", "Vendor Name": "Trustonic", "Module Name": "TRICX Cryptographic Library", "Module Type": "Software", "Validation Date": "08/10/201707/19/201907/24/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2987.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2987", "detail_available": true, "module_name": "TRICX Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "TRICX is a general-purpose cryptographic library designed to be statically linked with a Trusted Application running on Trustonic's Kinibi operating system in a Trusted Execution Environment." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2986", "Certificate Number": "2986", "Vendor Name": "Oberthur Technologies", "Module Name": "ID-One PIV on Cosmo V8.1", "Module Type": "Hardware", "Validation Date": "08/10/201711/09/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2986.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2986", "detail_available": true, "module_name": "ID-One PIV on Cosmo V8.1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "ID-One PIV on Cosmo V8.1 is the next generation of Personal Identification and Verification cards. It has an AES-256 Security Architecture and support both contact and contactless communications. It supports all features described in FIPS 201-2, SP800-73-4 and SP800-76-2 including Virtual Contact Interface and fingerprint on-card comparison. It can be used as a Smart Card (PIV/CIV) to provide physical and logical access control, or embedded in a hardware token for Derived Credentials. Its additional SAM capabilities make it the ideal portable HSM for the post-issuance management of PIV cards.", "algorithms": [ "AES", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2985", "Certificate Number": "2985", "Vendor Name": "Technologie Humanware", "Module Name": "HumanWare Kernel Cryptographic Module", "Module Type": "Software", "Validation Date": "08/05/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2985.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2985", "detail_available": true, "module_name": "HumanWare Kernel Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Technologie Humanware HumanWare Kernel Cryptographic Module v1.0 is a software module providing cryptographic functionality to the HumanWare BrailleNote Touch. The HumanWare Kernel Cryptographic Module provides data encryption for calling applications on the HumanWare BrailleNote Touch.", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "KAS", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2984", "Certificate Number": "2984", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco FIPS Object Module", "Module Type": "Software", "Validation Date": "08/03/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2984.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2984", "detail_available": true, "module_name": "Cisco FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 4.2 and operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco FIPS Object Module (FOM) is a software library that provides cryptographic services to a vast array of Cisco's networking and collaboration products. The module provides FIPS 140 validated cryptographic algorithms for services such as IPSEC, SRTP, SSH, TLS, 802.1x, etc. The module does not directly implement any of these protocols, instead it provides the cryptographic primitives and functions to allow a developer to implement the various protocols.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2983", "Certificate Number": "2983", "Vendor Name": "Ixia", "Module Name": "Net Tool Optimizer (NTO) 7303", "Module Type": "Hardware", "Validation Date": "08/03/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2983.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2983", "detail_available": true, "module_name": "Net Tool Optimizer (NTO) 7303", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Designed to sit between a customer’s network and security tools, the NTO 7303 is a solution that controls the flow of network traffic to destination security devices and applications. The module uses a pool of high-speed data interfaces that are intended to forward different classes of traffic based on filters applied to each interface.", "algorithms": [ "AES", "CVL", "DRBG", "HMAC", "KDF", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2982", "Certificate Number": "2982", "Vendor Name": "Ixia", "Module Name": "Vision ONE", "Module Type": "Hardware", "Validation Date": "08/03/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2982.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2982", "detail_available": true, "module_name": "Vision ONE", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with tamper evident seals installed", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Designed to sit between a customer’s network and security tools, Vision ONE is a solution that controls the flow of network traffic to destination security devices and applications. The module uses a pool of high-speed data interfaces that are intended to forward different classes of traffic based on filters applied to each interface.", "algorithms": [ "AES", "CVL", "DRBG", "HMAC", "KDF", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2981", "Certificate Number": "2981", "Vendor Name": "BlackBerry Limited", "Module Name": "BlackBerry Cryptographic Java Module", "Module Type": "Software", "Validation Date": "08/01/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2981.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2981", "detail_available": true, "module_name": "BlackBerry Cryptographic Java Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "BlackBerry is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry is a totally integrated package that includes hardware, software and service, providing a complete end-to-end solution. The BlackBerry Cryptographic Java Module is a software module that provides cryptographic services to BlackBerry products such as the BlackBerry PlayBook Administration Service, and other BlackBerry products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2980", "Certificate Number": "2980", "Vendor Name": "BlackBerry Limited", "Module Name": "Security Builder FIPS Java Module", "Module Type": "Software", "Validation Date": "08/01/201707/10/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2980.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2980", "detail_available": true, "module_name": "Security Builder FIPS Java Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Security Builder FIPS Java Module is a standards-based cryptographic toolkit written in Java. It supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into Java-based applications. The Security Builder FIPS Java Module is intended for use by developers who want government level security and can also be used in conjunction with other Certicom developer toolkits including Security Builder PKI and Security Builder SSL." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2979", "Certificate Number": "2979", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Adaptive Security Appliances Cryptographic Module", "Module Type": "Hardware", "Validation Date": "08/01/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2979.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2979", "detail_available": true, "module_name": "Cisco Adaptive Security Appliances Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy. This module contains the embedded module Cisco Firepower Cryptographic Module validated to FIPS 140-2 under Cert. #2960 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Enterprise-class firewall capabilities for the ASA devices in an array of form factors - standalone appliances tailor-made for small and midsize businesses, midsize appliances for businesses improving security . This solution offers the combination of the industry's most deployed stateful firewall with a comprehensive range of next-generation network security services.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2978", "Certificate Number": "2978", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu Strongswan Cryptographic Module", "Module Type": "Software", "Validation Date": "07/31/201708/27/201910/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2978.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2978", "detail_available": true, "module_name": "Ubuntu Strongswan Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Ubuntu OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #2888 operating in FIPS mode and with module Ubuntu Kernel Crypto API Cryptographic Module validated to FIPS140-2 under Cert. #2962 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Ubuntu Strongswan Cryptographic Module provides cryptographic services for the Internet Key Exchange (IKE) protocol in the Ubuntu Operating System user space." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2977", "Certificate Number": "2977", "Vendor Name": "Huawei Technologies Co., Ltd.", "Module Name": "Huawei S7700 Series Switches", "Module Type": "Hardware", "Validation Date": "07/31/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2977.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2977", "detail_available": true, "module_name": "Huawei S7700 Series Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy. The protocol SNMP shall not be used when operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The S7700 Smart Routing Switch (S7700 for short) is a high-end smart routing switch designed for next-generation enterprise networks. The S7700 design is based on Huawei's intelligent multi-layer switching technology to provide intelligent service optimization methods, such as MPLS VPN, traffic analysis, comprehensive QoS policies, controllable multicast, load balancing, and security, in addition to high-performance Layer 2 to Layer 3 switching services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2976", "Certificate Number": "2976", "Vendor Name": "D'Crypt Private Limited", "Module Name": "d’Cryptor® SC", "Module Type": "Hardware", "Validation Date": "07/31/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2976.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2976", "detail_available": true, "module_name": "d’Cryptor® SC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 4, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The d'cryptor SC is a single-chip (ASIC) hardware security module designed for high security assurance applications. Its bootloader accepts a firmware image after successful authentication, performs a cryptographic verification of the received image and hands control over to the firmware upon successful verification. The SC can be employed as a secure cryptographic coprocessor in security modules where it provides a secure operational environment and high-performance cryptographic support. The SC supports a multitude of interfaces, including several UARTs, SPIs, I²C and numerous GPIOs." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2975", "Certificate Number": "2975", "Vendor Name": "Western Digital Technologies, Inc. HGST, a Western Digital brand", "Module Name": "HGST Ultrastar® SS300 TCG Enterprise SSD", "Module Type": "Hardware", "Validation Date": "07/28/201709/14/201710/13/201701/11/201802/07/201804/03/201805/16/201806/20/201810/01/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2975.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2975", "detail_available": true, "module_name": "HGST Ultrastar® SS300 TCG Enterprise SSD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 2.1 and 7.2 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "HGST Self-Encrypting TCG Enterprise drives meet or exceed the most demanding performance and security requirements. Ultrastar® SS300 solid-state TCG Enterprise 2.5-inch SAS drives support multiple MLC capacities, the 12 Gbps SAS-3 Interface and multiple Drive Write Day rates." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2974", "Certificate Number": "2974", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung Kernel Cryptographic Module", "Module Type": "Software", "Validation Date": "07/27/201711/29/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2974.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2974", "detail_available": true, "module_name": "Samsung Kernel Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Provides general purpose cryptographic services to services in the Linux kernel and user-space applications, intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2973", "Certificate Number": "2973", "Vendor Name": "Bluechip Systems LLC", "Module Name": "MicroCloud X4", "Module Type": "Hardware", "Validation Date": "07/27/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2973.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2973", "detail_available": true, "module_name": "MicroCloud X4", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "No assurance of the minimum strength of generated keys.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Module is a Linux computer in a microSD form factor, providing hardware isolated cryptographic services to host devices into which it is inserted. Main functions of the Module are Cryptographic Support, User Data Protection, Security Management and Protection of the Security Functionality. The cryptographic boundary is SD bus interface of the microSD.", "algorithms": [ "AES", "HMAC", "KDF" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2972", "Certificate Number": "2972", "Vendor Name": "Huawei Technologies Co., Ltd.", "Module Name": "Huawei S5720-SI & S5720-LI Series Switches", "Module Type": "Hardware", "Validation Date": "07/27/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2972.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2972", "detail_available": true, "module_name": "Huawei S5720-SI & S5720-LI Series Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and external baffles installed as indicated in the Security Policy. The protocol SNMP shall not be used when operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy (applies to S5720-52X-LI-AC, S5720-28X-PWR-LI-AC, S5720-12TP-LI-AC and S5720-12TP-PWR-LI-AC).", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The S5720 series Ethernet switches are next-generation energy-saving switches developed by Huawei to meet the demand for high-bandwidth access and Ethernet multi-service aggregation. Based on cutting-edge hardware and Huawei Versatile Routing Platform (VRP) software, the S5720 provides a large switching capacity, high reliability (double power slots and hardware Ethernet OAM), and high-density GE ports to accommodate 10 Gbit/s upstream transmissions. The S5720 is available in a lite (LI) series, a standard (SI) series, an enhanced (EI) series, and a hyper (HI) series." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2971", "Certificate Number": "2971", "Vendor Name": "Huawei Technologies Co., Ltd.", "Module Name": "Huawei S5720-EI Series Switches", "Module Type": "Hardware", "Validation Date": "07/27/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2971.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2971", "detail_available": true, "module_name": "Huawei S5720-EI Series Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and external baffles installed as indicated in the Security Policy. The protocol SNMP shall not be used when operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The S5720 series Ethernet switches are next-generation energy-saving switches developed by Huawei to meet the demand for high-bandwidth access and Ethernet multi-service aggregation. Based on cutting-edge hardware and Huawei Versatile Routing Platform (VRP) software, the S5720 provides a large switching capacity, high reliability (double power slots and hardware Ethernet OAM), and high-density GE ports to accommodate 10 Gbit/s upstream transmissions. The S5720 is available in a lite (LI) series, a standard (SI) series, an enhanced (EI) series, and a hyper (HI) series." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2970", "Certificate Number": "2970", "Vendor Name": "Gemalto", "Module Name": "Prime PIV v2.1 Applet on TOP DL V2.1 platform", "Module Type": "Firmware-Hybrid", "Validation Date": "07/26/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2970.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2970", "detail_available": true, "module_name": "Prime PIV v2.1 Applet on TOP DL V2.1 platform", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Firmware-Hybrid", "embodiment": "Single Chip", "description": "« Prime PIV v2.1 » is a FIPS201-2 smart card running on TOP DL V2.1 platform, which complies with the latest version of NIST SP800-73-4 and NIST SP800-85A-4. The product can be used over Contact and Contactless interfaces (ISO 7816 & 14443). Algorithms have been optimized to comply with NIST SP800-78-4 (AES CMAC for OPACITY secure messaging).", "algorithms": [ "AES", "DES", "DRBG", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2968", "Certificate Number": "2968", "Vendor Name": "Huawei Technologies Co., Ltd.", "Module Name": "Huawei AR2240, AR3260 and AR169FGVW-L Series Routers", "Module Type": "Hardware", "Validation Date": "07/25/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2968.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2968", "detail_available": true, "module_name": "Huawei AR2240, AR3260 and AR169FGVW-L Series Routers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and external baffles installed as indicated in the Security Policy. The protocols IKEv1 and SNMP shall not be used when operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "ARs are located between an enterprise network and a public network, functioning as the only ingress and egress for data transmitted between the two networks. The deployment of various network services over the ARs reduces operation & maintenance (O&M) costs as well as those associated with establishing an enterprise network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2967", "Certificate Number": "2967", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "07/26/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2967.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2967", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2966", "Certificate Number": "2966", "Vendor Name": "Allegro Software Development Corporation", "Module Name": "Allegro Cryptographic Engine", "Module Type": "Software", "Validation Date": "07/20/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2966.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2966", "detail_available": true, "module_name": "Allegro Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Allegro’s suite of Embedded Device Security toolkits makes embedding standards-based security protocols into resource sensitive embedded systems and consumer electronics fast, easy and reliable. The Allegro Cryptographic Engine (ACE) is a cryptographic library module specifically engineered for embedded devices. The module provides embedded systems developers with an easily understood software interface to enable bulk encryption and decryption, message digests, digital signature creation and validation and key generation and exchange. For full details see www.allegrosoft.com/ace.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2965", "Certificate Number": "2965", "Vendor Name": "Dolby Laboratories, Inc.", "Module Name": "IMS3-SM", "Module Type": "Hardware", "Validation Date": "07/19/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2965.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2965", "detail_available": true, "module_name": "IMS3-SM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The IMS3-SM is the module that contains the Security Manager present in the Dolby Laboratories, Inc. IMS3000 (for hardware models IMS3-41, IMS3-42, IMS3-43) that can be hosted inside D-Cinema DLP projectors. It supports highest JPEG-2000 decoding capabilities and accepts alternative content as well." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2964", "Certificate Number": "2964", "Vendor Name": "Google, Inc.", "Module Name": "BoringCrypto", "Module Type": "Software", "Validation Date": "07/19/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2964.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2964", "detail_available": true, "module_name": "BoringCrypto", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 12.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "A software library that contains cryptographic functionality to serve BoringSSL and other user-space applications.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2963", "Certificate Number": "2963", "Vendor Name": "Western Digital Corporation", "Module Name": "Ultrastar® He¹² and Ultrastar® DC HC 520 TCG Enterprise HDD", "Module Type": "Hardware", "Validation Date": "07/18/201708/31/201710/04/201701/10/201807/27/201808/17/201801/31/201903/04/201904/30/201906/03/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2963.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2963", "detail_available": true, "module_name": "Ultrastar® He¹² and Ultrastar® DC HC 520 TCG Enterprise HDD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 2.1 and 7.2 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Self-encrypting Ultrastar® He¹² and Ultrastar® DC HC520 TCG Enterprise HDDs, from Western Digital, meet or exceed the most demanding performance and security requirements. They incorporate fourth-generation HelioSeal® technology, use PMR technology and are the industry's first 12TB drive that is drop-in ready for any enterprise-capacity application or environment. Targeted at 2.5M hours MTBF, the Ultrastar He¹² and Ultrastar DC HC520 provide the highest reliability rating available of all HDDs on the market today. They build on the design success of their 10TB, 8TB and 6TB predecessors." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2962", "Certificate Number": "2962", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "07/18/201703/24/202010/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2962.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2962", "detail_available": true, "module_name": "Ubuntu Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Ubuntu Kernel Crypto API module is a software module running as part of the operating system kernel that provides general purpose cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2961", "Certificate Number": "2961", "Vendor Name": "128 Technology", "Module Name": "128 Technology Cryptographic Module", "Module Type": "Software", "Validation Date": "07/18/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2961.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2961", "detail_available": true, "module_name": "128 Technology Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security relevant modification to Cert. #2038.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The 128T Networking Platform is a software-based, distributed routing and network services solution. The 128T Networking Platform uses Secure Vector Routing to simplify network architectures and provide fine-grained, end-to-end control and visibility. 128T runs on general-purpose computer and allows a wide range of deployment models - from remote branch offices to high-capacity network edges to hyper-scale data centers. The platform enables greater security and agility by distributing intelligence throughout the network - without disrupting your existing network infrastructure. The 128 Tech", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2960", "Certificate Number": "2960", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Firepower Cryptographic Module", "Module Type": "Firmware", "Validation Date": "07/17/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2960.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2960", "detail_available": true, "module_name": "Cisco Firepower Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The module is designed to help you handle network traffic in a way that complies with your organization's security policy for protecting your network. The system can affect the flow of traffic using access control, which allows you to specify, in a granular fashion, how to handle the traffic entering, exiting, and traversing your network. All the information gathered from it can be used to filter and control that traffic.", "algorithms": [ "AES", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2959", "Certificate Number": "2959", "Vendor Name": "Infineon Technologies AG", "Module Name": "Trusted Platform Module 2.0 SLB 9660/SLB 9665/SLB 9670", "Module Type": "Hardware", "Validation Date": "07/17/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2959.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2959", "detail_available": true, "module_name": "Trusted Platform Module 2.0 SLB 9660/SLB 9665/SLB 9670", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode as specified in Security Policy Sections 1.1 and 8.1", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The TPM is a single chip module that provides computer manufacturers with the core components of a subsystem used to assure authenticity, integrity and confidentiality in e-commerce and internet communications within a Trusted Computing Platform. The TPM is a complete solution implementing the Trusted Platform Module Library Specification, Family \"2.0\", Level 00, Revision 01.16, October 2014 (ISO/IEC 11889:2015, Parts 1-4). See http://www.trustedcomputinggroup.org/ for further information on TCG and TPM.", "algorithms": [ "AES", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2958", "Certificate Number": "2958", "Vendor Name": "UTC Fire & Security Americas Corporation, Inc.", "Module Name": "Lenel OnGuard Access Control Cryptographic Module", "Module Type": "Software", "Validation Date": "07/13/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2958.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2958", "detail_available": true, "module_name": "Lenel OnGuard Access Control Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with [(Windows 10 Cryptographic Primitives Library (BCRYPT) validated to FIPS 140-2 under Cert. #2606 operating in FIPS mode), (Windows Server 2012 R2 and Windows 8.1 Cryptographic Primitives Library (BCRYPT) validated to FIPS 140-2 under Cert. #2357 operating in FIPS mode), or (Windows 8 and Windows Server 2012 Cryptographic Primitives Library (BCRYPT) validated to FIPS 140-2 under Cert. #1892 operating in FIPS mode)]", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Lenel OnGuard Access Control Cryptographic Module's primary purpose is to provide secure communications with external access control devices. The module is part of the Lenel's advanced access control and alarm monitoring system which is built on an open architecture platform and offers unlimited scalability, database segmentation, fault tolerance, and biometrics and smart card support. The Lenel advanced access control and alarm monitoring system is fully customizable, and can be seamlessly integrated into the OnGuard total security solution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2957", "Certificate Number": "2957", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Corporation Windows Embedded Compact Enhanced Cryptographic Provider 7.00.2872 and Microsoft Corporation Windows Embedded Compact Enhanced Cryptographic Provider 8.00.6246", "Module Type": "Software", "Validation Date": "07/12/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2957.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2957", "detail_available": true, "module_name": "Microsoft Corporation Windows Embedded Compact Enhanced Cryptographic Provider 7.00.2872 and Microsoft Corporation Windows Embedded Compact Enhanced Cryptographic Provider 8.00.6246", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Microsoft Windows CE and Windows Mobile Enhanced Cryptographic Provider (RSAENH) is a general-purpose, software-based, cryptographic module for Windows CE and Windows Mobile. It can be dynamically linked into applications by software developers to permit the use of general-purpose cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2956", "Certificate Number": "2956", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll)", "Module Type": "Software", "Validation Date": "07/11/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2956.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2956", "detail_available": true, "module_name": "Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Microsoft Windows Cryptographic Primitives Library is a general purpose, software-based, cryptographic module. The primitive provider functionality is offered through one cryptographic module, BCRYPT.DLL (versions 7.00.2872 and 8.00.6246), subject to FIPS 140-2 validation. BCRYPT.DLL provides cryptographic services, through its documented interfaces, to Windows Embedded Compact 7 and 2013 components and applications running on Windows Embedded Compact 7 and 2013." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2955", "Certificate Number": "2955", "Vendor Name": "Hewlett Packard Enterprise", "Module Name": "HPE FlexNetwork 7500 and HPE FlexFabric 7900 and 12904 Switch Series", "Module Type": "Hardware", "Validation Date": "07/11/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2955.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2955", "detail_available": true, "module_name": "HPE FlexNetwork 7500 and HPE FlexFabric 7900 and 12904 Switch Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The HPE Networking devices are suitable for a range of uses: at the edge of a network, connecting server clusters in a data center, in an enterprise LAN core, and in large-scale industrial networks and campus networks. Each device is based on the HPE Comware Software, Version 7.1.045 platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2954", "Certificate Number": "2954", "Vendor Name": "Hewlett Packard Enterprise", "Module Name": "HPE FlexNetwork MSR1000, MSR2000, MSR3000 and MSR4000 Router Series", "Module Type": "Hardware", "Validation Date": "07/11/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2954.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2954", "detail_available": true, "module_name": "HPE FlexNetwork MSR1000, MSR2000, MSR3000 and MSR4000 Router Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The HPE Networking devices are suitable for a range of uses: at the edge of a network, connecting server clusters in a data center, in an enterprise LAN core, and in large-scale industrial networks and campus networks. Each device is based on the HPE Comware Software, Version 7.1.045 platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2953", "Certificate Number": "2953", "Vendor Name": "Attivo Networks Inc.", "Module Name": "Attivo Cryptographic Module", "Module Type": "Software", "Validation Date": "07/07/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2953.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2953", "detail_available": true, "module_name": "Attivo Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Attivo Cryptographic Module is a component of Attivo Networks’ products such as the Attivo Central Manager 200, BOTsink 3200, and BOTsink 5100. These products constitute the Attivo ThreatMatrix Deception and Response Platform which detects stolen credentials, ransomware, and targeted attacks within user networks, data centers, clouds, SCADA, and IoT environments by deceiving attackers into revealing themselves. The detections along with comprehensive attack analysis and actionable alerts empower accelerated incident response.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2952", "Certificate Number": "2952", "Vendor Name": "Singlewire Software", "Module Name": "InformaCast Java Crypto Library", "Module Type": "Software", "Validation Date": "07/07/201705/15/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2952.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2952", "detail_available": true, "module_name": "InformaCast Java Crypto Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security relevant modification to Cert. #2804", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "InformaCast transforms devices on your network into a powerful system for IP paging and emergency alerting. InformaCast contains Java libraries that feature robust FIPS 140-2 validated algorithm support.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2951", "Certificate Number": "2951", "Vendor Name": "Singlewire Software", "Module Name": "InformaCast C Crypto Library", "Module Type": "Software", "Validation Date": "07/07/201703/03/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2951.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2951", "detail_available": true, "module_name": "InformaCast C Crypto Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #2038.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "InformaCast transforms devices on your network into a powerful system for IP paging and emergency alerting. InformaCast contains C libraries that feature robust FIPS 140-2 validated algorithm support.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2950", "Certificate Number": "2950", "Vendor Name": "Hypersecu Information Systems Inc.", "Module Name": "HyperPKI™ HYP2003", "Module Type": "Hardware", "Validation Date": "07/06/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2950.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2950", "detail_available": true, "module_name": "HyperPKI™ HYP2003", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "HyperPKI™ HYP2003 token is a portable two-factor USB token advanced with smart card technology. HYP2003 utilizes digital certificate based technologies to generate and store credentials, such as private keys, passwords and digital certificates inside the secured smart card chip. It is designed to provide strong authentication and identification and to support network login, secure online transactions, digital signatures, and sensitive data protection.", "algorithms": [ "AES", "DES", "DRBG", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2949", "Certificate Number": "2949", "Vendor Name": "Hewlett Packard Enterprise", "Module Name": "Aruba 5400R zl2 Switch Series", "Module Type": "Hardware", "Validation Date": "07/06/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2949.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2949", "detail_available": true, "module_name": "Aruba 5400R zl2 Switch Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in the Security Policy Section 11", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The HP 5400 Switch series consists of Layer 2/3/4 switches which support integrated advanced capabilities in chassis (6-slot and 12-slot) form factor and offer maximum flexibility, life time warranty and lowered TCO." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2948", "Certificate Number": "2948", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SRX5400, SRX5600, and SRX5800 Services Gateways with Junos 15.1X49-D75", "Module Type": "Hardware", "Validation Date": "07/06/201707/28/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2948.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2948", "detail_available": true, "module_name": "Juniper Networks SRX5400, SRX5600, and SRX5800 Services Gateways with Junos 15.1X49-D75", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with tamper-evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Juniper Networks® SRX5400, SRX5600, and SRX5800 Services Gateways are next-gen intelligent security platforms ideally suited for service provider, large enterprise, and public sector networks. Based on a revolutionary architecture offering superior protection, performance, scalability, services integration, and six nines of carrier-grade reliability the SRX5000 series are custom designed to deliver the highest level of protection incorporating advanced services such as application security, Unified Threat Management (UTM), Intrusion Prevention (IPS), and integrated threat intelligence.", "algorithms": [ "AES", "CVL", "DES", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2947", "Certificate Number": "2947", "Vendor Name": "NCoded Communications LLC", "Module Name": "NCoded Cryptographic Mobile Module", "Module Type": "Software", "Validation Date": "07/05/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2947.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2947", "detail_available": true, "module_name": "NCoded Cryptographic Mobile Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security relevant modification to Cert. #1938.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "NCoded Cryptographic Mobile (NCM) Module is a standards-based \"Drop-in Compliance\" cryptographic engine for mobile devices. The module delivers core cryptographic functions to the mobile devices and features robust algorithm support, including Suite B algorithms. NCM offloads functions for secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2945", "Certificate Number": "2945", "Vendor Name": "TCL Communication Ltd.", "Module Name": "TCT Crypto Engine", "Module Type": "Hardware", "Validation Date": "06/23/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2945.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2945", "detail_available": true, "module_name": "TCT Crypto Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "TCT Crypto Engine high throughput storage data encryption and decryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2944", "Certificate Number": "2944", "Vendor Name": "TCL Communication Ltd.", "Module Name": "TCT Random Number Generator", "Module Type": "Hardware", "Validation Date": "06/23/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2944.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2944", "detail_available": true, "module_name": "TCT Random Number Generator", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "TCT Random Number Generator is a hardware random number generator that provides cryptographic functions through on-chip entropy sources and hash based DRBG" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2943", "Certificate Number": "2943", "Vendor Name": "TCL Communication Ltd.", "Module Name": "TCT Crypto Engine Core", "Module Type": "Hardware", "Validation Date": "06/23/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2943.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2943", "detail_available": true, "module_name": "TCT Crypto Engine Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "TCT Crypto Engine Core is a general purpose cryptographic hardware engine capable of securely processing various confidentiality and integrity algorithms across multiple execution environments" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2942", "Certificate Number": "2942", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung Flash Memory Protector V1.2", "Module Type": "Software-Hybrid", "Validation Date": "06/23/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2942.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2942", "detail_available": true, "module_name": "Samsung Flash Memory Protector V1.2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The driver for the on-the-fly Hardware encryption module to flash memory for Disk/File Encryption solution. The hardware module supports AES with CBC mode and XTS-AES cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2941", "Certificate Number": "2941", "Vendor Name": "nCipher Security Limited", "Module Name": "nShield Solo XC F3 [1] and nShield Solo XC F3 for nShield Connect XC [2]", "Module Type": "Hardware", "Validation Date": "06/23/201711/07/201708/07/201806/03/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2941.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2941", "detail_available": true, "module_name": "nShield Solo XC F3 [1] and nShield Solo XC F3 for nShield Connect XC [2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When installed, initialized and configured as specified in Section 5.2.3 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The nShield XC F3 PCIe card, sold as nShield XC F3 PCIe server-embedded hardware security modules (HSMs) and also used in the nShield Connect XC network appliance HSMs, are multi-tasking HSMs optimized for symmetric and asymmetric operations on protected keys. The nShield modules are FIPS 140-2 Level 3 embedded devices for applications including but not limited to PKI, SSL/TLS, Secure Manufacturing, Data Protection, Key Management and Provisioning." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2940", "Certificate Number": "2940", "Vendor Name": "Hewlett Packard Enterprise", "Module Name": "HPE FlexNetwork 10500 and HPE FlexFabric 12500 and 12900 Switch Series", "Module Type": "Hardware", "Validation Date": "06/28/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2940.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2940", "detail_available": true, "module_name": "HPE FlexNetwork 10500 and HPE FlexFabric 12500 and 12900 Switch Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels and opacity kits installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The HPE Networking devices are suitable for a range of uses: at the edge of a network, connecting server clusters in a data center, in an enterprise LAN core, and in large-scale industrial networks and campus networks. Each device is based on the HPE Comware Software, Version 7.1.045 platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2939", "Certificate Number": "2939", "Vendor Name": "NCoded Communications LLC", "Module Name": "NCoded Cryptographic Server Module", "Module Type": "Software", "Validation Date": "06/22/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2939.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2939", "detail_available": true, "module_name": "NCoded Cryptographic Server Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security relevant modification to Cert. #2038.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "NCoded Cryptographic Server Module is a standards-based \"Drop-in Compliance\" cryptographic engine for servers and appliances. The module delivers core cryptographic functions to mobile platforms and features robust algorithm support, including Suite B algorithms. NCoded Cryptographic Server Module offloads functions for secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2938", "Certificate Number": "2938", "Vendor Name": "Microsoft Corporation", "Module Name": "Secure Kernel Code Integrity (skci.dll) in Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016", "Module Type": "Software", "Validation Date": "01/26/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2938.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2938", "detail_available": true, "module_name": "Secure Kernel Code Integrity (skci.dll) in Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with the module Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 under Cert. #2935 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Secure Kernel Code Integrity (SKCI) running in the Virtual Secure Mode (VSM) of the Hyper-V hypervisor will only grant execute access to physical pages in the kernel that have been successfully verified. Executable pages will not have write permission outside of Hyper-V. Therefore, only verified code can be executed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2937", "Certificate Number": "2937", "Vendor Name": "Microsoft Corporation", "Module Name": "Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016, Azure Host OS (version 1.65)", "Module Type": "Software", "Validation Date": "01/26/201708/09/201903/04/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2937.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2937", "detail_available": true, "module_name": "Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016, Azure Host OS (version 1.65)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with the modules Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 under Cert. #2935 or #3510 operating in FIPS mode and Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 validated to FIPS 140-2 under Cert. #2936 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) provides cryptographic services to Windows components and applications. It includes cryptographic algorithms in an easy-to-use cryptographic module via the Cryptography Next Generation (CNG) API. It can be dynamically linked into applications for the use of general-purpose FIPS 140-2 validated cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2936", "Certificate Number": "2936", "Vendor Name": "Microsoft Corporation", "Module Name": "Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016, Azure Host OS (version 1.65)", "Module Type": "Software", "Validation Date": "01/26/201708/07/201909/01/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2936.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2936", "detail_available": true, "module_name": "Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016, Azure Host OS (version 1.65)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules BitLocker(R) Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 validated to FIPS 140-2 under Cert. #2932 or #3502 operating in FIPS mode or BitLocker(R) Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 validated to FIPS 140-2 under Cert. #2933 or #3501 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Kernel Mode Cryptographic Primitives Library (cng.sys) runs as a kernel mode export driver, and provides cryptographic services, through their documented interfaces, to Windows kernel components. It supports several cryptographic algorithms accessible via a FIPS function table request IRP (I/O request packet)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2935", "Certificate Number": "2935", "Vendor Name": "Microsoft Corporation", "Module Name": "Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016, Azure Host OS (version 1.65)", "Module Type": "Software", "Validation Date": "01/26/201701/27/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2935.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2935", "detail_available": true, "module_name": "Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016, Azure Host OS (version 1.65)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules BitLocker(R) Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 validated to FIPS 140-2 under Cert. #2932 operating in FIPS mode or BitLocker(R) Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 validated to FIPS 140-2 under Cert. #2933 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Code Integrity (ci.dll) verifies the integrity of executable files, including kernel mode drivers, critical system components, and user mode cryptographic modules as they are loaded into memory from the disk." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2934", "Certificate Number": "2934", "Vendor Name": "Microsoft Corporation", "Module Name": "BitLocker® Dump Filter (dumpfve.sys) in Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016, Azure Host OS (version 1.65)", "Module Type": "Software", "Validation Date": "01/26/201701/27/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2934.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2934", "detail_available": true, "module_name": "BitLocker® Dump Filter (dumpfve.sys) in Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016, Azure Host OS (version 1.65)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with the module Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016, Azure Host OS (version 1.65) under Cert. #2935 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The BitLocker® Dump Filter (dumpfve.sys) is the full volume encryption filter that resides in the system dump stack. Whenever the dump stack is called (in the event of a system crash or for hibernation), this filter ensures that all data is encrypted before it gets written to the disk as a dump file or hibernation file." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2933", "Certificate Number": "2933", "Vendor Name": "Microsoft Corporation", "Module Name": "BitLocker® Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016", "Module Type": "Software", "Validation Date": "01/26/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2933.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2933", "detail_available": true, "module_name": "BitLocker® Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Boot Manager in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 validated to FIPS 140-2 under Cert. #2931 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "BitLocker® Windows Resume is an operating system loader which loads the Windows OS kernel (ntoskrnl.exe) and other boot stage binary image files, as well as previous operating system state information, when Windows has been previously put into a sleep or hibernate power state." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2932", "Certificate Number": "2932", "Vendor Name": "Microsoft Corporation", "Module Name": "BitLocker® Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016, Azure Host OS (version 1.65)", "Module Type": "Software", "Validation Date": "01/26/201709/01/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2932.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2932", "detail_available": true, "module_name": "BitLocker® Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016, Azure Host OS (version 1.65)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Boot Manager in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 validated to FIPS 140-2 under Cert. #2931 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The BitLocker® Windows OS Loader loads the boot-critical driver and OS kernel image files." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2931", "Certificate Number": "2931", "Vendor Name": "Microsoft Corporation", "Module Name": "Boot Manager in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016, Azure Host OS (version 1.65)", "Module Type": "Software", "Validation Date": "01/26/201709/01/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2931.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2931", "detail_available": true, "module_name": "Boot Manager in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016, Azure Host OS (version 1.65)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Windows system boot manager is called by the bootstrapping code that resides in the boot sector. It checks its own integrity, checks the integrity of the Windows OS Loader, and then launches it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2930", "Certificate Number": "2930", "Vendor Name": "Hewlett Packard Enterprise", "Module Name": "HPE FlexNetwork 5130EI, 5130HI, 5510HI and FlexFabric 5930 Switch Series", "Module Type": "Hardware", "Validation Date": "06/21/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2930.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2930", "detail_available": true, "module_name": "HPE FlexNetwork 5130EI, 5130HI, 5510HI and FlexFabric 5930 Switch Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The HPE Networking devices are suitable for a range of uses: at the edge of a network, connecting server clusters in a data center, in an enterprise LAN core, and in large-scale industrial networks and campus networks. Each device is based on the HPE Comware Software, Version 7.1.045 platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2929", "Certificate Number": "2929", "Vendor Name": "DataLocker Inc.", "Module Name": "Sentry - Encrypted USB Flash Drive", "Module Type": "Hardware", "Validation Date": "06/21/201706/18/201808/01/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2929.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2929", "detail_available": true, "module_name": "Sentry - Encrypted USB Flash Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Sentry - Encrypted USB Flash Drive is a Secure USB 3.0 flash drive with 256-bit AES hardware encryption and PKI operations combined with strong, built-in password protection capabilities to help control user access to sensitive data and critical applications. The Sentry - Encrypted USB Flash Drive allows enterprise class device management features like policy updates, password recovery and remote kill features." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2928", "Certificate Number": "2928", "Vendor Name": "Kingston Technology Company, Inc.", "Module Name": "Kingston DataTraveler 2000", "Module Type": "Hardware", "Validation Date": "06/20/201707/14/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2928.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2928", "detail_available": true, "module_name": "Kingston DataTraveler 2000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "This validation entry is rebranding from Cert. #2688", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Kingston DataTraveler 2000 Secure USB Flash Drive (\"Kingston DT2000\" or \"DT2000\") is an encrypted storage device that provides a secure way to store and transfer data. User authentication is self-contained via an on-board keypad. User data is protected by hardware-based 256-bit AES encryption to secure sensitive information in the event that the drive is lost or stolen." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2927", "Certificate Number": "2927", "Vendor Name": "Hewlett Packard Enterprise", "Module Name": "HPE FlexNetwork MSR3024 Router Series", "Module Type": "Hardware", "Validation Date": "06/20/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2927.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2927", "detail_available": true, "module_name": "HPE FlexNetwork MSR3024 Router Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The HPE Networking devices are suitable for a range of uses: at the edge of a network, connecting server clusters in a data center, in an enterprise LAN core, and in large-scale industrial networks and campus networks. Each device is based on the HPE Comware Software, Version 7.1.045 platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2926", "Certificate Number": "2926", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SRX5400, SRX5600, and SRX5800 Services Gateways", "Module Type": "Hardware", "Validation Date": "06/19/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2926.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2926", "detail_available": true, "module_name": "Juniper Networks SRX5400, SRX5600, and SRX5800 Services Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper-evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Juniper Networks SRX Series Services Gateways provide the essential capabilities necessary to connect, secure, and manage enterprise and service provider networks, from the smallest sites to the largest headquarters and data centers.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2925", "Certificate Number": "2925", "Vendor Name": "Huawei Technologies Co., Ltd.", "Module Name": "Huawei AC6605 Wireless Access Controller", "Module Type": "Hardware", "Validation Date": "06/19/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2925.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2925", "detail_available": true, "module_name": "Huawei AC6605 Wireless Access Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper-evident seals and external baffles installed as indicated in the Security Policy. The protocols IKEv1, SNMP and TLS shall not be used when operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Huawei Access Controller (AC) are multi-chip standalone cryptographic modules enclosed in hard, commercial grade metal cases. The cryptographic boundary for these modules is the enclosure. The primary purpose of these modules is to handle the configuration of wireless access-points. The modules provide network interfaces for data input and output." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2924", "Certificate Number": "2924", "Vendor Name": "Huawei Technologies Co., Ltd.", "Module Name": "Huawei AC6005 Wireless Access Controller", "Module Type": "Hardware", "Validation Date": "06/19/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2924.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2924", "detail_available": true, "module_name": "Huawei AC6005 Wireless Access Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and external baffles installed as indicated in the Security Policy. The protocols IKE, SNMP and TLS shall not be used when operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Huawei Access Controller (AC) are multi-chip standalone cryptographic modules enclosed in hard, commercial grade metal cases. The cryptographic boundary for these modules is the enclosure. The primary purpose of these modules is to handle the configuration of wireless access-points. The modules provide network interfaces for data input and output." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2923", "Certificate Number": "2923", "Vendor Name": "Symantec Corporation", "Module Name": "Security Analytics Appliance (Models: SA-S500-10-CM, SA-S500-20-FA, SA-S500-30-FA, and SA-S500-40-FA)", "Module Type": "Hardware", "Validation Date": "06/19/201706/22/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2923.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2923", "detail_available": true, "module_name": "Security Analytics Appliance (Models: SA-S500-10-CM, SA-S500-20-FA, SA-S500-30-FA, and SA-S500-40-FA)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When configured as specified in Section 3.1 and tamper-evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Security Analytics Appliances (SA-S500-10-CM, SA-S500-20-FA, SA-S500-30-FA, and SA-S500-40-FA) are part of Symantec’s Incident Response and Forensics solutions. The appliances harness the Security Analytics software to capture, enrich and reconstruct all network traffic (including full packets) in real time. The appliances can be deployed anywhere in the network to deliver clear, actionable intelligence for swift incident response and resolution and real-time network forensics.", "algorithms": [ "AES", "CVL", "DRBG", "ECDH", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2922", "Certificate Number": "2922", "Vendor Name": "STMicroelectronics", "Module Name": "Trusted Platform Module ST33TPHF2ESPI", "Module Type": "Hardware", "Validation Date": "06/16/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2922.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2922", "detail_available": true, "module_name": "Trusted Platform Module ST33TPHF2ESPI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "ST Microelectronics Trusted Platform Module is a hardware cryptographic module which implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography, as well as key generation and random number generation as defined by the Trusted Computing Group (TCG) version 1.2 and version 2.0 specification." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2921", "Certificate Number": "2921", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SRX1400, SRX3400, and SRX3600 Services Gateways", "Module Type": "Hardware", "Validation Date": "06/14/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2921.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2921", "detail_available": true, "module_name": "Juniper Networks SRX1400, SRX3400, and SRX3600 Services Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper-evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Juniper Networks SRX Series Services Gateways provide the essential capabilities necessary to connect, secure, and manage enterprise and service provider networks, from the smallest sites to the largest headquarters and data centers.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "KTS", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2920", "Certificate Number": "2920", "Vendor Name": "NXP Semiconductors", "Module Name": "NXP JCOP 3 SecID P60 OSA", "Module Type": "Hardware", "Validation Date": "06/14/201711/29/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2920.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2920", "detail_available": true, "module_name": "NXP JCOP 3 SecID P60 OSA", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "NXP Semiconductors offers JCOP, a secure Java Card Operating System based on several independent 3rd party specifications, such as Java Card 3.0.4 specifications, the GlobalPlatform card specifications 2.2.1 and few International Organization for Standards (like ISO7816), EMV (Europay, MasterCard and VISA) and others. By adhering to these standards JCOP 3 SECID P60 ensures large interoperability with third-party applets providers, card issuers as well as all existing Smart Card infrastructures." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2919", "Certificate Number": "2919", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Firepower 4100 and Cisco Firepower 9300 Series", "Module Type": "Hardware", "Validation Date": "06/01/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2919.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2919", "detail_available": true, "module_name": "Cisco Firepower 4100 and Cisco Firepower 9300 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy. This module contains the embedded module Cisco ASA Cryptographic Module validated to FIPS 140-2 under Cert. #2898 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Next generation security services platforms capable of running multiple security services simultaneously. Providing firewall (NGFW), traffic management Cisco Firepower 4100 Series is a family of four threat threat-focused NGFW security platforms. While the Cisco Firepower 9300 is a scalable carrier-grade, modular platform designed for service providers, high-performance computing centers. These are all next generation security services platforms capable of running multiple (firewall (NGFW), traffic management) security services simultaneously.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2918", "Certificate Number": "2918", "Vendor Name": "Viptela", "Module Name": "Viptela Cryptographic Module", "Module Type": "Software", "Validation Date": "05/30/201706/02/201703/15/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2918.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2918", "detail_available": true, "module_name": "Viptela Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #2038.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Viptela Cryptographic Module is a fundamental component of Viptela's security functionality. It is used for authentication of users and devices as well as to provide high scalability data protection for Software Defined Wide Area Networks (SD-WANs).", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2917", "Certificate Number": "2917", "Vendor Name": "Futurex", "Module Name": "GSP3000 Hardware Security Module", "Module Type": "Hardware", "Validation Date": "05/30/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2917.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2917", "detail_available": true, "module_name": "GSP3000 Hardware Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The GSP3000 is a general purpose cryptographic module incorporated into multiple Futurex products to ensure data confidentiality, integrity, and authenticity. It is designed to meet and exceed compliance mandates and security best practices in environments requiring enterprise-class protection for sensitive information." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2916", "Certificate Number": "2916", "Vendor Name": "Kaspersky Lab UK Ltd.", "Module Name": "Kaspersky Cryptographic Module (Pre-Boot)", "Module Type": "Software", "Validation Date": "05/30/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2916.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2916", "detail_available": true, "module_name": "Kaspersky Cryptographic Module (Pre-Boot)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Kaspersky Cryptographic Module (Pre-Boot) is a set of software libraries that provide cryptographic services for Kaspersky Lab FDE solution in pre-boot environment.", "algorithms": [ "AES", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2915", "Certificate Number": "2915", "Vendor Name": "Hewlett Packard Enterprise", "Module Name": "Hewlett Packard Enterprise libgcrypt Crypto Module", "Module Type": "Software", "Validation Date": "05/30/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2915.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2915", "detail_available": true, "module_name": "Hewlett Packard Enterprise libgcrypt Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. This validation entry is a non-security relevant modification to Cert. #2657.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Hewlett Packard Enterprise libgcrypt Crypto Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for Hewlett Packard Enterprise components." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2914", "Certificate Number": "2914", "Vendor Name": "Huawei Technologies Co., Ltd.", "Module Name": "Huawei S6720EI Series Switches", "Module Type": "Hardware", "Validation Date": "05/26/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2914.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2914", "detail_available": true, "module_name": "Huawei S6720EI Series Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and external baffles installed as indicated in the Security Policy. The protocol SNMP shall not be used when operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The S6720 has industry-leading performance and provides up to 24 or 48 line-speed 10GE ports. It can be used in a data center to provide 10 Gbit/s access to servers or function as a core switch on a campus network to provide 10 Gbit/s traffic aggregation. In addition, the S6720 provides a wide variety of services, comprehensive security policies, and various QoS features to help customers build scalable, manageable, reliable, and secure data centers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2913", "Certificate Number": "2913", "Vendor Name": "Mocana Corporation", "Module Name": "Mocana Cryptographic Loadable Kernel Module", "Module Type": "Software", "Validation Date": "05/24/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2913.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2913", "detail_available": true, "module_name": "Mocana Cryptographic Loadable Kernel Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Mocana Cryptographic Loadable Kernel Module (Software Version 6.4.1f) is a software only, multi-chip standalone cryptographic module that runs on a general purpose computer. The primary purpose of this module is to provide FIPS Approved cryptographic routines to consuming applications via an Application Programming Interface." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2912", "Certificate Number": "2912", "Vendor Name": "EMC Corporation", "Module Name": "Unity 12 Gb/s SAS I/O Module with Encryption", "Module Type": "Hardware", "Validation Date": "05/16/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2912.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2912", "detail_available": true, "module_name": "Unity 12 Gb/s SAS I/O Module with Encryption", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The EMC Unity 12 Gb/s SAS I/O Module with Encryption is a high-density SAS controller chipset executing specialized firmware that provides Data At Rest Encryption (D@RE) for EMC Unity storage arrays. It implements 256-bit AES-XTS encryption/decryption to encrypt and decrypt data as it is being written to or read from a SAS drive. The two variants are the Storage Processor SAS Module variant which is embedded on the printed circuit board (PCB) of the Storage Processor and the Pluggable I/O SAS Module variant which is embedded on the PCB of a pluggable I/O Module.", "algorithms": [ "AES", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2911", "Certificate Number": "2911", "Vendor Name": "F5 Networks", "Module Name": "Cryptographic Module for BIG-IP®", "Module Type": "Software", "Validation Date": "05/15/201706/06/201810/25/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2911.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2911", "detail_available": true, "module_name": "Cryptographic Module for BIG-IP®", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Cryptographic library offering various cryptographic mechanisms to BIG-IP® Virtual Edition." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2910", "Certificate Number": "2910", "Vendor Name": "Huawei Technologies Co., Ltd.", "Module Name": "Huawei S12700 Series Switches", "Module Type": "Hardware", "Validation Date": "05/15/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2910.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2910", "detail_available": true, "module_name": "Huawei S12700 Series Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy. The protocol SNMP shall not be used when operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Huawei S12700 series agile switches are core switches designed for next-generation campus networks. Using a fully programmable switching architecture, the S12700 series allows fast, flexible function customization and supports a smooth evolution to software-defined networking (SDN) The S12700 series uses Huawei Ethernet Network Processor (ENP) and provides native wireless access controller (AC) to help build a wired and wireless converged network. Its uniform user management capabilities deliver refined user and service management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2909", "Certificate Number": "2909", "Vendor Name": "Arista Networks, Inc.", "Module Name": "Arista EOS Crypto Module v1.0", "Module Type": "Software", "Validation Date": "05/15/201701/28/201907/10/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2909.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2909", "detail_available": true, "module_name": "Arista EOS Crypto Module v1.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Arista’s crypto library is a comprehensive suite of FIPS Approved algorithms. Many key sizes and modes have been implemented to allow flexibility and efficiency.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "KDF", "RSA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2908", "Certificate Number": "2908", "Vendor Name": "Hewlett Packard Enterprise", "Module Name": "Hewlett Packard Enterprise NSS Crypto Module", "Module Type": "Software", "Validation Date": "05/13/201705/01/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2908.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2908", "detail_available": true, "module_name": "Hewlett Packard Enterprise NSS Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security relevant modification to Cert. #2711.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Hewlett Packard Enterprise NSS Crypto Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for Hewlett Packard Enterprise components.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2907", "Certificate Number": "2907", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu OpenSSH Client Cryptographic Module", "Module Type": "Software", "Validation Date": "05/10/201708/09/201903/23/202110/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2907.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2907", "detail_available": true, "module_name": "Ubuntu OpenSSH Client Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Ubuntu OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #2888 [1][2] and #3725 [3] operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Ubuntu OpenSSH Client cryptographic module provides the client-side component for an SSH protocol version 2 protected communication channel. Its cryptographic mechanisms use the OpenSSL library in FIPS 140-2 mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2906", "Certificate Number": "2906", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu OpenSSH Server Cryptographic Module", "Module Type": "Software", "Validation Date": "05/10/201708/09/201903/23/202110/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2906.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2906", "detail_available": true, "module_name": "Ubuntu OpenSSH Server Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Ubuntu OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #2888 [1][2] and #3725 [3] operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Ubuntu OpenSSH Server cryptographic module provides the server-side component for an SSH protocol version 2 protected communication channel. Its cryptographic mechanisms use the OpenSSL library in FIPS 140-2 mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2905", "Certificate Number": "2905", "Vendor Name": "Becrypt Limited", "Module Name": "Becrypt Cryptographic Library", "Module Type": "Software-Hybrid", "Validation Date": "05/10/201704/05/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2905.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2905", "detail_available": true, "module_name": "Becrypt Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The Becrypt Cryptographic Library provides core cryptographic functionality for Becrypt's security products providing a capability to develop complex and flexible security applications that require cryptographic functionality for pre-OS (16-bit), 32-bit and 64-bit operating environments.", "algorithms": [ "AES", "DRBG", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2904", "Certificate Number": "2904", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade® NetIron® CER 2000 Series Ethernet Routers and Brocade NetIron® CES 2000 Series Ethernet Switches", "Module Type": "Hardware", "Validation Date": "05/10/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2904.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2904", "detail_available": true, "module_name": "Brocade® NetIron® CER 2000 Series Ethernet Routers and Brocade NetIron® CES 2000 Series Ethernet Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident labels installed and configured as specified in Section 12 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Brocade NetIron CER 2000 Series is a family of compact routers that are purpose-built for high-performance Ethernet edge routing and MPLS applications. The Brocade NetIron CES2000 Series of switches provides IP routing and advanced Carrier Ethernet capabilities in a compact form factor.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2903", "Certificate Number": "2903", "Vendor Name": "Toshiba Memory Corporation", "Module Name": "Toshiba TCG Enterprise SSC Self-Encrypting Solid State Drive (PX05S model) Type B1", "Module Type": "Hardware", "Validation Date": "05/10/201709/14/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2903.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2903", "detail_available": true, "module_name": "Toshiba TCG Enterprise SSC Self-Encrypting Solid State Drive (PX05S model) Type B1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Toshiba TCG Enterprise SSC Self-Encrypting Solid State Drive is used for solid state drive data security. This Cryptographic Module (CM) provides various cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, cryptographic erase, independently protected user data LBA bands, and FW download." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2902", "Certificate Number": "2902", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Firepower Next-Generation IPS Virtual (NGIPSv) Cryptographic Module", "Module Type": "Software", "Validation Date": "05/09/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2902.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2902", "detail_available": true, "module_name": "Cisco Firepower Next-Generation IPS Virtual (NGIPSv) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The virtualized offering of the Cisco FirePOWER next-generation IPS (NGIPS) solution providing the Industry-leading threat protection. Real-time contextual awareness. Full-stack visibility. Intelligent security automation. This virtualized highly effective intrusion prevention system provides reliable performance and a low total cost of ownership. Threat protection can be expanded with optional subscription licenses to provide Advanced Malware Protection (AMP), application visibility and control, and URL filtering capabilities.", "algorithms": [ "AES", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2901", "Certificate Number": "2901", "Vendor Name": "Huawei Technologies Co., Ltd.", "Module Name": "Huawei AR1200 and AR2200 Series Routers", "Module Type": "Hardware", "Validation Date": "05/08/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2901.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2901", "detail_available": true, "module_name": "Huawei AR1200 and AR2200 Series Routers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy. The protocols IKEv1 and SNMP shall not be used when operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "ARs are located between an enterprise network and a public network, functioning as the only ingress and egress for data transmitted between the two networks. The deployment of various network services over the ARs reduces operation & maintenance (O&M) costs as well as those associated with establishing an enterprise network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2900", "Certificate Number": "2900", "Vendor Name": "SAP SE", "Module Name": "SAP CommonCryptoLib Crypto Kernel", "Module Type": "Software", "Validation Date": "05/05/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2900.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2900", "detail_available": true, "module_name": "SAP CommonCryptoLib Crypto Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SAP CommonCryptoLib Crypto Kernel v8.4.47.0 is a shared library, i.e. it consists of software only. SAP CommonCryptoLib Crypto Kernel provides an API in terms of C++ methods for key management and operation of cryptographic functions.", "algorithms": [ "DES", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2899", "Certificate Number": "2899", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Firepower Management Center Virtual (FMCv) Cryptographic Module", "Module Type": "Software", "Validation Date": "05/04/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2899.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2899", "detail_available": true, "module_name": "Cisco Firepower Management Center Virtual (FMCv) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Firepower Management Center Virtual working like the Firepower Management Center appliance aggregates and correlates network traffic information and performance data, assessing the impact of events on particular hosts. You can monitor the information that your device reports, and assess and control the overall activity that occurs on your network. The FMCv also controls the network management features on your devices: switching, routing, NAT and VPN.", "algorithms": [ "AES", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2898", "Certificate Number": "2898", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ASA Cryptographic Module", "Module Type": "Hardware", "Validation Date": "05/04/201705/12/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2898.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2898", "detail_available": true, "module_name": "Cisco ASA Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The market-leading Cisco ASA delivering robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA provides comprehensive security, performance, and reliability for network environments.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2897", "Certificate Number": "2897", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Firepower Management Center Cryptographic Modules", "Module Type": "Hardware", "Validation Date": "05/04/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2897.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2897", "detail_available": true, "module_name": "Cisco Firepower Management Center Cryptographic Modules", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Firepower Management Center provides complete and unified management over firewalls, application control, intrusion prevention, URL filtering, and advanced malware protection, easily go from managing a firewall to controlling applications to investigating and remediating malware outbreaks. You can monitor the information that your device reports, and assess and control the overall activity that occurs on your network. The FMC also controls the network management features on your devices: switching, routing, NAT and VPN.", "algorithms": [ "AES", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2896", "Certificate Number": "2896", "Vendor Name": "Pulse Secure, LLC", "Module Name": "Pulse Secure Cryptographic Module", "Module Type": "Software", "Validation Date": "05/03/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2896.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2896", "detail_available": true, "module_name": "Pulse Secure Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Pulse Secure's portfolio delivers Secure Access solutions for people, devices, things and services. It includes Pulse Connect Secure - the most reliable and feature rich VPN, Pulse Policy Secure - powerful Network Access Control (NAC) with granular network visibility and access control, Pulse Workspace - simplified enterprise mobility management (EMM), Pulse One - centralized management, and the Pulse Unified Client - a single client to connest them all. Together they provide users with secure remote, campus, mobile, and cloud access based on their role, identity, device and location.", "algorithms": [ "AES", "CVL", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2895", "Certificate Number": "2895", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Aironet 1532e/i, 1552e/i, 1572 EAC, 1602e/i, 1702i, 2602e/i, 2702e/i, 3502e/i, 3602e/i/p, 3702e/i/p and IW3702-2E/4E Wireless LAN Access Points", "Module Type": "Hardware", "Validation Date": "05/02/201705/15/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2895.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2895", "detail_available": true, "module_name": "Cisco Aironet 1532e/i, 1552e/i, 1572 EAC, 1602e/i, 1702i, 2602e/i, 2702e/i, 3502e/i, 3602e/i/p, 3702e/i/p and IW3702-2E/4E Wireless LAN Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident seals installed as indicated in the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Cisco Aironet Series Wireless Access Points provide highly secure and reliable wireless connections for both indoor and outdoor environments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2894", "Certificate Number": "2894", "Vendor Name": "General Dynamics Mission Systems", "Module Name": "Fortress Mesh Points", "Module Type": "Hardware", "Validation Date": "04/28/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2894.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2894", "detail_available": true, "module_name": "Fortress Mesh Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. The protocols SNMP and TLS shall not be used when operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Fortress Mesh Point is an all-in-one network access device housed in a rugged compact chassis, with the most stringent security available today built in. It can serve as a wireless bridge, a WLAN access point, and an eight-port LAN switch, while performing all the functions of a Fortress controller device: encrypting wireless traffic and providing Multi-factor Authentication for devices on the network it protects." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2893", "Certificate Number": "2893", "Vendor Name": "Panasonic Corporation", "Module Name": "Panasonic Cryptographic Module", "Module Type": "Software", "Validation Date": "04/27/201712/09/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2893.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2893", "detail_available": true, "module_name": "Panasonic Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Panasonic Cryptographic Module provides high performance cryptographic processing for embedded devices.", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2892", "Certificate Number": "2892", "Vendor Name": "Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)", "Module Name": "CN9000 Series Encryptors", "Module Type": "Hardware", "Validation Date": "04/26/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2892.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2892", "detail_available": true, "module_name": "CN9000 Series Encryptors", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The CN9000 Series Encryptors are high-speed hardware encryption platforms that secure data over optical Ethernet networks. The model included is the CN9100 100G Ethernet Encryptor, operating at a line rate of 100Gb/s. Data privacy is provided by FIPS approved AES CTR algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2891", "Certificate Number": "2891", "Vendor Name": "Vormetric, Inc.", "Module Name": "Vormetric Application Encryption Module", "Module Type": "Software", "Validation Date": "04/25/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2891.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2891", "detail_available": true, "module_name": "Vormetric Application Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 10 of the Security Policy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Vormetric Application Encryption is a library to simplify integrating application-level encryption into existing corporate applications. The application encryption library provides a set of documented standard-based APIs used to perform cryptographic and encryption key management operations. The innovative product design enables developers to choose to standard AES encryption or schema maintaining Format Preserving Encryption (FPE). Vormetric Application Encryption removes the complexity and risk of implementing an in-house encryption and key management solution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2890", "Certificate Number": "2890", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "04/25/201703/26/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2890.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2890", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "module_type": "Hardware", "embodiment": "Multi-Chip Embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2889", "Certificate Number": "2889", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Aironet 1562 e/i/d/ps, 2802 e/i and 3802 e/i/p Wireless LAN Access Points", "Module Type": "Hardware", "Validation Date": "04/25/201709/24/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2889.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2889", "detail_available": true, "module_name": "Cisco Aironet 1562 e/i/d/ps, 2802 e/i and 3802 e/i/p Wireless LAN Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident seals installed as indicated in the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Cisco Aironet Series Wireless Access Points provide highly secure and reliable wireless connections for both indoor and outdoor environments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2888", "Certificate Number": "2888", "Vendor Name": "Canonical Ltd.", "Module Name": "Ubuntu OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "04/24/201706/06/201702/27/202010/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2888.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2888", "detail_available": true, "module_name": "Ubuntu OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "OpenSSL is an open-source library of various cryptographic algorithms written mainly in C." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2887", "Certificate Number": "2887", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-VM Virtual Appliance", "Module Type": "Software", "Validation Date": "04/21/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2887.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2887", "detail_available": true, "module_name": "FortiGate-VM Virtual Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. There is no assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiGate-VM appliances are software modules designed to execute on a General Purpose Computer (GPC) hardware platform running the VMware hypervisor and FortiOS 5.2. The FortiOS provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering and traffic shaping and HA capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2885", "Certificate Number": "2885", "Vendor Name": "SonicWall, Inc.", "Module Name": "SonicWall v11.4 EX6000, EX7000, EX9000, SMA 6200, SMA 7200", "Module Type": "Hardware", "Validation Date": "04/19/201706/12/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2885.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2885", "detail_available": true, "module_name": "SonicWall v11.4 EX6000, EX7000, EX9000, SMA 6200, SMA 7200", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When configured as specified in Section 8 and tamper-evident seals installed as indicated in the Security Policy and operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "SonicWall Software SRA EX6000, SMA 6200, SRA EX7000, SMA 7200 and SRA EX9000 are part of the SonicWall Security Solution Enterprise product family. They provide hardware appliance based VPN Virtual Private Network mobile access solutions to a wide variety of end user devices including Microsoft Windows, Apple OSX, Linux, Apple iOS, Google Android and Google Chromebook among others." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2884", "Certificate Number": "2884", "Vendor Name": "Mercury Systems, Inc.", "Module Name": "Mercury Systems ASURRE-Stor™ SSD", "Module Type": "Hardware", "Validation Date": "04/19/201712/18/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2884.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2884", "detail_available": true, "module_name": "Mercury Systems ASURRE-Stor™ SSD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Mercury Systems ASURRE-Stor™ SSD implements an industry standard 2.5\" secure solid state hard drive. Unlike many secure SSDs, the ASURRE-Stor™ SSD does not depend on a TPM device, TCG, or OPAL to implement security. Instead the ASURRE-Stor™ SSD implements security using AES-256 XTS encryption and several key management techniques that are compatible with the ATA specification. These techniques provide superior and flexible solutions for mission critical defense applications and have no requirements for unencrypted shadow MBR sectors or 3rd party OPAL software.", "algorithms": [ "AES", "DRBG", "ECDSA", "HMAC", "KDF", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2883", "Certificate Number": "2883", "Vendor Name": "HGST, a Western Digital company", "Module Name": "HGST Ultrastar C15K600 TCG Enterprise HDDs", "Module Type": "Hardware", "Validation Date": "04/18/201705/23/201711/09/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2883.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2883", "detail_available": true, "module_name": "HGST Ultrastar C15K600 TCG Enterprise HDDs", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "HGST Self-Encrypting Drives implement TCG Storage specifications, and meet or exceed the most demanding performance and security requirements. The Ultrastar C15K600 series are 12Gbs SAS, TCG Enterprise HDDs." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2882", "Certificate Number": "2882", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "04/25/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2882.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2882", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2881", "Certificate Number": "2881", "Vendor Name": "SPYRUS, Inc.", "Module Name": "SPYCOS 3.0 microSDHC™ TrustedFlash Module", "Module Type": "Hardware", "Validation Date": "04/13/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2881.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2881", "detail_available": true, "module_name": "SPYCOS 3.0 microSDHC™ TrustedFlash Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The SPYCOS 3.0 microSDHC™ TrustedFlash Module integrates a FIPS 140-2 Level 3 PKI hardware security module employing efficient elliptic curve cryptography with a hardware-based AES 256-bit encrypted flash for secure user data storage. It provides high assurance hardware encryption services to protect data at rest and the authentication services for strong two-factor authentication for any network or cloud service." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2880", "Certificate Number": "2880", "Vendor Name": "HGST, a Western Digital company", "Module Name": "HGST Ultrastar® C10K1800 TCG Enterprise HDD", "Module Type": "Hardware", "Validation Date": "04/11/201705/23/201706/01/201708/15/201709/11/201711/09/201706/12/201810/12/201803/07/201905/22/202009/02/202006/09/202112/14/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2880.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2880", "detail_available": true, "module_name": "HGST Ultrastar® C10K1800 TCG Enterprise HDD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 7.2 of the Security Policy and operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "HGST Self-Encrypting Drives implement TCG Storage specifications, and meet or exceed the most demanding performance and security requirements. The Ultrastar C10K1800 series are 12Gbs SAS, TCG Enterprise HDDs." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2879", "Certificate Number": "2879", "Vendor Name": "Barco n.v.", "Module Name": "Barco ICMP", "Module Type": "Hardware", "Validation Date": "04/11/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2879.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2879", "detail_available": true, "module_name": "Barco ICMP", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. The protocol TLS shall not be used when operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "DCI compliant Barco integrated Image Media Block." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2878", "Certificate Number": "2878", "Vendor Name": "Axon Enterprise, Inc", "Module Name": "Axon Cryptographic Module", "Module Type": "Software", "Validation Date": "04/06/201703/15/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2878.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2878", "detail_available": true, "module_name": "Axon Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #2038.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Axon Cryptographic Module is a software cryptographic module that provides core cryptographic functions for secure key management, data integrity, and secure communications to Axon cloud based services.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2877", "Certificate Number": "2877", "Vendor Name": "WatchGuard Technologies, Inc.", "Module Name": "WatchGuard Firebox T10[1], T10-W[2], T30[3], T30-W[4], T50[5], T50-W[6]", "Module Type": "Hardware", "Validation Date": "04/06/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2877.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2877", "detail_available": true, "module_name": "WatchGuard Firebox T10[1], T10-W[2], T30[3], T30-W[4], T50[5], T50-W[6]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper-evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "WatchGuard® Firebox appliances are built for enterprise-grade performance with blazing throughput and numerous connectivity options. Advanced networking features include clustering, high availability (active/active), VLAN support, multi-WAN load balancing and enhanced VoIP security, plus inbound and outbound HTTPS inspection, to give the strong security enterprises need. And the FIREBOX appliances are completely configurable - turn on or off components and services to fit different network security deployment requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2876", "Certificate Number": "2876", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "KMF/Wave/Traffic CryptR", "Module Type": "Hardware", "Validation Date": "04/06/201704/25/201803/15/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2876.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2876", "detail_available": true, "module_name": "KMF/Wave/Traffic CryptR", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The KMF/Wave/Traffic CryptR provides encryption and decryption services for secure key management, Over-the-Air-Rekeying (OTAR), secure data traffics, and secure voice traffics for the Motorola’s Key Management Facility (KMF) and the Motorola's Wave Systems. The KMF and KMF CryptR combine to provide cryptographic services for Motorola’s APCO-25 compliant Astro™ radio systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2875", "Certificate Number": "2875", "Vendor Name": "Forcepoint", "Module Name": "Forcepoint C Cryptographic Module", "Module Type": "Software", "Validation Date": "04/05/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2875.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2875", "detail_available": true, "module_name": "Forcepoint C Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy and operated in FIPS in mode. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security relevant modification to Cert. #1747", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Forcepoint produces a family of web, e-mail and data security solutions that can be deployed on pre-configured, security hardened hardware or as customer installable software. The Forcepoint C Crypto Module provides support for cryptographic and secure communications services for these solutions.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2874", "Certificate Number": "2874", "Vendor Name": "Barracuda Networks", "Module Name": "Barracuda KTINA FIPS Crypto Module", "Module Type": "Software", "Validation Date": "04/05/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2874.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2874", "detail_available": true, "module_name": "Barracuda KTINA FIPS Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated with the module \"Barracuda Cryptographic Software Module\" validated to FIPS 140-2 under Cert. #2458", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Barracuda KTINA FIPS Crypto Module is a Linux kernel module library that provides fundamental cryptographic functions for applications in Barracuda security products that require FIPS 140-2 approved cryptographic functions.", "algorithms": [ "AES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2873", "Certificate Number": "2873", "Vendor Name": "Dell EMC", "Module Name": "VMAX 6 Gb/s SAS I/O Module with Encryption", "Module Type": "Hardware", "Validation Date": "04/04/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2873.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2873", "detail_available": true, "module_name": "VMAX 6 Gb/s SAS I/O Module with Encryption", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Dell EMC Data at Rest Encryption provides hardware-based, on-array, back-end encryption for Dell EMC storage systems, including the Symmetrix VMAX. Data at Rest Encryption protects information from unauthorized access when drives are physically removed from the system and also offers a convenient means of decommissioning all drives in the system at once. Dell EMC 6Gb/s SAS I/O modules implement AES-XTS 256-bit encryption on all drives in the system. These modules encrypt and decrypt data as it is being written to or read from a drive." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2871", "Certificate Number": "2871", "Vendor Name": "Dell EMC", "Module Name": "VMAX 12 Gb/s SAS I/O Module with Encryption", "Module Type": "Hardware", "Validation Date": "03/28/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2871.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2871", "detail_available": true, "module_name": "VMAX 12 Gb/s SAS I/O Module with Encryption", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Dell EMC Data at Rest Encryption provides hardware-based, on-array, back-end encryption for Dell EMC storage systems, including VMAX. Data at Rest Encryption protects information from unauthorized access when drives are physically removed from the system and also offers a convenient means of decommissioning all drives in the system at once. Dell EMC 12Gb/s SAS I/O modules implement AES-XTS 256-bit encryption on all drives in the system. These modules encrypt and decrypt data as it is being written to or read from a drive." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2870", "Certificate Number": "2870", "Vendor Name": "INTEGRITY Security Services", "Module Name": "INTEGRITY Security Services High Assurance Embedded Cryptographic Toolkit", "Module Type": "Firmware", "Validation Date": "03/28/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2870.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2870", "detail_available": true, "module_name": "INTEGRITY Security Services High Assurance Embedded Cryptographic Toolkit", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 2.4.1 of the Security Policy. No assurance of the minimum strength of generated keys.", "module_type": "Firmware", "embodiment": "Multi-Chip Embedded", "description": "Green Hills Software/INTEGRITY Security Services (ISS) ECT is a standards-based crypto toolkit providing a flexible framework to integrate encryption, digital signatures and other security mechanisms into a wide range of applications. ISS ECT is designed to support multiple cryptographic providers with a single common API, easily targeted to a variety of Operating Systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2869", "Certificate Number": "2869", "Vendor Name": "Aviat Networks, Inc.", "Module Name": "Aviat Networks Eclipse Cryptographic Module", "Module Type": "Hardware", "Validation Date": "03/27/201703/29/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2869.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2869", "detail_available": true, "module_name": "Aviat Networks Eclipse Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. Installation of components shall be configured per Section 2.2.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "This cryptographic module performs encryption of data carried over a microwave radio link." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2868", "Certificate Number": "2868", "Vendor Name": "Tavve Software Company", "Module Name": "Tavve Cryptographic Module", "Module Type": "Software", "Validation Date": "03/24/201703/30/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2868.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2868", "detail_available": true, "module_name": "Tavve Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #2804.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Tavve Cryptographic Module provides cryptographic functions for Tavve's ZoneRanger and Ranger Gateway applications.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2867", "Certificate Number": "2867", "Vendor Name": "Hewlett Packard®, Enterprise", "Module Name": "HPE LTO-6 Tape Drive", "Module Type": "Hardware", "Validation Date": "03/23/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2867.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2867", "detail_available": true, "module_name": "HPE LTO-6 Tape Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and initialized to Overall Level 1 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "HP LTO-6 tape drives help to keep pace with data growth with up to 6.25TB compressed data storage per cartridge and capable of compressed data transfer rates of up to 400MB/sec. Ground breaking LTFS technology makes LTO-6 tapes as easy to use as disk and enables easy file access, reliable long term archive retrieval and simpler transportability between systems. LTO-6 tape drives also provide easy-to-enable security to protect the most sensitive data and prevent unauthorized access of tape cartridges with AES 256-bit hardware data encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2866", "Certificate Number": "2866", "Vendor Name": "VMware, Inc.", "Module Name": "VMware Java JCE (Java Cryptographic Extension) Module", "Module Type": "Software", "Validation Date": "03/22/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2866.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2866", "detail_available": true, "module_name": "VMware Java JCE (Java Cryptographic Extension) Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The VMware Java JCE (Java Cryptographic Extension) Module is a software cryptographic module based on the Legion of the Bouncy Castle Inc. FIPS Java API (BC-FJA) Module (SW Version 1.0.0). The module is a software library that provides cryptographic functions to various VMware applications via a well-defined Java-language application program interface (API).", "algorithms": [ "AES", "DES", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2865", "Certificate Number": "2865", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade® DCX, DCX 8510-8, DCX-4S and DCX 8510-4 Backbones, 6510 and 6520 FC Switches, and 7800 Extension Switch", "Module Type": "Hardware", "Validation Date": "03/21/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2865.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2865", "detail_available": true, "module_name": "Brocade® DCX, DCX 8510-8, DCX-4S and DCX 8510-4 Backbones, 6510 and 6520 FC Switches, and 7800 Extension Switch", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and when tamper evident labels are installed as indicated in the Security Policy. The protocol SNMP shall not be used when operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Brocade DCX, DCX 8510-8, DCX-4S and DCX 8510-4 Backbones and the 6510 and 6520 Switch provide a reliable, scalable Fibre Channel switching infrastructure with market-leading 16 Gbps technology and capabilities that support demanding, enterprise-class private cloud storage and highly virtualized environments. The Brocade 7800 Extension Switch provides fast, reliable WN/MAN connectivity for remote data replication, backup, and migration with Fibre Channel and advanced Fibre Channel over IP (FCIP) technology." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2864", "Certificate Number": "2864", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade® MLXe® Series Ethernet Routers, Brocade® NetIron® CER 2000 Series Ethernet Routers and Brocade NetIron® CES 2000 Series Ethernet Switches", "Module Type": "Hardware", "Validation Date": "03/21/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2864.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2864", "detail_available": true, "module_name": "Brocade® MLXe® Series Ethernet Routers, Brocade® NetIron® CER 2000 Series Ethernet Routers and Brocade NetIron® CES 2000 Series Ethernet Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident labels installed and configured as specified in Section 14 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Brocade NetIron CER 2000 Series is a family of compact routers that are purpose-built for high performance Ethernet edge routing and MPLS applications.The Brocade NetIron CES 2000 Series of switches provides IP routing and advanced Carrier Ethernet capabilities in a compact form factor. Brocade MLXe Series routers feature industry-leading Gigabit Ethernet ports with wire-speed density; advanced Layer 2 switching; rich IPv4, IPv6, Multi-VRF, MPLS, L2/L3 Virtual Private Networks (VPN),IKEv2/IPsec and PHY based MACsec capabilities without compromising performance.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDH", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2863", "Certificate Number": "2863", "Vendor Name": "WatchGuard Technologies, Inc.", "Module Name": "WatchGuard Firebox M200[1], M300[2], M400[3], M500[4], M440[5], M4600[6], M5600[7]", "Module Type": "Hardware", "Validation Date": "03/16/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2863.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2863", "detail_available": true, "module_name": "WatchGuard Firebox M200[1], M300[2], M400[3], M500[4], M440[5], M4600[6], M5600[7]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper-evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "WatchGuard® Firebox appliances are built for enterprise-grade performance with blazing throughput and numerous connectivity options. Advanced networking features include clustering, high availability (active/active), VLAN support, multi-WAN load balancing and enhanced VoIP security, plus inbound and outbound HTTPS inspection, to give the strong security enterprises need. And the FIREBOX appliances are completely configurable - turn on or off components and services to fit different network security deployment requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2862", "Certificate Number": "2862", "Vendor Name": "Utimaco Inc.", "Module Name": "Enterprise Secure Key Manager", "Module Type": "Hardware", "Validation Date": "03/10/201712/14/201712/04/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2862.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2862", "detail_available": true, "module_name": "Enterprise Secure Key Manager", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Utimaco Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2861", "Certificate Number": "2861", "Vendor Name": "Dell, Inc.", "Module Name": "Dell Crypto Library for Dell iDRAC, Dell CMC and Dell OME-M", "Module Type": "Software", "Validation Date": "03/15/201701/30/201809/10/201801/28/201902/19/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2861.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2861", "detail_available": true, "module_name": "Dell Crypto Library for Dell iDRAC, Dell CMC and Dell OME-M", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. This validation entry is rebranding from Cert. #2496. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Dell Cryptographic Module v2.4 is used within various Dell products including the Dell iDRAC8 and Dell CMC. The Integrated Dell Remote Access Controller 8 (Dell iDRAC8) is designed to improve the overall manageability and availability of Dell PowerEdge Servers. The Dell Chassis Management Controller (Dell CMC) is a systems management component designed to manage one or more Dell PowerEdge Systems containing Blade Servers.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2860", "Certificate Number": "2860", "Vendor Name": "DocuSign, Inc.", "Module Name": "DocuSign HSM Appliance", "Module Type": "Hardware", "Validation Date": "03/08/201710/03/201704/10/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2860.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2860", "detail_available": true, "module_name": "DocuSign HSM Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. This module contains the embedded module eToken 5105 validated to FIPS 140-2 under Cert. #1883 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "DocuSign HSM Appliance is a high-performance cryptographic service provider. It performs high-speed cryptographic operations while protecting sensitive data. Its features include Triple-DES, AES, Triple-DES MAC, CCM, HMAC, RSA, ECDSA, SHA-1, SHA-256, SHA-384, SHA-512, public key database and certificate support, authenticated and encrypted communication with the module, secure storage of secret/private keys, software key medium and smartcard support, tamper-responsive enclosure, high level API requiring no cryptographic expertise, in-depth logging and auditing, and secure backup capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2859", "Certificate Number": "2859", "Vendor Name": "Mocana Corporation", "Module Name": "Mocana Cryptographic Suite B Module", "Module Type": "Software", "Validation Date": "03/08/201706/14/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2859.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2859", "detail_available": true, "module_name": "Mocana Cryptographic Suite B Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Mocana Cryptographic Module is the engine of Mocana's Device Security Framework - a software framework that secures all aspects of a system. The Device Security Framework helps applications and device designers reduce development costs and dramatically enhance cryptographic performance. For details see www.mocana.com." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2858", "Certificate Number": "2858", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Motorola GGM 8000 Gateway", "Module Type": "Hardware", "Validation Date": "03/08/201706/01/201806/08/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2858.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2858", "detail_available": true, "module_name": "Motorola GGM 8000 Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "GGM 8000 devices are versatile, secure-capable devices that can ensure timely delivery of delay-sensitive traffic. Supporting secure integrated voice and data applications as well as high-speed site-to-site WAN connections, GGM 8000 perform simultaneous functions - including compression and data prioritization - without compromising their ability to accomplish additional packet-handling functions as needed. In addition to the normal packet forwarding functions, the GGM 8000 supports data encryption and authentication over Ethernet and Frame Relay links using the IPSec and FRF.17 protocols.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2857", "Certificate Number": "2857", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Motorola Network Router (MNR) S6000", "Module Type": "Hardware", "Validation Date": "03/08/201706/01/201806/08/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2857.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2857", "detail_available": true, "module_name": "Motorola Network Router (MNR) S6000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "MNR S6000 routers are versatile, secure-capable devices that can ensure timely delivery of delay-sensitive traffic. Supporting secure integrated voice and data applications as well as high-speed site-to-site WAN connections, S6000 routers perform simultaneous functions - including compression and data prioritization - without compromising their ability to accomplish additional packet-handling functions as needed. In addition to the normal routing functions, the MNR S6000 supports data encryption and authentication over Ethernet and Frame Relay links using the IPSec and FRF.17 protocols.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2856", "Certificate Number": "2856", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SRX100, SRX110, SRX210, SRX220, SRX240, SRX550, and SRX650 Services Gateways", "Module Type": "Hardware", "Validation Date": "03/07/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2856.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2856", "detail_available": true, "module_name": "Juniper Networks SRX100, SRX110, SRX210, SRX220, SRX240, SRX550, and SRX650 Services Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper-evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Juniper Networks SRX Series Services Gateways provide the essential capabilities necessary to connect, secure, and manage enterprise and service provider networks, from the smallest sites to the largest headquarters and data centers.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2855", "Certificate Number": "2855", "Vendor Name": "Automation Solutions, Inc (AUTOSOL)", "Module Name": "CryptoMod", "Module Type": "Hardware", "Validation Date": "03/03/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2855.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2855", "detail_available": true, "module_name": "CryptoMod", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "AutoSol’s CryptoMod is an end-point security device that protects data exchanged between remote industrial field devices and a centralized SCADA host. Installed in front of equipment, the CryptoMod encrypts traffic for the entire length of an industrial network. It provides authentication for controlling network access, integrity when data is in motion, and confidentiality. It is a CSA Class 1 Div. 2 Gr. ABCD device and a terminal server, so it can fit any existing industrial network. It has a hardware watchdog timer and the capability for remote configuration, management, and updates." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2854", "Certificate Number": "2854", "Vendor Name": "EFJohnson Technologies", "Module Name": "Communication Cryptographic Library (CCL)", "Module Type": "Software", "Validation Date": "03/02/201706/28/201804/28/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2854.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2854", "detail_available": true, "module_name": "Communication Cryptographic Library (CCL)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The CCL is a dynamically linked library implemented using the C programming language with an external Java interface. Application developers wishing to use the CCL can use the CCL's Application Programming Interface (API) to perform AES, ECDSA, HMAC, DRBG, SHA256 and SHA512 security related functions. It also includes non-validated legacy services to support DES encryption while operating in the Non-Approved mode of operation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2853", "Certificate Number": "2853", "Vendor Name": "Kaspersky Lab UK Ltd.", "Module Name": "Kaspersky Cryptographic Module (User Mode)", "Module Type": "Software", "Validation Date": "03/02/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2853.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2853", "detail_available": true, "module_name": "Kaspersky Cryptographic Module (User Mode)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Kaspersky Cryptographic Module (User Mode) is a software library that provides cryptographic services for various Kaspersky Lab applications. The module is provided as a user-mode DLL.", "algorithms": [ "AES", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2852", "Certificate Number": "2852", "Vendor Name": "CTERA Networks Ltd.", "Module Name": "CTERA Crypto Module™ (Java)", "Module Type": "Software", "Validation Date": "03/01/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2852.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2852", "detail_available": true, "module_name": "CTERA Crypto Module™ (Java)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #2804.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "CTERA Crypto Module™ (Java) is a secure cryptographic engine used by CTERA Enterprise File Services Platform. The platform enables organizations to securely sync, serve and protect data on any private or public cloud infrastructure.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2851", "Certificate Number": "2851", "Vendor Name": "United States Special Operations Command (USSOCOM)", "Module Name": "Suite B Cryptographic Module", "Module Type": "Software", "Validation Date": "02/27/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2851.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2851", "detail_available": true, "module_name": "Suite B Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series validated to FIPS 140-2 under Cert. #2357 operating in FIPS mode or BlackBerry OS Cryptographic Library validated to FIPS 140-2 under Cert. #1578 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "KEYW, in coordination with the United States Special Operations Command (USSOCOM), has developed a Suite B-compliant, standards based, AES/GCM-256 layer of encrypted communications between a BlackBerry Enterprise Server (BES) and a BlackBerry Mobile Set (MS) with Elliptic Curve (EC) key exchange used to negotiate symmetric keys." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2850", "Certificate Number": "2850", "Vendor Name": "Cavium Inc.", "Module Name": "NITROXIII CNN35XX-NFBE HSM Family", "Module Type": "Hardware", "Validation Date": "02/27/201702/28/201704/04/201708/04/201708/31/201711/09/201702/21/201803/15/201803/26/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2850.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2850", "detail_available": true, "module_name": "NITROXIII CNN35XX-NFBE HSM Family", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "CNN35XX-NFBE HSM Family is a high performance purpose built solution for key management and crypto acceleration compliance to FIPS 140-2. The module supports flexible key store that can be partitioned up to 32 individually managed and isolated partitions. This is a SRIOV capable PCIe adapter and can be used in a virtualization environment to extend services like virtual key management, crypto and TLS offloads to VMs in dedicated I/O channels. This product is suitable for PKI vendors, SSL servers/load balancers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2849", "Certificate Number": "2849", "Vendor Name": "Symantec Corporation", "Module Name": "Symantec Messaging Gateway Cryptographic Module", "Module Type": "Software", "Validation Date": "02/27/201704/16/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2849.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2849", "detail_available": true, "module_name": "Symantec Messaging Gateway Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Symantec Messaging Gateway Cryptographic Module provides cryptographic functions for the Messaging Gateway platforms software. The module's logical cryptographic boundary is the shared library files and their integrity check HMAC files. The module is a multi-chip standalone embodiment installed on a General Purpose Device. All operations of the module occur via calls from host applications and their respective internal daemons/processes. As such there are no untrusted services calling the services of the module.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "HMAC", "KAS", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2848", "Certificate Number": "2848", "Vendor Name": "Micron Technology, Inc.", "Module Name": "MICRON 1100 SSD", "Module Type": "Hardware", "Validation Date": "02/23/201703/07/201704/27/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2848.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2848", "detail_available": true, "module_name": "MICRON 1100 SSD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The MICRON 1100 SSD is a multi-chip embedded device which provides hardware AES 256 encryption/decryption of user data that is stored in the NAND flash. The cryptographic module (CM) supports the SATA interface and is compliant with the Trusted Computing Group (TCG) SSC specification Opal.", "algorithms": [ "AES", "DRBG", "HMAC", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2847", "Certificate Number": "2847", "Vendor Name": "Digital Guardian, Inc.", "Module Name": "Verdasys Secure Cryptographic Module", "Module Type": "Software", "Validation Date": "02/22/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2847.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2847", "detail_available": true, "module_name": "Verdasys Secure Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. This validation entry is a non-security-relevant modification to Cert. #1607", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Verdasys Secure Cryptographic Module, VSEC.SYS, is a software module that provides cryptographic services for Digital Guardian's DG Agent for Windows endpoint products. The Verdasys Secure Cryptographic Module is leveraged in a variety of functions including securing communication, protecting agent components, and file encryption.", "algorithms": [ "AES", "DRBG", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2846", "Certificate Number": "2846", "Vendor Name": "Prometheus Security Group Global", "Module Name": "Talon™ Multi-Function Security Appliance", "Module Type": "Hardware", "Validation Date": "02/22/201704/20/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2846.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2846", "detail_available": true, "module_name": "Talon™ Multi-Function Security Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Talon provides ultra-high securtiy standards compliant approach to delivery of high definition real time video, control signaling and physical security data over an IP network. Meeting stringent government encryption and data validation standards, the end user can rest assured that their sensitive data is reliably transported and securely delivered. The device offers an unrivaled level of security and is not susceptible to spoofing or snooping. The product delivers all these features at a price point lower than existing solutions which would require multiple technology combinations." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2845", "Certificate Number": "2845", "Vendor Name": "LG Electronics, Inc.", "Module Name": "LG Kernel Loadable Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "02/22/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2845.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2845", "detail_available": true, "module_name": "LG Kernel Loadable Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The LG Kernel Cryptographic Module is a software library located within the operating system kernel providing a C-language application program interface (API) for use by user and kernel applications that require cryptographic functionality." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2844", "Certificate Number": "2844", "Vendor Name": "Centrify Corporation", "Module Name": "Centrify Cryptographic Module", "Module Type": "Software", "Validation Date": "02/21/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2844.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2844", "detail_available": true, "module_name": "Centrify Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized, and configured as specified in the Security Policy Section Secure Operation. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Centrify Cryptographic Module is a general purpose cryptographic library. The Centrify Cryptographic Module provides the cryptographic services for all Centrify products.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2843", "Certificate Number": "2843", "Vendor Name": "Ciena® Corporation", "Module Name": "Ciena 6500 Flex3 WaveLogic 3e OCLD Encryption Module", "Module Type": "Hardware", "Validation Date": "02/20/201702/22/201805/06/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2843.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2843", "detail_available": true, "module_name": "Ciena 6500 Flex3 WaveLogic 3e OCLD Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 3.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Ciena 6500 Packet-Optical Platform Flex3 WaveLogic 3e OCLD Encryption Module offers an integrated transport encryption solution providing protocol-agnostic 100Gb/s or 200Gb/s wirespeed encryption service for enterprises, datacenters, government and also offered through service providers as differentiated managed service.", "algorithms": [ "AES", "DES", "DRBG", "ECDH", "ECDSA", "HMAC", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2842", "Certificate Number": "2842", "Vendor Name": "McAfee, Inc.", "Module Name": "Network Security Platform Sensor NS-7100, NS-7200 and NS-7300", "Module Type": "Hardware", "Validation Date": "02/17/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2842.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2842", "detail_available": true, "module_name": "Network Security Platform Sensor NS-7100, NS-7200 and NS-7300", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy. The protocol SNMP shall not be used when operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2841", "Certificate Number": "2841", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Adaptive Security Appliance (ASA) Virtual", "Module Type": "Software", "Validation Date": "02/15/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2841.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2841", "detail_available": true, "module_name": "Cisco Adaptive Security Appliance (ASA) Virtual", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA Virtual Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes.", "algorithms": [ "AES", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2840", "Certificate Number": "2840", "Vendor Name": "Arxan Technologies", "Module Name": "Arxan Cryptographic Key & Data Protection", "Module Type": "Software", "Validation Date": "02/14/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2840.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2840", "detail_available": true, "module_name": "Arxan Cryptographic Key & Data Protection", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Arxan Cryptographic Key & Data Protection solution implements state-of-the-art Whitebox Cryptography to protect Crypto Keys and Data (at-rest, in-transit & in-use). It transforms crypto keys and data so neither can be discovered statically in the application or in runtime memory. Arxan Cryptographic Key & Data Protection offers strongest security, broader platform support, with better performance, smaller footprint and easier integration. It provides all the major crypto algorithms and features required to protect sensitive keys and data in hostile or untrusted operational environments.", "algorithms": [ "AES", "CVL", "DES", "ECDSA", "HMAC", "KAS", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2839", "Certificate Number": "2839", "Vendor Name": "VMware, Inc.", "Module Name": "VMware OpenSSL FIPS Object Module", "Module Type": "Software", "Validation Date": "02/14/201702/22/201704/10/201810/31/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2839.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2839", "detail_available": true, "module_name": "VMware OpenSSL FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The VMware OpenSSL FIPS Object Module provides cryptographic functions to various VMware applications.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2838", "Certificate Number": "2838", "Vendor Name": "Mitsubishi Space Software Co., Ltd.", "Module Name": "Command Encryption Module", "Module Type": "Firmware", "Validation Date": "02/13/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2838.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2838", "detail_available": true, "module_name": "Command Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and Windows Firewall Advanced Security Version 6.1 configured as specified in Section 11 of the Security Policy with tamper evident seals (part number: MSS-FIPS-16-500) installed as indicated in Section 5 of the Security Policy", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "Command Encryption Module is a firmware module designed to perform Triple DES CFB mode encryption functions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2837", "Certificate Number": "2837", "Vendor Name": "IBM Corporation", "Module Name": "IBM Java JCE FIPS 140-2 Cryptographic Module with CPACF", "Module Type": "Software-Hybrid", "Validation Date": "02/13/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2837.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2837", "detail_available": true, "module_name": "IBM Java JCE FIPS 140-2 Cryptographic Module with CPACF", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2836", "Certificate Number": "2836", "Vendor Name": "Chunghwa Telecom Co., Ltd. and NXP Semiconductors", "Module Name": "HiCOS PKI Applet and Taiwan TWNID Applet on NXP JCOP 3 SecID P60 (OSA)", "Module Type": "Hardware", "Validation Date": "02/13/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2836.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2836", "detail_available": true, "module_name": "HiCOS PKI Applet and Taiwan TWNID Applet on NXP JCOP 3 SecID P60 (OSA)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The Taiwan TID Applet is a Javacard applet that stores personal information related to the user. It allows governmental organizations to retrieve pieces of data. The HiCOS PKI Applet is a Javacard applet that provides security for stored user data and credentials and an easy to use interface to PKI services (i.e., for strong authentication, encryption and digital signatures)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2835", "Certificate Number": "2835", "Vendor Name": "Apricorn, Inc.", "Module Name": "Apricorn FIPS Module 140-2", "Module Type": "Hardware", "Validation Date": "02/08/201703/10/201707/27/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2835.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2835", "detail_available": true, "module_name": "Apricorn FIPS Module 140-2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 11.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The FIPS 140-2 Module is a complete encryption system that provides USB 3.1 interface to any SATA media. The boundary includes all CSPs including seed generation, RNG, code storage & all encryption functions. No CSPs leave the boundary for improved security. Its software free design allows interface to any host that supports USB & mass storage. The module supports 1 Admin & 4 users, brute force, recovery PINs, 7-16 digit PINs, auto lock, read only, etc. & is compatible with Apricorn’s Aegis Configurator. The FIPS 140-2 Module is used in Aegis Fortress, Padlock DT FIPS & Padlock SSD." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2834", "Certificate Number": "2834", "Vendor Name": "Apricorn, Inc.", "Module Name": "Aegis Secure Key 3.0 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "02/07/201703/10/201703/27/201705/09/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2834.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2834", "detail_available": true, "module_name": "Aegis Secure Key 3.0 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When installed, initialized and configured as specified in Section 11.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Apricorn Aegis Secure Key 3.0 is a hardware encrypted USB 3.1 memory key. Its software free design allows interface to any host that supports USB and mass storage. Authentication is performed via the embedded keypad and all critical security parameters (PINs, encryption keys, etc) never leave the device boundary for improved security. The device supports 1 administrator and 1 user and offers a variety of features including programmable brute force, recovery PINs, 7-16 digit PINs, auto lock, read only modes, and is compatible with Apricorn’s Aegis Configurator" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2833", "Certificate Number": "2833", "Vendor Name": "Aruba a Hewlett Packard Enterprise Company", "Module Name": "Aruba VMC-TACT Series Virtual Controllers with ArubaOS FIPS Firmware", "Module Type": "Firmware", "Validation Date": "02/03/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2833.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2833", "detail_available": true, "module_name": "Aruba VMC-TACT Series Virtual Controllers with ArubaOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The Aruba Networks Virtual Mobility Controller (VMC) is a virtualized network device that serves as a gateway between wired and wireless networks and provides command-and-control over Access Points (APs) within an Aruba dependent wireless network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2832", "Certificate Number": "2832", "Vendor Name": "Apple Inc.", "Module Name": "Apple macOS CoreCrypto Module, v7.0", "Module Type": "Software", "Validation Date": "02/02/201703/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2832.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2832", "detail_available": true, "module_name": "Apple macOS CoreCrypto Module, v7.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Apple macOS CoreCrypto Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2831", "Certificate Number": "2831", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle StorageTek T10000D Tape Drive", "Module Type": "Hardware", "Validation Date": "02/02/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2831.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2831", "detail_available": true, "module_name": "Oracle StorageTek T10000D Tape Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Oracle StorageTek T10000D Tape Drive blends the highest capacity, performance, reliability, and data security to support demanding, 24/7 data center operations. The StorageTek T10000D Tape Drive delivers the world's fastest write speeds up to 8.5 TB of magnetic tape storage; making it ideal for data center operations with growing volumes. Designed for maximum performance, the drive allows the use of multiple keys per tape with a cache memory to minimize the overhead of key transmission. Works seamlessly with the Oracle Key Manager to provide a secure end-to-end management solution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2830", "Certificate Number": "2830", "Vendor Name": "Apple Inc.", "Module Name": "Apple macOS CoreCrypto Kernel Module, v7.0", "Module Type": "Software", "Validation Date": "02/01/201703/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2830.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2830", "detail_available": true, "module_name": "Apple macOS CoreCrypto Kernel Module, v7.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Apple macOS CoreCrypto Kernel Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2829", "Certificate Number": "2829", "Vendor Name": "IBM Corporation", "Module Name": "IBM® z/OS® Version 2 Release 1 System SSL Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "02/01/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2829.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2829", "detail_available": true, "module_name": "IBM® z/OS® Version 2 Release 1 System SSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules IBM(R) z/OS(R) Version 2 Release 1 Security Server RACF(R) Signature Verification Module version 1.0 validated to FIPS 140-2 under Cert. #2691 operating in FIPS mode and IBM(R) z/OS(R) Version 2 Release 1 ICSF PKCS #11 Cryptographic Module validated to FIPS 140-2 under Cert. #2763 operating in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "z/OS® System SSL provides a rich set of C based application programming interfaces that allow applications to protect data using the SSL/TLS protocols and through PKCS#7 cryptographic messages. z/OS System SSL also enables applications to create and manage X.509 V3 certificates and keys within key database files and PKCS#11 tokens." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2828", "Certificate Number": "2828", "Vendor Name": "Apple Inc.", "Module Name": "Apple iOS CoreCrypto Kernel Module v7.0", "Module Type": "Software", "Validation Date": "02/01/201703/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2828.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2828", "detail_available": true, "module_name": "Apple iOS CoreCrypto Kernel Module v7.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Apple iOS CoreCrypto Kernel Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2827", "Certificate Number": "2827", "Vendor Name": "Apple Inc.", "Module Name": "Apple iOS CoreCrypto Module v7.0", "Module Type": "Software", "Validation Date": "02/01/201703/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2827.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2827", "detail_available": true, "module_name": "Apple iOS CoreCrypto Module v7.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Apple iOS CoreCrypto Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2826", "Certificate Number": "2826", "Vendor Name": "DataLocker Inc.", "Module Name": "DataLocker H350", "Module Type": "Hardware", "Validation Date": "01/31/201707/27/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2826.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2826", "detail_available": true, "module_name": "DataLocker H350", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "Files distributed with the module mounted within the Read-Only drive are excluded from validation", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "DataLocker H350 is a secure USB hard disk drive with 256-bit AES encryption and PKI operations combined with advanced authentication and policy management capabilities to help organizations control user access to sensitive data. DataLocker H350 allows enterprise management features like password recovery and remote kill." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2825", "Certificate Number": "2825", "Vendor Name": "Gemalto", "Module Name": "eToken 5110", "Module Type": "Hardware", "Validation Date": "01/30/201703/26/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2825.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2825", "detail_available": true, "module_name": "eToken 5110", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "SafeNet eToken 5110 FIPS is a portable two-factor USB authenticator with advanced smart card technology. It utilizes certificate based technology to generate and store credentials, such as private keys, passwords and digital certificates inside the protected environment of the smart card chip. To authenticate, users must supply both their personal SafeNet authenticator and password, providing a critical second level of security beyond simple passwords to protect valuable digital business.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDH", "ECDSA", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2824", "Certificate Number": "2824", "Vendor Name": "Apricorn, Inc.", "Module Name": "Aegis Secure Key 3Z Cryptographic Module", "Module Type": "Hardware", "Validation Date": "01/30/201703/10/201703/27/201705/02/201712/06/201804/16/201906/13/201907/18/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2824.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2824", "detail_available": true, "module_name": "Aegis Secure Key 3Z Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When installed, initialized and configured as specified in Section 11.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Apricorn’s Aegis Secure Key 3z is a hardware encrypted USB 3.1 memory key. Its software-free design works with any host that supports USB and mass storage compliant. Authentication is performed via the embedded keypad & all CSPs (PINs, encryption keys, etc) never leave the device boundary for improved security. The 3z supports 1 admin and 1 user, has no factory default PINs (requires Force Enrollment upon first use) and offers a variety of features including programmable brute force, recovery PINs, 7-16 digit PIN, auto lock, read only modes, and is compatible with Apricorn’s Aegis Configurator" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2823", "Certificate Number": "2823", "Vendor Name": "UnaliWear, Inc.", "Module Name": "Kanega Watch", "Module Type": "Software", "Validation Date": "01/26/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2823.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2823", "detail_available": true, "module_name": "Kanega Watch", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Kanega Watch is a cryptography software library.", "algorithms": [ "AES", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2822", "Certificate Number": "2822", "Vendor Name": "KIOXIA Corporation", "Module Name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX05S model) Type B", "Module Type": "Hardware", "Validation Date": "01/25/201702/22/201705/02/201709/27/201710/26/201701/28/201907/24/201910/02/201906/09/202009/06/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2822.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2822", "detail_available": true, "module_name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX05S model) Type B", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive is used for solid state drive data security. This Cryptographic Module (CM) provides various cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, cryptographic erase, independently protected user data LBA bands, and FW download." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2821", "Certificate Number": "2821", "Vendor Name": "Symantec Corporation", "Module Name": "SSL Visibility Appliance", "Module Type": "Hardware", "Validation Date": "01/25/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2821.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2821", "detail_available": true, "module_name": "SSL Visibility Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The SSL Visibility Appliance is designed to detect SSL traffic and then under policy control to \"inspect\" the traffic. Inspection involves decrypting and re-encrypting the traffic to gain access to the clear text then passing this data to one or more associated security appliance(s) that need to see decrypted traffic." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2820", "Certificate Number": "2820", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ASA 5506-X, ASA 5506H-X, ASA 5506W-X, ASA 5508-X, ASA 5512-X, ASA 5515-X, ASA 5516-X, ASA 5525-X, ASA 5545-X, ASA 5555-X, ASA 5585-X SSP-10, 5585-X SSP-20, 5585-X SSP-40 and 5585-X SSP-60 Adaptive Security Appliances", "Module Type": "Hardware", "Validation Date": "01/23/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2820.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2820", "detail_available": true, "module_name": "Cisco ASA 5506-X, ASA 5506H-X, ASA 5506W-X, ASA 5508-X, ASA 5512-X, ASA 5515-X, ASA 5516-X, ASA 5525-X, ASA 5545-X, ASA 5555-X, ASA 5585-X SSP-10, 5585-X SSP-20, 5585-X SSP-40 and 5585-X SSP-60 Adaptive Security Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2819", "Certificate Number": "2819", "Vendor Name": "KIOXIA Corporation", "Module Name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX05S model) Type A", "Module Type": "Hardware", "Validation Date": "01/19/201709/26/201701/28/201907/24/201910/02/201906/09/202009/06/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2819.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2819", "detail_available": true, "module_name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX05S model) Type A", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive is used for solid state drive data security. This Cryptographic Module (CM) provides various cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, cryptographic erase, independently protected user data LBA bands, and FW download." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2818", "Certificate Number": "2818", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ASA Service Module (SM)", "Module Type": "Hardware", "Validation Date": "01/18/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2818.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2818", "detail_available": true, "module_name": "Cisco ASA Service Module (SM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The Cisco ASA Service Module (SM) provides comprehensive security, performance, and reliability for network environments of all sizes.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2817", "Certificate Number": "2817", "Vendor Name": "Intelligent Waves", "Module Name": "Hypori FIPS Object Module for OpenSSL", "Module Type": "Software", "Validation Date": "01/13/201711/08/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2817.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2817", "detail_available": true, "module_name": "Hypori FIPS Object Module for OpenSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security relevant modification to Cert. #1747", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Re-brand of OpenSSL Version 2.0.10 running in Hypori Virtual Device", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2816", "Certificate Number": "2816", "Vendor Name": "Microwave Networks Inc.", "Module Name": "Proteus MX Licensed Band Radio Cryptographic Module", "Module Type": "Hardware", "Validation Date": "01/12/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2816.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2816", "detail_available": true, "module_name": "Proteus MX Licensed Band Radio Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The module is a cryptographic device enclosed in a plug-in chassis that provides mux/demux and mod/dmod functions along with optional payload encryption for a line of license band point-to-point radios.", "algorithms": [ "DES", "DSA", "HMAC", "SHA", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2814", "Certificate Number": "2814", "Vendor Name": "Utimaco IS GmbH", "Module Name": "CryptoServer Se-Series Gen2", "Module Type": "Hardware", "Validation Date": "01/11/201701/25/201702/01/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2814.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2814", "detail_available": true, "module_name": "CryptoServer Se-Series Gen2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The CryptoServer Se-Series Gen2 Version 5.01.2.0 and 5.01.4.0 is an encapsulated protected security module which is realized as a multi-chip embedded cryptographic module as defined in FIPS 140-2. It's realization meets the overall FIPS 140-2 Level 3 requirements. The primary purpose of this module is to provide secure cryptographic services such as encryption or decryption, hashing, signing and verification of data, random number generation, on-board secure key generation, key storage and further key management functions in a tamper-protected environment." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2813", "Certificate Number": "2813", "Vendor Name": "Gemalto SA", "Module Name": "TOPDLv2.1 Platform", "Module Type": "Hardware", "Validation Date": "01/11/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2813.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2813", "detail_available": true, "module_name": "TOPDLv2.1 Platform", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "TOPDLv2.1 is a part of Gemalto's TOPDL family of Java Cards and offers a comprehensive array of features and options for logical and physical access control applications. TOPDLv2.1 is a highly secure platform for private and public sector smart card deployments implementing Java Card 2.2.2 and Global Platform 2.1.1/2.2 Amdt D specifications with both contact and contactless interfaces. TOPDLv2.1 is ideally suited for markets such as Identity or Security/Access, including one-time password authentication, Public Key Infrastructure (PKI) services, digital transactions and physical access control", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2812", "Certificate Number": "2812", "Vendor Name": "Symantec Corporation", "Module Name": "SSL Visibility Appliance", "Module Type": "Hardware", "Validation Date": "01/11/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2812.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2812", "detail_available": true, "module_name": "SSL Visibility Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The SSL Visibility Appliance is designed to detect SSL traffic and then under policy control to \"inspect\" the traffic. Inspection involves decrypting and re-encrypting the traffic to gain access to the clear text then passing this data to one or more associated security appliance(s) that need to see decrypted traffic." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2811", "Certificate Number": "2811", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung SAS 12G TCG Enterprise SSC SEDs PM1633a Series", "Module Type": "Hardware", "Validation Date": "01/05/201707/24/201910/04/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2811.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2811", "detail_available": true, "module_name": "Samsung SAS 12G TCG Enterprise SSC SEDs PM1633a Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Rules Section of the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Samsung SAS 12G TCG Enterprise SSC SEDs PM1633a Series are a high-performance Self-Encrypting SSDs supporting SAS 12G Interface that provides on-the-fly encryption/decryption of user data without performance loss. It implements AES256-XTS for user data encryption, ECDSA P-224 for FW authentication, and CTR_DRBG for key generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2810", "Certificate Number": "2810", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "EX4300 Ethernet Switches", "Module Type": "Hardware", "Validation Date": "12/21/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2810.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2810", "detail_available": true, "module_name": "EX4300 Ethernet Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Juniper Networks EX4300 Ethernet Switches combine the carrier-class reliability of modular systems with the economics of stackable platforms, delivering a high-performance, scalable solution for data center and campus office environments. Offering a full suite of Layer 2 and Layer 3 switching capabilities, EX4300 switches offer 24 or 48-port 10/100/1000BASE-T configurations with redundant, hot-swappable internal power supplies and field-replaceable fans to ensure maximum uptime. In addition, Power over Ethernet (PoE)-enabled EX4300 switch models offer standards-based 802.3at PoE+." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2809", "Certificate Number": "2809", "Vendor Name": "Gemalto", "Module Name": "Protiva™ PIV v1.55 on TOP DL v2", "Module Type": "Hardware", "Validation Date": "12/20/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2809.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2809", "detail_available": true, "module_name": "Protiva™ PIV v1.55 on TOP DL v2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with module TOP DL v2 validated to FIPS 140-2 under Cert. #1450 operating in FIPS mode. This validation entry is a non-security relevant modification to Cert. #1690.", "module_type": "Hardware", "embodiment": "Single Chip", "description": "This module is based on a Java Card platform (TOP DL V2) with 128K EEPROM memory and the Protiva PIV Applet loaded on the Java Card platform. The Cryptographic Module provides dual interfaces (i.e. contact and contact-less) where the same security level is achieved." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2808", "Certificate Number": "2808", "Vendor Name": "LG Electronics, Inc.", "Module Name": "LG OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "12/20/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2808.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2808", "detail_available": true, "module_name": "LG OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The LG OpenSSL Cryptographic Module is a software library that provides cryptographic functionality." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2807", "Certificate Number": "2807", "Vendor Name": "Toshiba Corporation", "Module Name": "Toshiba TCG Enterprise SSC Self-Encrypting Solid State Drive (THNSB8 model)", "Module Type": "Hardware", "Validation Date": "12/19/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2807.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2807", "detail_available": true, "module_name": "Toshiba TCG Enterprise SSC Self-Encrypting Solid State Drive (THNSB8 model)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Toshiba TCG Enterprise SSC Self-Encrypting Solid State Drive is used for solid state drive data security. This Cryptographic Module (CM) provides various cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, cryptographic erase, independently protected user data LBA bands, and FW download." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2806", "Certificate Number": "2806", "Vendor Name": "KACST / Parsec", "Module Name": "HSID5000A", "Module Type": "Hardware", "Validation Date": "12/13/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2806.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2806", "detail_available": true, "module_name": "HSID5000A", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The HSID5000A is a portable USB device that provides high security cryptographic functionality with secure storage for any personal computer. These cryptographic functions and storage allow the HSID5000A to be used in PKI environments with third party applications to securely login to domains, sign and verify emails and encrypt and decrypt files. The module supports a single user with access to the cryptographic functions and a cryptographic officer to enforce policy on the user. The module provides software interfaces as defined by the PKCS#11 standard and Microsoft CSP/KSP.", "algorithms": [ "DES", "DSA", "HMAC", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2805", "Certificate Number": "2805", "Vendor Name": "ICU Medical, Inc.", "Module Name": "ICU Medical CE3.0 OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "12/13/201607/23/202004/14/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2805.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2805", "detail_available": true, "module_name": "ICU Medical CE3.0 OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "ICU Medical CE3.0 OpenSSL Cryptographic Module 2.0.9 is used within various ICU Medical Infusion Pumps for providing secure communication between Infusion pumps and external server.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2804", "Certificate Number": "2804", "Vendor Name": "SafeLogic Inc.", "Module Name": "CryptoComply for Java", "Module Type": "Software", "Validation Date": "12/08/201603/29/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2804.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2804", "detail_available": true, "module_name": "CryptoComply for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SafeLogic's CryptoComply for Java is designed to provide FIPS 140-2 validated cryptographic functionality and is available for licensing.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2803", "Certificate Number": "2803", "Vendor Name": "Acronis International GmbH", "Module Name": "Acronis AnyData Cryptographic Library", "Module Type": "Software", "Validation Date": "12/06/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2803.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2803", "detail_available": true, "module_name": "Acronis AnyData Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Acronis AnyData Cryptographic Library (AACL) is a cryptographic software module used in various Acronis products.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2802", "Certificate Number": "2802", "Vendor Name": "Palo Alto Networks", "Module Name": "WildFire WF-500", "Module Type": "Hardware", "Validation Date": "12/05/201602/13/201802/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2802.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2802", "detail_available": true, "module_name": "WildFire WF-500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "WildFire WF-500 identifies unknown malware, zero-day exploits, and Advanced Persistent Threats (APTs) through dynamic analysis, and automatically disseminates protection in near real-time to help security teams meet the challenge of advanced cyber-attacks" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2801", "Certificate Number": "2801", "Vendor Name": "Gemalto", "Module Name": "Protiva™ PIV v2.0 using TOP DL v2 and TOP IL v2", "Module Type": "Hardware", "Validation Date": "11/30/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2801.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2801", "detail_available": true, "module_name": "Protiva™ PIV v2.0 using TOP DL v2 and TOP IL v2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with module TOP DL v2 or TOP IL v2 validated to FIPS 140-2 under Cert. #1450 operating in FIPS mode. This validation entry is a non-security relevant modification to Cert. #1843.", "module_type": "Hardware", "embodiment": "Single Chip", "description": "This module is based on a Java Card platform (TOP DL V2) with 128K EEPROM memory and the Protiva PIV Applet loaded on the Java Card platform. The Cryptographic Module provides dual interfaces (i.e. contact and contact-less) where the same security level is achieved." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2800", "Certificate Number": "2800", "Vendor Name": "Palo Alto Networks", "Module Name": "Palo Alto Networks VM-Series", "Module Type": "Software", "Validation Date": "11/30/201601/11/201802/13/201802/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2800.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2800", "detail_available": true, "module_name": "Palo Alto Networks VM-Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The VM-Series allows you to protect your applications and data from cyber threats with our next-generation firewall security and advanced threat prevention features." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2799", "Certificate Number": "2799", "Vendor Name": "Palo Alto Networks", "Module Name": "PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series and PA-7050 Firewalls", "Module Type": "Hardware", "Validation Date": "11/28/201601/11/201802/13/201802/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2799.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2799", "detail_available": true, "module_name": "PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series and PA-7050 Firewalls", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Palo Alto Networks PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series and PA-7050 firewalls are multi-chip standalone modules that provide network security by enabling enterprises to see and control applications, users, and content using three unique identification technologies: App-ID, User-ID, and Content-ID. These identification technologies enable enterprises to create business-relevant security polices - safely enabling organizations to adopt new applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2798", "Certificate Number": "2798", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux Kernel Crypto API Cryptographic Module v4.0 with CPACF", "Module Type": "Software-Hybrid", "Validation Date": "11/23/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2798.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2798", "detail_available": true, "module_name": "Red Hat Enterprise Linux Kernel Crypto API Cryptographic Module v4.0 with CPACF", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules Red Hat Enterprise Linux NSS Cryptographic Module v4.0 validated to FIPS 140-2 under Cert. #2711 operating in FIPS mode and Red Hat Enterprise Linux Libreswan Cryptographic Module v4.0 validated to FIPS 140-2 under Cert. #2721 operating in FIPS mode. The module generates random strings whose strengths are modified by available entropy", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The Linux kernel Crypto API implemented in Red Hat Enterprise Linux 7.1 provides services operating inside the Linux kernel with various ciphers, message digests and an approved random number generator." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2797", "Certificate Number": "2797", "Vendor Name": "Palo Alto Networks", "Module Name": "PA-3060 and PA-7080 Firewalls", "Module Type": "Hardware", "Validation Date": "11/22/201601/19/201802/13/201802/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2797.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2797", "detail_available": true, "module_name": "PA-3060 and PA-7080 Firewalls", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Palo Alto Networks PA-3060 and PA-7080 firewalls provide network security by enabling enterprises to see and control applications, users, and content using three unique identification technologies: App-ID, User-ID, and Content-ID. These identification technologies, found in Palo Alto Networks' enterprise firewalls, enable enterprises to create business-relevant security policies - safely enabling organizations to adopt new applications, instead of the traditional \"all-or-nothing\" approach offered by traditional port-blocking firewalls used in many security infrastructures." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2795", "Certificate Number": "2795", "Vendor Name": "STMicroelectronics", "Module Name": "Trusted Platform Module ST33TPHF2ESPI", "Module Type": "Hardware", "Validation Date": "11/15/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2795.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2795", "detail_available": true, "module_name": "Trusted Platform Module ST33TPHF2ESPI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "ST Microelectronics Trusted Platform Module is a hardware cryptographic module which implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography, as well as key generation and random number generation as defined by the Trusted Computing Group (TCG) version 1.2 specification." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2794", "Certificate Number": "2794", "Vendor Name": "Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)", "Module Name": "CN Series Ethernet Encryptors", "Module Type": "Hardware", "Validation Date": "11/15/201606/02/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2794.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2794", "detail_available": true, "module_name": "CN Series Ethernet Encryptors", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The CN4010, CN4020 and CN6010 are high-speed hardware encryption modules that secure data over twisted-pair Ethernet and optical networks. The modules support data rates to 1Gb/s and 100Mb/s and 10Mb/s modes. The CN6010 is also equipped with pluggable SFPs to support a variety of optical network interfaces. Data privacy is provided by FIPS approved AES CFB and CTR algorithms and GCM for applications that demand authentication. Additional transmission security is provided via TRANSEC (Traffic Flow Security) which can be used to remove patterns in network traffic and prevent traffic analysis." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2793", "Certificate Number": "2793", "Vendor Name": "Ultra Electronics AEP", "Module Name": "Advanced Configurable Cryptographic Environment (ACCE) v3 HSM Crypto Module", "Module Type": "Hardware", "Validation Date": "11/15/201601/30/201707/11/201707/20/201802/28/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2793.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2793", "detail_available": true, "module_name": "Advanced Configurable Cryptographic Environment (ACCE) v3 HSM Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 4, "caveat": "When operated in FIPS mode and when installed, initialized and configured as specified in the Security Policy in Appendices A and C", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Advanced Configurable Cryptographic Environment (ACCE) v3 crypto module offers the next-generation security platform for managing cryptographic keys and protecting sensitive applications. It is used in the Keyper Plus hardware security module (HSM), which is designed for mission-critical applications that demand maximum security. It is ideally suited for companies that need secure key management for PKI certification authorities, registration authorities, OCSP responders, smart card issuers, web servers, DNSSEC and other applications.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2792", "Certificate Number": "2792", "Vendor Name": "Legion of the Bouncy Castle Inc.", "Module Name": "BC-FNA (Bouncy Castle FIPS .NET API)", "Module Type": "Software", "Validation Date": "11/14/201604/19/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2792.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2792", "detail_available": true, "module_name": "BC-FNA (Bouncy Castle FIPS .NET API)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Bouncy Castle FIPS .NET API is a comprehensive suite of FIPS Approved algorithms implemented in pure C#. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms, including some post-quantum ones, are available in non-approved operation as well.", "algorithms": [ "AES", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2791", "Certificate Number": "2791", "Vendor Name": "Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet) and ID Quantique SA", "Module Name": "CN8000 Multi-slot Encryptor", "Module Type": "Hardware", "Validation Date": "11/14/201606/02/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2791.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2791", "detail_available": true, "module_name": "CN8000 Multi-slot Encryptor", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The CN8000 is a high-speed multi-slot hardware encryption platform that secures data over Ethernet and Fibre Channel networks. The CN8000 supports up to 10 high speed encryption slots. Each slot can be configured by the user to support 1-10Gb/s Ethernet or 1-4Gb/s Fibre Channel. Data privacy is provided by FIPS approved AES CFB and CTR algorithms. GCM is also available for applications that demand authentication." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2790", "Certificate Number": "2790", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-5140B Chassis with FortiGate-5001D Blade", "Module Type": "Hardware", "Validation Date": "11/08/201609/26/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2790.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2790", "detail_available": true, "module_name": "FortiGate-5140B Chassis with FortiGate-5001D Blade", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiGate product family spans the full range of network environments, from SOHO to service provider, offering cost effective systems for any size of application. FortiGate appliances detect and eliminate the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2789", "Certificate Number": "2789", "Vendor Name": "Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)", "Module Name": "CN6000 Series Encryptors", "Module Type": "Hardware", "Validation Date": "11/08/201606/02/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2789.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2789", "detail_available": true, "module_name": "CN6000 Series Encryptors", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The CN6000 Series are high-speed hardware encryption platforms that secure data over optical and twisted-pair Ethernet and Fibre Channel networks. Models included are the CN6100 10G Ethernet; operating at a line rate of 10Gb/s and the CN6040 Ethernet and FC selectable model, operating at data rates up to 4Gb/s. Data privacy is provided by FIPS approved AES CFB and CTR algorithms. GCM is also available for applications that demand authentication. TRANSEC (aka Traffic Flow Security or TFS) can be used to remove patterns in network traffic and prevent traffic analysis." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2787", "Certificate Number": "2787", "Vendor Name": "Palo Alto Networks", "Module Name": "Panorama M-100 and M-500", "Module Type": "Hardware", "Validation Date": "11/07/201611/14/201601/11/201802/13/201802/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2787.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2787", "detail_available": true, "module_name": "Panorama M-100 and M-500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Panorama on the M-100 and M-500 provides centralized management and visibility of multiple Palo Alto Networks next-generation firewalls and supports distributed management and logging functions. It allows you to oversee all applications, users, and content traversing the network and then create application enablement policies that protect and control the entire network. The M-500 provides an additional service, the PAN-DB private cloud, which is an on-premise solution suitable for organizations that prohibit or restrict the use of the PAN-DB public cloud service." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2786", "Certificate Number": "2786", "Vendor Name": "Nokia Corporation", "Module Name": "SR-OS Cryptographic Module", "Module Type": "Firmware", "Validation Date": "11/07/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2786.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2786", "detail_available": true, "module_name": "SR-OS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in the Security Policy Section 9.1", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The SR-OS Cryptographic Module (SRCM) provides the cryptographic algorithm functions needed to allow SR-OS to implement cryptography for those services and protocols that require it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2785", "Certificate Number": "2785", "Vendor Name": "Gemalto", "Module Name": "Protiva PIV Applet v1.55 on Protiva TOP DM Card", "Module Type": "Hardware", "Validation Date": "11/07/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2785.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2785", "detail_available": true, "module_name": "Protiva PIV Applet v1.55 on Protiva TOP DM Card", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. This validation entry is a non-security relevant modification to Cert. #691.", "module_type": "Hardware", "embodiment": "Single Chip", "description": "This module is based on a Java platform (GemCombiXpresso R4 E72 PK ) with 72K EEPROM memory and on the SafesITe FIPS201 applet loaded on the Java Card platform. The Cryptographic Module provides dual interfaces (i.e. contact and contact-less) where the same security level is achieved. The module has on board the following FIPS approved security functions used specifically by the SafesITe FIPS201 applet :P-RNG, Triple DES, SHA-1, RSA algorithms up to 2048 bits key length, and X9.31 RSA On Board Key generation up to 2048 bits long. The module conforms to Java Card 2.1.1, Global Platform 2.1.1, N" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2784", "Certificate Number": "2784", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-30D/60D/92D, FortiWiFi-60D and FortiGateRugged-60D", "Module Type": "Hardware", "Validation Date": "10/31/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2784.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2784", "detail_available": true, "module_name": "FortiGate-30D/60D/92D, FortiWiFi-60D and FortiGateRugged-60D", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiGate product family spans the full range of network environments, from SOHO to service provider, offering cost effective systems for any size of application. FortiGate appliances detect and eliminate the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2783", "Certificate Number": "2783", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-1000D/1500D", "Module Type": "Hardware", "Validation Date": "10/31/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2783.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2783", "detail_available": true, "module_name": "FortiGate-1000D/1500D", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiGate product family spans the full range of network environments, from SOHO to service provider, offering cost effective systems for any size of application. FortiGate appliances detect and eliminate the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2782", "Certificate Number": "2782", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-3700D/3815D", "Module Type": "Hardware", "Validation Date": "10/31/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2782.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2782", "detail_available": true, "module_name": "FortiGate-3700D/3815D", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiGate product family spans the full range of network environments, from SOHO to service provider, offering cost effective systems for any size of application. FortiGate appliances detect and eliminate the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2781", "Certificate Number": "2781", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-100D/200D/300D/500D", "Module Type": "Hardware", "Validation Date": "10/31/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2781.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2781", "detail_available": true, "module_name": "FortiGate-100D/200D/300D/500D", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiGate product family spans the full range of network environments, from SOHO to service provider, offering cost effective systems for any size of application. FortiGate appliances detect and eliminate the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2780", "Certificate Number": "2780", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux GnuTLS Cryptographic Module", "Module Type": "Software", "Validation Date": "10/31/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2780.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2780", "detail_available": true, "module_name": "Red Hat Enterprise Linux GnuTLS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "GnuTLS is a secure communications library implementing the SSH, TLS, and DTLS protocols. It provides a simple C language application programming interface to access the secure communications protocols as well as APIs to parse and write X.509, PCKS#12, and other required structures which is shipped with Red Hat Enterprise Linux 7.1." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2779", "Certificate Number": "2779", "Vendor Name": "DocuSign, Inc.", "Module Name": "DocuSign Signature Appliance", "Module Type": "Hardware", "Validation Date": "10/25/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2779.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2779", "detail_available": true, "module_name": "DocuSign Signature Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. This module contains the embedded module eToken 5105 validated to FIPS 140-2 under Cert. #1883 operating in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The DocuSign Signature Appliance is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization's end-users. End-users will connect securely to the appliance from their PC for the purpose of signing documents and data." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2778", "Certificate Number": "2778", "Vendor Name": "Certicom Corp.", "Module Name": "Security Builder FIPS Java Module", "Module Type": "Software", "Validation Date": "10/24/201610/08/201911/02/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2778.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2778", "detail_available": true, "module_name": "Security Builder FIPS Java Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Security Builder FIPS Java Module is a standards-based cryptographic toolkit written in Java. It supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into Java-based applications. The Security Builder FIPS Java Module is intended for use by developers who want government level security and can also be used in conjunction with other Certicom developer toolkits including Security Builder PKI and Security Builder SSL." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2777", "Certificate Number": "2777", "Vendor Name": "BlackBerry Limited", "Module Name": "BlackBerry Cryptographic Java Module", "Module Type": "Software", "Validation Date": "10/21/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2777.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2777", "detail_available": true, "module_name": "BlackBerry Cryptographic Java Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "BlackBerry is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry is a totally integrated package that includes hardware, software and service, providing a complete end-to-end solution. The BlackBerry Cryptographic Java Module is a software module that provides cryptographic services to BlackBerry products such as the BlackBerry PlayBook Administration Service, and other BlackBerry products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2776", "Certificate Number": "2776", "Vendor Name": "Fuji Xerox Co., Ltd.", "Module Name": "FX Cryptographic Kernel Module", "Module Type": "Software", "Validation Date": "10/21/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2776.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2776", "detail_available": true, "module_name": "FX Cryptographic Kernel Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The FX Cryptographic Kernel Module is a kernel module which operates as callback functions of WindRiver® Linux CryptoAPI." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2775", "Certificate Number": "2775", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Cloud Services Router 1000 Virtual", "Module Type": "Software", "Validation Date": "10/20/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2775.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2775", "detail_available": true, "module_name": "Cisco Cloud Services Router 1000 Virtual", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy and operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco® Cloud Services Router 1000V (CSR 1000V) is a virtual form-factor router that delivers comprehensive WAN gateway and network services functions into virtual and cloud environments. Using familiar, industry-leading Cisco IOS® XE Software networking capabilities, the CSR 1000V enables enterprises to transparently extend their WANs into provider-hosted clouds", "algorithms": [ "AES", "DES", "HMAC", "RSA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2774", "Certificate Number": "2774", "Vendor Name": "Gemalto and ActivIdentity Inc.", "Module Name": "SafesITe TOP DL GX4 - FIPS with ActivIdentity Digital Identity Applet Suite V2 for Extended PIV", "Module Type": "Hardware", "Validation Date": "10/19/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2774.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2774", "detail_available": true, "module_name": "SafesITe TOP DL GX4 - FIPS with ActivIdentity Digital Identity Applet Suite V2 for Extended PIV", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. This validation entry is a non-security relevant modification to Cert. #1085.", "module_type": "Hardware", "embodiment": "Single Chip", "description": "This module is based on a Gemalto Dual Interface (Contact ISO7816 and Contactless ISO14443) Open OS Smart Card with a large (128K EEPROM) memory, with a cryptographic applet suite V 2.6.2b developed by ActivIdentity. The SmartCard platform has on board Triple DES and RSA up to 2048 algorithms and provides X9.31 on board key generation. The Applet Suite supports management of 3DES keys and PINs, and provides services for authentication, access control, generic container, PKI, One Time password and Secure Messaging (SMA). The module conforms to Java Card 2.2.1, Global Platform 2.1.1 and GSC/IS 2" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2773", "Certificate Number": "2773", "Vendor Name": "Gemalto", "Module Name": "Protiva PIV Applet v1.55 on Protiva TOP DL Card", "Module Type": "Hardware", "Validation Date": "10/19/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2773.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2773", "detail_available": true, "module_name": "Protiva PIV Applet v1.55 on Protiva TOP DL Card", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. This validation entry is a non-security relevant modification to Cert. #1044.", "module_type": "Hardware", "embodiment": "Single Chip", "description": "This module is based on a Java platform (GemCombiXpresso R4) with 144K EEPROM memory and on the SafesITe FIPS201 applet loaded on the Java Card platform. The Cryptographic Module provides dual interfaces (i.e. contact and contact-less) where the same security level is achieved. Module Ref# A1005963 - Card Ref# M1002255." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2772", "Certificate Number": "2772", "Vendor Name": "SPYRUS, Inc.", "Module Name": "Rosetta microSDHC™", "Module Type": "Hardware", "Validation Date": "10/18/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2772.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2772", "detail_available": true, "module_name": "Rosetta microSDHC™", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Rosetta microSDHC™ is a hardware encryption engine available in a microSD embodiment supporting Suite B functionality that is ideal for embedded, Internet of Things, and secure flash storage applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2771", "Certificate Number": "2771", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 4506-E with Supervisor Card (WS-X45-SUP8-E) and Line Cards (WS-X4748-RJ45-E and WS-X4748-RJ45V+E)", "Module Type": "Hardware", "Validation Date": "10/17/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2771.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2771", "detail_available": true, "module_name": "Cisco Catalyst 4506-E with Supervisor Card (WS-X45-SUP8-E) and Line Cards (WS-X4748-RJ45-E and WS-X4748-RJ45V+E)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Catalyst 4500 Series switches are Cisco`s leading modular switches for borderless access and price/performance distribution deployments. They offer best-in-class investment protection with forward and backward compatibility and deep application visibility with Flexible NetFlow. The Catalyst 4500 series switch meets FIPS 140-2 overall Level 1 requirements as multi-chip standalone module. The switch includes cryptographic algorithms implemented in IOS-XE software as well as hardware ASICs. The module provides 802.1X-rev.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2770", "Certificate Number": "2770", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade VDX 6740, VDX 6740T, VDX 6940 and VDX 8770 Switches", "Module Type": "Hardware", "Validation Date": "10/17/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2770.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2770", "detail_available": true, "module_name": "Brocade VDX 6740, VDX 6740T, VDX 6940 and VDX 8770 Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed and with the configurations in Tables 2, 3, 4 and 5 as defined in the Security Policy. The protocol SNMP shall not be used when operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Brocade VDX 6740 and VDX 6740T are fixed form factor VCS enabled 10 GbE / 40 GbE fabric switch for Top of the Rack (TOR) fabric deployments. The Brocade VDX 6940 switches are fixed form factor VCS enabled 10 GbE / 40 GbE fabric switch for high density 10GbE switch for the TOR or Middle of the Row (MOR) or for End of the Row (EOR) configurations. The Brocade VDX 8770 Switch is designed to scale out Brocade VCS Fabrics (VCS) and support complex environments with dense virtualization and dynamic automation requirements.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2769", "Certificate Number": "2769", "Vendor Name": "KIOXIA Corporation", "Module Name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX model) Type C", "Module Type": "Hardware", "Validation Date": "10/13/201610/02/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2769.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2769", "detail_available": true, "module_name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX model) Type C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive is used for solid state drive data security. This Cryptographic Module (CM) provides various cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, cryptographic erase, independently protected user data LBA bands, and FW download." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2768", "Certificate Number": "2768", "Vendor Name": "Legion of the Bouncy Castle Inc.", "Module Name": "BC-FJA (Bouncy Castle FIPS Java API)", "Module Type": "Software", "Validation Date": "10/12/201603/26/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2768.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2768", "detail_available": true, "module_name": "BC-FJA (Bouncy Castle FIPS Java API)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well.", "algorithms": [ "AES", "CVL", "DES", "DSA", "ECDSA", "HMAC", "KAS", "KDF", "KTS", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2767", "Certificate Number": "2767", "Vendor Name": "Kaspersky Lab UK Ltd.", "Module Name": "Kaspersky Cryptographic Module (Kernel Mode)", "Module Type": "Software", "Validation Date": "10/11/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2767.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2767", "detail_available": true, "module_name": "Kaspersky Cryptographic Module (Kernel Mode)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Kaspersky Cryptographic Module (Kernel Mode) is a Windows kernel driver that provides cryptographic services for various Kaspersky Lab applications.", "algorithms": [ "AES", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2766", "Certificate Number": "2766", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series", "Module Type": "Hardware", "Validation Date": "10/11/201603/07/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2766.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2766", "detail_available": true, "module_name": "Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series, is a FIPS 140-2 Level 2 SSD (Solid State Drive), supporting TCG Enterprise SSC based SED (Self-Encrypting Drive) features, designed to protect unauthorized access to the user data stored in its NAND Flash memories. The built-in AES HW engines in the cryptographic module’s controller provide on-the-fly encryption and decryption of the user data without performance loss. The SED’s nature also provides instantaneous sanitization of the user data via cryptographic erase." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2765", "Certificate Number": "2765", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiOS 5.2", "Module Type": "Firmware", "Validation Date": "10/07/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2765.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2765", "detail_available": true, "module_name": "FortiOS 5.2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiOS is a firmware based operating system that runs exclusively on Fortinet's FortiGate/FortiWiFi product family. The FortiOS provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering and traffic shaping and HA capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2764", "Certificate Number": "2764", "Vendor Name": "nCipher Security Limited", "Module Name": "nShield Remote Administration Token", "Module Type": "Hardware", "Validation Date": "10/06/201601/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2764.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2764", "detail_available": true, "module_name": "nShield Remote Administration Token", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The nShield Remote Administration Token is a single chip smart card micro-controller implementing the Global Platform operational environment, with Card Manager and the Authentication Token Applet. It implements the Remote Administration Card which enables the remote administration of Thales nShield Hardware Security Modules.", "algorithms": [ "AES", "CVL", "DRBG", "ECDH", "ECDSA", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2763", "Certificate Number": "2763", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® z/OS® Version 2 Release 1 ICSF PKCS #11 Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "10/06/201602/20/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2763.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2763", "detail_available": true, "module_name": "IBM® z/OS® Version 2 Release 1 ICSF PKCS #11 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module IBM(R) z/OS(R) Version 2 Release 1 Security Server RACF(R) Signature Verification Module version 1.0 validated to FIPS 140-2 under Cert. #2691 operating in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "ICSF is a software element of z/OS that works with hardware cryptographic features and the Security Server (RACF) to provide secure, high-speed cryptographic services in the z/OS environment. ICSF, which runs as a started task, provides the application programming interfaces by which applications request the cryptographic services.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2762", "Certificate Number": "2762", "Vendor Name": "VT iDirect, Inc.", "Module Name": "Evolution e8350-FIPSL2 Satellite Router Board [1], iConnex e800-FIPSL2 Satellite Router Board [2], iConnex e850MP-FIPSL2 Satellite Router Board [3], Evolution eM1D1-FIPSL2 Line Card [4], and Evolution eM0DM-FIPSL2 Line Card [5]", "Module Type": "Hardware", "Validation Date": "10/03/201606/17/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2762.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2762", "detail_available": true, "module_name": "Evolution e8350-FIPSL2 Satellite Router Board [1], iConnex e800-FIPSL2 Satellite Router Board [2], iConnex e850MP-FIPSL2 Satellite Router Board [3], Evolution eM1D1-FIPSL2 Line Card [4], and Evolution eM0DM-FIPSL2 Line Card [5]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "iDirect's AES-based bidirectional TRANSEC, combined with other system features such as cutting-edge coding techniques, acceleration and compression provides a fully integrated IP networking solution where security, performance and bandwidth efficiency are critical.", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2761", "Certificate Number": "2761", "Vendor Name": "Ionic Security Inc.", "Module Name": "FIPS Crypto Module", "Module Type": "Software", "Validation Date": "09/27/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2761.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2761", "detail_available": true, "module_name": "FIPS Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Section 3 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Ionic Security’s Fusion Platform implements the FIPS Crypto Module for all cryptographic functions such as key pair generation, digital signature generation/ and verification, encryption and decryption, hashing functions, and message authentication.", "algorithms": [ "AES", "DRBG", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2760", "Certificate Number": "2760", "Vendor Name": "Hewlett Packard®, Enterprise", "Module Name": "HPE XP7 Encryption Ready Disk Adapter (eDKA)", "Module Type": "Hardware", "Validation Date": "09/27/201608/01/201710/06/201710/01/201906/19/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2760.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2760", "detail_available": true, "module_name": "HPE XP7 Encryption Ready Disk Adapter (eDKA)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 8.1 and 8.2 of the Security Policy. The tamper evident seals installed as indicated in Section 1.1 of the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The HPE XP7 Encryption Ready Disk Adapter (eDKA) provides high speed data at rest encryption for HPE storage.", "algorithms": [ "AES", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2759", "Certificate Number": "2759", "Vendor Name": "Utimaco IS GmbH", "Module Name": "CryptoServer CSe", "Module Type": "Hardware", "Validation Date": "09/26/201610/03/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2759.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2759", "detail_available": true, "module_name": "CryptoServer CSe", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "CryptoServer CSe is an encapsulated, tamper-protected hardware security module which provides secure cryptographic services like encryption or decryption, hashing, signing and verification of data, random number generation, on-board secure key generation, key storage and further key management functions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2758", "Certificate Number": "2758", "Vendor Name": "Chunghwa Telecom Co., Ltd.", "Module Name": "HiKey PKI Token", "Module Type": "Hardware", "Validation Date": "09/26/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2758.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2758", "detail_available": true, "module_name": "HiKey PKI Token", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "With tamper evident seals as indicated in the Security Policy. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The HiKey token modules are multi-chip standalone implementations of a cryptographic module. The Hikey token modules are USB tokens that adhere to ISO/IEC specifications for Integrated Circuit Chip (ICC) based identification cards." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2757", "Certificate Number": "2757", "Vendor Name": "Dell EMC", "Module Name": "EMC Data Domain Crypto-C Micro Edition", "Module Type": "Software", "Validation Date": "09/26/201612/10/201910/02/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2757.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2757", "detail_available": true, "module_name": "EMC Data Domain Crypto-C Micro Edition", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Data encryption module used for encrypting and decrypting all stored user data." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2756", "Certificate Number": "2756", "Vendor Name": "iboss, Inc.", "Module Name": "FireSphere 7960", "Module Type": "Hardware", "Validation Date": "09/26/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2756.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2756", "detail_available": true, "module_name": "FireSphere 7960", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The iboss FireSphere 14600 and 7960 are part of the iboss Secure Web Gateway Platform, which protects enterprise organizations against today’s evasive and complex threats including unknown malware, zero-day attacks and advanced persistent threats (APTS). iboss technology delivers post-infection defense with Network Anomaly Detection and Automatic Infection Containment to reduce data loss, and provides comprehensive reporting via the Incident Response Center, which correlates threat information from threat feeds and millions of endpoints to deliver actionable intelligence in real time." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2755", "Certificate Number": "2755", "Vendor Name": "iboss, Inc.", "Module Name": "FireSphere 14600", "Module Type": "Hardware", "Validation Date": "09/26/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2755.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2755", "detail_available": true, "module_name": "FireSphere 14600", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The iboss FireSphere 14600 and 7960 are part of the iboss Secure Web Gateway Platform, which protects enterprise organizations against today’s evasive and complex threats including unknown malware, zero-day attacks and advanced persistent threats (APTS). iboss technology delivers post-infection defense with Network Anomaly Detection and Automatic Infection Containment to reduce data loss, and provides comprehensive reporting via the Incident Response Center, which correlates threat information from threat feeds and millions of endpoints to deliver actionable intelligence in real time." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2754", "Certificate Number": "2754", "Vendor Name": "Christie Digital Systems Canada Inc.", "Module Name": "Christie IMB-S2 4K Integrated Media Block (IMB)", "Module Type": "Hardware", "Validation Date": "09/22/201611/30/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2754.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2754", "detail_available": true, "module_name": "Christie IMB-S2 4K Integrated Media Block (IMB)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. The protocol TLS KDF shall not be used when operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Christie IMB-S2 is a DCI-compliant solution to enable the playback of the video, audio and timed text essence on a 2K or 4K DLP Series-II digital cinema projector. The IMB-S2 utilizes an integrated SMS and permits the playback of alternative content and High Frame Rate (HFR) material." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2753", "Certificate Number": "2753", "Vendor Name": "DataLocker Inc.", "Module Name": "Sentry 3 FIPS Series USB Flash Drive", "Module Type": "Hardware", "Validation Date": "09/21/201612/01/201608/01/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2753.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2753", "detail_available": true, "module_name": "Sentry 3 FIPS Series USB Flash Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Sentry 3 FIPS is a Secure USB 3.0 flash drive with 256-bit AES hardware encryption and PKI operations combined with strong, built-in password protection capabilities to help control user access to sensitive data and critical applications. The Sentry 3 FIPS allows enterprise class device management features like policy updates, password recovery and remote kill features." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2752", "Certificate Number": "2752", "Vendor Name": "Cambium Networks, Ltd.", "Module Name": "PTP 820C, PTP 820S, PTP 820N, PTP 820A, PTP 820G and PTP 820GX.", "Module Type": "Hardware", "Validation Date": "09/21/201610/26/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2752.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2752", "detail_available": true, "module_name": "PTP 820C, PTP 820S, PTP 820N, PTP 820A, PTP 820G and PTP 820GX.", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "PTP 820 is a Point-to-Point wireless broadband solution for mission-critical communications in government, industrial and public safety spaces. Integrated with leading networking functionality with the industry most advanced microwave technologies, the platform creates a superior transport solution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2751", "Certificate Number": "2751", "Vendor Name": "SonicWall, Inc.", "Module Name": "SonicWALL NSA Series 2600, 3600, 4600, 5600", "Module Type": "Hardware", "Validation Date": "09/19/201606/12/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2751.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2751", "detail_available": true, "module_name": "SonicWALL NSA Series 2600, 3600, 4600, 5600", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. The protocols SSH and SNMP shall not be used when operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Enterprise-class security and performance made afordable for small- to medium-sized business. The NSA Series offers industry leading next-generation firewall protection, performance, and scalability. A suite of tools, including intrusion prevention, gateway anti-virus, and anti-spyware plus application intelligence and control, offer granular control through application blocking, bandwidth management and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2750", "Certificate Number": "2750", "Vendor Name": "SonicWall, Inc.", "Module Name": "SonicWALL NSA Series SM 9600, SM 9400, SM 9200, NSA 6600", "Module Type": "Hardware", "Validation Date": "09/19/201606/12/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2750.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2750", "detail_available": true, "module_name": "SonicWALL NSA Series SM 9600, SM 9400, SM 9200, NSA 6600", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. The protocols SSH and SNMP shall not be used when operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The SonicWALL™ SuperMassive™ 9000 Series Next-Generation Firewall (NGFW) is designed to deliver deep security to your enterprise at multi-gigbit speeds. Offering the ultimate in security with enterprise class performance, the SuperMassive 9000 Series detects and blocks the most sophisticated threats before they can enter your network with minimal latency for every connection on the network. Its multicore design can gracefully handle traffic spikes without impacting network performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2749", "Certificate Number": "2749", "Vendor Name": "SonicWall, Inc.", "Module Name": "SonicWALL TZ Series TZ 300, TZ 300W, TZ 400, TZ 400W, TZ 500, TZ 500W and TZ 600", "Module Type": "Hardware", "Validation Date": "09/19/201606/12/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2749.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2749", "detail_available": true, "module_name": "SonicWALL TZ Series TZ 300, TZ 300W, TZ 400, TZ 400W, TZ 500, TZ 500W and TZ 600", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. The protocols SSH and SNMP shall not be used when operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Deliver full-featured security that combines intrusion prevention, gateway anti-virus, anti-spyware, content filtering and anti-spam services, with intuitive, easy-to-use SonicWall TZ Series firewalls." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2748", "Certificate Number": "2748", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 4506-E with Supervisor Cards (WS-X45-SUP7-E and WS-X45-Sup7L-E) and Line Cards (WS-X4748-RJ45-E and WS-X4748-RJ45V+E)", "Module Type": "Hardware", "Validation Date": "09/16/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2748.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2748", "detail_available": true, "module_name": "Cisco Catalyst 4506-E with Supervisor Cards (WS-X45-SUP7-E and WS-X45-Sup7L-E) and Line Cards (WS-X4748-RJ45-E and WS-X4748-RJ45V+E)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Catalyst 4500 Series switches are Cisco`s leading modular switches for borderless access and price/performance distribution deployments. They offer best-in-class investment protection with forward and backward compatibility and deep application visibility with Flexible NetFlow. The Catalyst 4500 series switch meets FIPS 140-2 overall Level 1 requirements as multi-chip standalone module. The switch includes cryptographic algorithms implemented in IOS-XE software as well as hardware ASICs. The module provides 802.1X-rev.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2747", "Certificate Number": "2747", "Vendor Name": "Gemalto", "Module Name": "IDPrime MD 830-revB", "Module Type": "Hardware", "Validation Date": "09/16/201604/03/201808/02/201805/31/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2747.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2747", "detail_available": true, "module_name": "IDPrime MD 830-revB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "IDPrime MD 830-revB is a Minidriver enabled PKI smartcards, working seamlessly with any Microsoft® environment (without any additional middleware), and offering all the necessary services (with either RSA or Elliptic curves algorithms) to secure an IT Security and ID access infrastructure.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDH", "ECDSA", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2746", "Certificate Number": "2746", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung BoringSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "09/16/201609/29/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2746.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2746", "detail_available": true, "module_name": "Samsung BoringSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Provides general purpose cryptographic services to user-space applications on the mobile platform for the protection of data.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2745", "Certificate Number": "2745", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Aironet 1532e/i, 1552e/i, 1572, 1602e/i, 1702, 2602e/i, 2702e/i, 3502e/i, 3602e/i/p and 3702e/i/p Wireless LAN Access Points", "Module Type": "Hardware", "Validation Date": "09/15/201603/09/201703/22/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2745.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2745", "detail_available": true, "module_name": "Cisco Aironet 1532e/i, 1552e/i, 1572, 1602e/i, 1702, 2602e/i, 2702e/i, 3502e/i, 3602e/i/p and 3702e/i/p Wireless LAN Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seals installed as indicated in the Security Policy. This validation entry is a non-security relevant modification to Cert. #2421", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Cisco Aironet Series Wireless Access Points provide highly secure and reliable wireless connections for both indoor and outdoor environments.", "algorithms": [ "AES", "CVL", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2744", "Certificate Number": "2744", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung SCrypto", "Module Type": "Software", "Validation Date": "09/13/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2744.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2744", "detail_available": true, "module_name": "Samsung SCrypto", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SCrypto is secure library which is used to provide a standardized common cryptographic API to trusted applications for the secure world/TEE environment.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2743", "Certificate Number": "2743", "Vendor Name": "Chunghwa Telecom Co., Ltd. and Oberthur Technologies", "Module Name": "HiCOS PKI Applet and Taiwan eID Applet on Oberthur Technologies ID-One Cosmo V8", "Module Type": "Hardware", "Validation Date": "09/13/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2743.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2743", "detail_available": true, "module_name": "HiCOS PKI Applet and Taiwan eID Applet on Oberthur Technologies ID-One Cosmo V8", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The HiCOS PKI Applet is a Javacard applet that provides security for stored user data and credentials and an easy to use interface to PKI services. Taiwan eID Applet is a Javacard applet that stores personal information related to the card holder and supports the authentication mechanisms described in ICAO and EAC specifications with a fully configurable access control management over the Data Groups (DG).", "algorithms": [ "DRBG" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2742", "Certificate Number": "2742", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux Kernel Crypto API Cryptographic Module v4.0", "Module Type": "Software", "Validation Date": "09/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2742.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2742", "detail_available": true, "module_name": "Red Hat Enterprise Linux Kernel Crypto API Cryptographic Module v4.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules Red Hat Enterprise Linux NSS Cryptographic Module v4.0 validated to FIPS 140-2 under Cert. #2711 operating in FIPS mode and Red Hat Enterprise Linux Libreswan Cryptographic Module v4.0 validated to FIPS 140-2 under Cert. #2721 operating in FIPS mode. The module generates random strings whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Linux kernel Crypto API implemented in Red Hat Enterprise Linux 7.1 provides services operating inside the Linux kernel with various ciphers, message digests and an approved random number generator." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2741", "Certificate Number": "2741", "Vendor Name": "IBM Security", "Module Name": "IBM Security Modular Extensible Security Architecture", "Module Type": "Software", "Validation Date": "09/08/201612/20/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2741.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2741", "detail_available": true, "module_name": "IBM Security Modular Extensible Security Architecture", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "IBM MESA (Modular Extensible Security Architecture) is an appliance framework hosting applications in a secure environment and providing all cryptographic or other security-relevant functions to the application. For example: IBM XGS-virtual is a specific application instance hosted in this fashion." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2740", "Certificate Number": "2740", "Vendor Name": "Rajant Corporation", "Module Name": "Rajant BreadCrumb ME4-2409", "Module Type": "Hardware", "Validation Date": "09/08/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2740.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2740", "detail_available": true, "module_name": "Rajant BreadCrumb ME4-2409", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The BreadCrumb by Rajant Corporation is an 802.11 (Wi-Fi) and Ethernet compatible wireless mesh networking device that allows for rapid deployment of mobile wireless networks in a wide variety of environments. It is lightweight, capable of communicating via up to four different radio frequencies, and is designed to be completely mobile as carried by a vehicle or an individual. BreadCrumb devices automatically detect other BreadCrumb devices and dynamically route packets through the resulting wireless mesh on behalf of commercially available off-the-shelf client devices." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2739", "Certificate Number": "2739", "Vendor Name": "Rajant Corporation", "Module Name": "Rajant BreadCrumb LX4-2495 and LX4-2954", "Module Type": "Hardware", "Validation Date": "09/08/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2739.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2739", "detail_available": true, "module_name": "Rajant BreadCrumb LX4-2495 and LX4-2954", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The BreadCrumb by Rajant Corporation is an 802.11 (Wi-Fi) and Ethernet compatible wireless mesh networking device that allows for rapid deployment of mobile wireless networks in a wide variety of environments. It is lightweight, capable of communicating via up to four different radio frequencies, and is designed to be completely mobile as carried by a vehicle or an individual. BreadCrumb devices automatically detect other BreadCrumb devices and dynamically route packets through the resulting wireless mesh on behalf of commercially available off-the-shelf client devices." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2738", "Certificate Number": "2738", "Vendor Name": "APCON, Inc.", "Module Name": "ACI-3002-S Controller", "Module Type": "Hardware", "Validation Date": "09/07/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2738.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2738", "detail_available": true, "module_name": "ACI-3002-S Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The ACI-3002-S is a Linux based control module designed to manage and control APCON's XR series product family while operating in FIPS-140-2 compliant mode.", "algorithms": [ "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2737", "Certificate Number": "2737", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® Security QRadar® SIEM", "Module Type": "Hardware", "Validation Date": "09/02/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2737.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2737", "detail_available": true, "module_name": "IBM® Security QRadar® SIEM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3. The tamper evident seals and baffles installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "IBM® Security QRadar® FIPS Appliance consolidates log source event data from thousands of devices endpoints and applications distributed throughout a network. The IBM Security QRadar FIPS Appliance provides a secure platform that meets FIPS 140-2 Level 2 requirements while allowing organizations to meet current and emerging compliance mandates.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2736", "Certificate Number": "2736", "Vendor Name": "Tanium, Inc.", "Module Name": "Tanium Cryptographic Module", "Module Type": "Software", "Validation Date": "09/02/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2736.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2736", "detail_available": true, "module_name": "Tanium Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy. When operating with the BCRYPTPRIMITIVES.DLL module validated to FIPS 140-2 under Certificates #1329, #1336, and #1892 operating in FIPS Mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Tanium Cryptographic Module underpins Tanium's security management platform. Tanium's platform is a security and configuration management solution that provides instant visibility and allows enterprises to collect data and update machines in any-sized network, in seconds. Tanium's platform is able to query information from hundreds of thousands of machines in seconds because of its intelligent peer-to-peer communication model. This speed means that information is current and accurate when assessing a security threat or vulnerability.", "algorithms": [ "AES", "DRBG", "ECDSA", "HMAC", "KDF", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2735", "Certificate Number": "2735", "Vendor Name": "Vormetric, Inc.", "Module Name": "Vormetric Data Security Manager Virtual Appliance Module", "Module Type": "Software", "Validation Date": "09/02/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2735.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2735", "detail_available": true, "module_name": "Vormetric Data Security Manager Virtual Appliance Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The protocol SSH shall not be used when operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Vormetric Data Security Virtual Appliance Module is a multi-chip standalone cryptographic module. The Vormetric Data Security Virtual Appliance Module is the central point of management for the Vormetric Data Security product. It manages keys and policies, and controls Vormetric Transparent Encryption Agents. These agents contain the Vormetric Encryption Expert Cryptographic Module, which has been validated separately from this module." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2734", "Certificate Number": "2734", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks LN1000 Mobile Secure Router", "Module Type": "Hardware", "Validation Date": "09/02/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2734.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2734", "detail_available": true, "module_name": "Juniper Networks LN1000 Mobile Secure Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper-evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Juniper Networks LN1000 Mobile Secure Router is a secure router that provides essential capabilities to connect, secure, and manage work force locations sized from handfuls to hundreds of users. The LN1000 provides high-performance network routing, next-generation firewall and intrusion prevention system (IPS) capabilities, and unified threat management in a standard VPX form factor." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2733", "Certificate Number": "2733", "Vendor Name": "Cavium Inc.", "Module Name": "NITROXIII CNN35XX-NFBE HSM Family", "Module Type": "Hardware", "Validation Date": "09/01/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2733.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2733", "detail_available": true, "module_name": "NITROXIII CNN35XX-NFBE HSM Family", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "CNN35XX-NFBE HSM Family is a high performance purpose built solution for key management and crypto acceleration compliance to FIPS 140-2. The module supports flexible key store that can be partitioned up to 32 individually managed and isolated partitions. This is a SRIOV capable PCIe adapter and can be used in virtualization environment to extend services like virtual key management, crypto and TLS offloads to VMs in dedicated I/O channels. This product is suitable for PKI vendors, SSL servers/load balancers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2732", "Certificate Number": "2732", "Vendor Name": "Western Digital Corporation", "Module Name": "Ultrastar® He¹º and Ultrastar® DC HC510 TCG Enterprise HDD", "Module Type": "Hardware", "Validation Date": "09/01/201609/07/201611/17/201612/09/201602/14/201702/22/201706/02/201710/04/201710/13/201704/19/201807/27/201812/06/201812/11/201802/19/201904/30/201907/26/201904/22/202011/24/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2732.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2732", "detail_available": true, "module_name": "Ultrastar® He¹º and Ultrastar® DC HC510 TCG Enterprise HDD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Sections 2.1 and 7.2 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Self-encrypting Ultrastar® He¹º and Ultrastar® DC HC510 TCG Enterprise HDDs, from Western Digital, meet or exceed the most demanding performance and security requirements. They incorporate third-generation HelioSeal® technology, use PMR technology and are the industry's first 10TB drive that is drop-in ready for any enterprise-capacity application or environment. Targeted at 2.5M hours MTBF, the Ultrastar He¹º and Ultrastar DC HC510 provide the highest reliability rating available of all HDDs on the market today. They build on the design success of their 8TB and 6TB predecessors." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2731", "Certificate Number": "2731", "Vendor Name": "Kingston Technology Company, Inc.", "Module Name": "IronKey D300 Series USB Flash Drive", "Module Type": "Hardware", "Validation Date": "08/31/201602/13/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2731.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2731", "detail_available": true, "module_name": "IronKey D300 Series USB Flash Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Kingston's IronKey D300 Series USB Flash Drive is assembled in the US for organizations that require a secure way to store and transfer portable data. The stored data is secured by hardware-based AES-256 encryption to guard sensitive information in case the drive is lost or stolen." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2730", "Certificate Number": "2730", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SRX5400, SRX5600, and SRX5800 Services Gateways", "Module Type": "Hardware", "Validation Date": "08/31/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2730.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2730", "detail_available": true, "module_name": "Juniper Networks SRX5400, SRX5600, and SRX5800 Services Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper-evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Juniper Networks SRX Series Services Gateways provide the essential capabilities necessary to connect, secure, and manage enterprise and service provider networks, from the smallest sites to the largest headquarters and data centers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2729", "Certificate Number": "2729", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade® FCX 624/648, ICX 6450, ICX 7750, ICX 7250 and SX 800/1600 Series", "Module Type": "Hardware", "Validation Date": "08/31/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2729.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2729", "detail_available": true, "module_name": "Brocade® FCX 624/648, ICX 6450, ICX 7750, ICX 7250 and SX 800/1600 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed and with the configurations in Tables 4, 5, 13 and 14 as defined in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FastIron SX series chassis devices are modular switches that provide the enterprise network with a complete end-to-end Enterprise LAN solution. The ICX series is an access layer Gigabit Ethernet switch designed from the ground up for the enterprise data center environment. Brocade ICX 6450 switches provide stackable LAN switching solutions to meet the growing demands of campus networks, and the Brocade ICX 7750 is a 10/40 GbE Ethernet switch. The Brocade ICX7250 Switch delivers the performance and scalability required for enterprise Gigabit Ethernet (GbE) access deployments.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2728", "Certificate Number": "2728", "Vendor Name": "BlackBerry Limited", "Module Name": "BlackBerry Linux Kernel Cryptographic Module", "Module Type": "Software", "Validation Date": "08/29/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2728.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2728", "detail_available": true, "module_name": "BlackBerry Linux Kernel Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the Security Policy Appendix C", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The BlackBerry Linux Kernel Cryptographic Module is a software-only external Linux Kernel module that provides general-purpose cryptographic services to the remainder of the kernel. The BlackBerry Linux Kernel Cryptographic Module expands the secure capabilities and features BlackBerry is known for, to devices running operating systems other than the BlackBerry OS." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2727", "Certificate Number": "2727", "Vendor Name": "Hitachi, Ltd.", "Module Name": "Hitachi Virtual Storage Platform (VSP) Encryption Adapter", "Module Type": "Hardware", "Validation Date": "08/29/201610/04/201603/13/201708/01/201710/06/201703/21/201903/30/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2727.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2727", "detail_available": true, "module_name": "Hitachi Virtual Storage Platform (VSP) Encryption Adapter", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 8.1 and 8.2 of the Security Policy. The tamper evident seals installed as indicated in Section 1.1 of the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Hitachi Virtual Storage Platform (VSP) Encryption Adapter provides high speed data at rest encryption for Hitachi storage.", "algorithms": [ "AES", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2726", "Certificate Number": "2726", "Vendor Name": "Sony Mobile Communications, Inc.", "Module Name": "Xperia Cryptographic Module", "Module Type": "Software", "Validation Date": "08/29/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2726.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2726", "detail_available": true, "module_name": "Xperia Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Xperia Cryptographic Module provides a functionality/service, intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2725", "Certificate Number": "2725", "Vendor Name": "Digital Arts America, Inc.", "Module Name": "FinalCode FIPS Crypto Module", "Module Type": "Software", "Validation Date": "08/29/201604/08/202005/15/202002/11/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2725.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2725", "detail_available": true, "module_name": "FinalCode FIPS Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #2038.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "FinalCode FIPS Crypto Module is a standards-based cryptographic engine for FinalCode that delivers cryptographic functions within and between FinalCode components for secure key management, file data at rest encryption, authentication and secure communications as part of our file IRM platform.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2724", "Certificate Number": "2724", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 3560-CX Switch", "Module Type": "Hardware", "Validation Date": "08/29/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2724.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2724", "detail_available": true, "module_name": "Cisco Catalyst 3560-CX Switch", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Cisco Catalyst Switches provide enterprise-class access for campus and branch applications. Designed for operational simplicity to lower total cost of ownership, they enable scalable, secure and energy-efficient business operations with intelligent services and a range of advanced Cisco IOS Software features. The Catalyst Switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2723", "Certificate Number": "2723", "Vendor Name": "Gemalto", "Module Name": "IDCore 30-revB", "Module Type": "Hardware", "Validation Date": "08/26/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2723.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2723", "detail_available": true, "module_name": "IDCore 30-revB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode with module IDPrime MD 830-revB validated to FIPS 140-2 under Cert. #2714 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "IDCore 30-revB is a highly secured smartcard platform compliant with Javacard 2.2.2, Global Platform 2.1.1 & 2.2 Amendment D standards, designed to operate with Infineon SLE78 chip family. The library implements TDEA, AES, AES-CMAC, SHA1-224-256-384-512, RSA, RSA CRT, ECDSA, ECC CDH and SP800-90A RNG algorithms.", "algorithms": [ "AES", "DES", "DRBG", "ECDSA", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2722", "Certificate Number": "2722", "Vendor Name": "SPYRUS, Inc.", "Module Name": "SPYRUS MDTU-P384 Encryption Module", "Module Type": "Hardware", "Validation Date": "08/26/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2722.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2722", "detail_available": true, "module_name": "SPYRUS MDTU-P384 Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The MDTU P-384 module is a Suite B cryptographic storage device featuring XTS-AES 256-bit full disk encryption and P-384 based digital signature services. The device is fully adapted for the storage and protection of sensitive data assets and provides an automated secure data exchange service with external devices by way of a high strength authentication mechanism. The physical security and capabilities of this module make it ideal for secure transfer of essential assets in mission-critical applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2721", "Certificate Number": "2721", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux Libreswan Cryptographic Module v4.0", "Module Type": "Software", "Validation Date": "08/29/201612/20/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2721.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2721", "detail_available": true, "module_name": "Red Hat Enterprise Linux Libreswan Cryptographic Module v4.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "With module Red Hat Enterprise Linux NSS Cryptographic Module v4.0 validated to FIPS 140-2 under Cert. #2711 operating in FIPS mode and Red Hat Enterprise Linux 7.1 OpenSSL Module validated to FIPS 140-2 under Cert. #2441 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Red Hat Enterprise Linux Libreswan Cryptographic Module v4.0 is a software only cryptographic module that provides the IKE protocol version 1 and version 2 key agreement services required for IPSec." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2720", "Certificate Number": "2720", "Vendor Name": "Intel Corporation", "Module Name": "Cryptographic Module for Intel® vPro™ Platforms' Security Engine Chipset", "Module Type": "Firmware-Hybrid", "Validation Date": "08/26/201607/18/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2720.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2720", "detail_available": true, "module_name": "Cryptographic Module for Intel® vPro™ Platforms' Security Engine Chipset", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The Cryptographic Module for Intel® vPro™ Platforms' Security Engine Chipset is a hybrid cryptographic module present on recent Intel® vPro™ platforms. The Security Engine Chipset consists of both hardware and firmware that are utilized by the Management Engine (ME) of vProTM platforms. The hardware and firmware combine to perform cryptographic functions within the Intel® vPro™ ME for applications executing in the ME." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2719", "Certificate Number": "2719", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SRX1400, SRX3400, and SRX3600 Services Gateways", "Module Type": "Hardware", "Validation Date": "08/24/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2719.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2719", "detail_available": true, "module_name": "Juniper Networks SRX1400, SRX3400, and SRX3600 Services Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper-evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Juniper Networks SRX Series Services Gateways provide the essential capabilities necessary to connect, secure, and manage enterprise and service provider networks, from the smallest sites to the largest headquarters and data centers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2718", "Certificate Number": "2718", "Vendor Name": "Christie Digital Systems Canada Inc.", "Module Name": "Christie F-IMB 4K Integrated Media Block (IMB)", "Module Type": "Hardware", "Validation Date": "08/22/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2718.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2718", "detail_available": true, "module_name": "Christie F-IMB 4K Integrated Media Block (IMB)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Christie F-IMB is a DCI-compliant solution to enable the playback of the video, audio and timed text essence on a Christie digital cinema projector with the Fusion architecture. The F-IMB permits the playback of alternative content and High Frame Rate (HFR) material." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2717", "Certificate Number": "2717", "Vendor Name": "Digital Arts America, Inc.", "Module Name": "FinalCode FIPS Crypto Module for Mobile", "Module Type": "Software", "Validation Date": "08/22/201604/09/202005/15/202002/11/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2717.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2717", "detail_available": true, "module_name": "FinalCode FIPS Crypto Module for Mobile", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #1938.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "FinalCode FIPS Crypto Module for Mobile is a standards-based cryptographic engine for FinalCode that delivers cryptographic functions within and between FinalCode mobile components for secure key management, file data at rest encryption, authentication and secure communications as part of our file IRM platform.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2716", "Certificate Number": "2716", "Vendor Name": "HGST, a Western Digital company", "Module Name": "HGST Ultrastar® SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD", "Module Type": "Hardware", "Validation Date": "08/22/201608/25/201609/16/201611/08/201611/09/201703/07/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2716.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2716", "detail_available": true, "module_name": "HGST Ultrastar® SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Sections 2.1 and 7.2 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "HGST's self-encrypting Ultrastar SSD800/1600 TCG Enterprise SSDs Drives implement TCG Storage specifications that meet or exceed the most demanding performance and security requirements. The Ultrastar SSD800/1600 family combines enterprise-grade MLC NAND Flash memory and advanced endurance management firmware. The power loss data management techniques extend reliability, endurance, and sustained performance over the life of the SSD." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2715", "Certificate Number": "2715", "Vendor Name": "IBM® Corporation", "Module Name": "IBM Java JCE FIPS 140-2 Cryptographic Module", "Module Type": "Software", "Validation Date": "08/22/201604/10/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2715.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2715", "detail_available": true, "module_name": "IBM Java JCE FIPS 140-2 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2714", "Certificate Number": "2714", "Vendor Name": "Gemalto", "Module Name": "IDPrime MD 830-revB", "Module Type": "Hardware", "Validation Date": "08/19/201601/24/201808/02/201805/31/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2714.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2714", "detail_available": true, "module_name": "IDPrime MD 830-revB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "IDPrime MD 830-revB is a Minidriver enabled PKI smartcards, working seamlessly with any Microsoft® environment (without any additional middleware), and offering all the necessary services (with either RSA or Elliptic curves algorithms) to secure an IT Security and ID access infrastructure.", "algorithms": [ "AES", "DES", "DRBG", "ECDH", "ECDSA", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2713", "Certificate Number": "2713", "Vendor Name": "INTEGRITY Security Services", "Module Name": "INTEGRITY Security Services High Assurance Embedded Cryptographic Toolkit", "Module Type": "Firmware", "Validation Date": "08/18/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2713.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2713", "detail_available": true, "module_name": "INTEGRITY Security Services High Assurance Embedded Cryptographic Toolkit", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 2.4.1 of the Security Policy. No assurance of the minimum strength of generated keys.", "module_type": "Firmware", "embodiment": "Multi-Chip Embedded", "description": "Green Hills Software/INTEGRITY Security Services (ISS) ECT is a standards-based crypto toolkit providing a flexible framework to integrate encryption, digital signatures and other security mechanisms into a wide range of applications. ISS ECT is designed to support multiple cryptographic providers with a single common API, easily targeted to a variety of Operating Systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2712", "Certificate Number": "2712", "Vendor Name": "Imprivata", "Module Name": "Imprivata FIPS 140-2 Cryptographic Module", "Module Type": "Software", "Validation Date": "08/16/201609/17/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2712.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2712", "detail_available": true, "module_name": "Imprivata FIPS 140-2 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Imprivata delivers best in class solutions that optimize clinical workflow efficiency and enhance care delivery. OneSign® offers single sign-on, authentication management, and virtual desktop roaming enabling fast, secure No Click Access® to clinical applications and patient information, anytime, anywhere and from any device. Cortext® enables clinicians to securely collaborate across care teams and organizations. Confirm ID™ is the comprehensive identity and two-factor authentication platform for remote access, EPCS and medical device access.", "algorithms": [ "AES", "DES", "HMAC", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2711", "Certificate Number": "2711", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux NSS Cryptographic Module v4.0", "Module Type": "Software", "Validation Date": "08/15/201612/19/201601/30/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2711.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2711", "detail_available": true, "module_name": "Red Hat Enterprise Linux NSS Cryptographic Module v4.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major Internet security standards. NSS is available free of charge under a variety of open source compatible licenses. See http://www.mozilla.org/projects/security/pki/nss/" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2710", "Certificate Number": "2710", "Vendor Name": "GDC Technology (USA), LLC", "Module Name": "Standalone IMB", "Module Type": "Hardware", "Validation Date": "08/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2710.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2710", "detail_available": true, "module_name": "Standalone IMB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "A digital cinema standalone integrated media block that is compliant with DCI specifications and SMPTE digital cinema standards. The supported features include JPEG2000 decoding, AES decryption, key management and logging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2709", "Certificate Number": "2709", "Vendor Name": "KIOXIA Corporation", "Module Name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX model) Type A", "Module Type": "Hardware", "Validation Date": "08/11/201608/26/201609/29/201610/02/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2709.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2709", "detail_available": true, "module_name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX model) Type A", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive is used for solid state drive data security. This Cryptographic Module (CM) provides various cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, cryptographic erase, independently protected user data LBA bands, and FW download." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2708", "Certificate Number": "2708", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "08/09/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2708.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2708", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2707", "Certificate Number": "2707", "Vendor Name": "Toshiba Corporation", "Module Name": "Toshiba TCG Enterprise SSC Self-Encrypting Solid State Drive (PX model) Type B", "Module Type": "Hardware", "Validation Date": "08/09/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2707.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2707", "detail_available": true, "module_name": "Toshiba TCG Enterprise SSC Self-Encrypting Solid State Drive (PX model) Type B", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Toshiba TCG Enterprise SSC Self-Encrypting Solid State Drive is used for solid state drive data security. This Cryptographic Module (CM) provides various cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, cryptographic erase, independently protected user data LBA bands, and FW download." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2706", "Certificate Number": "2706", "Vendor Name": "V-Key", "Module Name": "V-Key Cryptographic Module", "Module Type": "Software", "Validation Date": "08/09/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2706.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2706", "detail_available": true, "module_name": "V-Key Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "A software cryptographic module residing within a virtual machine, V-OS that provides a sandboxed operating environment. The Module provides symmetric ciphers, including AES and Triple DES, asymmetric cipher RSA, secure hash functions SHA-1 and SHA-256, message authentication, key derivation and key storage." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2705", "Certificate Number": "2705", "Vendor Name": "ViaSat, Inc.", "Module Name": "Enhanced Bandwidth Efficient Modem (EBEM) Cryptographic Module", "Module Type": "Hardware", "Validation Date": "08/08/201611/17/201601/30/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2705.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2705", "detail_available": true, "module_name": "Enhanced Bandwidth Efficient Modem (EBEM) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seal installed as indicated in the Security Policy for the optional ESEM feature", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Enhanced Bandwidth Efficient Modem (EBEM) is the only commercially-available bandwith efficient modem certified to MIL-STD-188-165B and compliant with STANAG 4486 ed. 3. The MD-1366 defines a new military standard in FDMA for high-speed satellite communications. Using military and commercial satellites at X-, C-, Ku-, and Ka-band frequencies, the MD-1366 delivers much-needed capacity for the military's high speed broadband and multimedia transmissions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2704", "Certificate Number": "2704", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 3750-X Switch", "Module Type": "Hardware", "Validation Date": "08/08/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2704.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2704", "detail_available": true, "module_name": "Cisco Catalyst 3750-X Switch", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Cisco Catalyst Switches provide enterprise-class access for campus and branch applications. Designed for operational simplicity to lower total cost of ownership, they enable scalable, secure and energy-efficient business operations with intelligent services and a range of advanced Cisco IOS Software features. The Catalyst Switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2703", "Certificate Number": "2703", "Vendor Name": "Microsoft Corporation", "Module Name": "BitLocker® Dump Filter (dumpfve.sys) in Microsoft Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub", "Module Type": "Software", "Validation Date": "08/26/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2703.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2703", "detail_available": true, "module_name": "BitLocker® Dump Filter (dumpfve.sys) in Microsoft Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with the module Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB under Cert. #2604 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The BitLocker® Dump Filter (dumpfve.sys) is the full volume encryption filter that resides in the system dump stack. Whenever the dump stack is called (in the event of a system crash or for hibernation), this filter ensures that all data is encrypted before it gets written to the disk as a dump file or hibernation file." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2702", "Certificate Number": "2702", "Vendor Name": "Microsoft Corporation", "Module Name": "BitLocker® Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise", "Module Type": "Software", "Validation Date": "08/26/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2702.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2702", "detail_available": true, "module_name": "BitLocker® Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Boot Manager in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub validated to FIPS 140-2 under Cert. #2700 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "BitLocker® Windows Resume is an operating system loader which loads the Windows OS kernel (ntoskrnl.exe) and other boot stage binary image files, as well as previous operating system state information, when Windows has been previously put into a sleep or hibernate power state." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2701", "Certificate Number": "2701", "Vendor Name": "Microsoft Corporation", "Module Name": "BitLocker® Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub", "Module Type": "Software", "Validation Date": "08/26/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2701.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2701", "detail_available": true, "module_name": "BitLocker® Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Boot Manager in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub validated to FIPS 140-2 under Cert. #2700 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The BitLocker® Windows OS Loader loads the boot-critical driver and OS kernel image files." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2700", "Certificate Number": "2700", "Vendor Name": "Microsoft Corporation", "Module Name": "Boot Manager in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub", "Module Type": "Software", "Validation Date": "08/26/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2700.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2700", "detail_available": true, "module_name": "Boot Manager in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Windows system boot manager is called by the bootstrapping code that resides in the boot sector. It checks its own integrity, checks the integrity of the Windows OS Loader, and then launches it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2699", "Certificate Number": "2699", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Solaris Userland Cryptographic Framework", "Module Type": "Software", "Validation Date": "08/08/201611/03/201602/13/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2699.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2699", "detail_available": true, "module_name": "Oracle Solaris Userland Cryptographic Framework", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy and operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Oracle Solaris Userland Cryptographic Framework module provides cryptographic functionality for any application that calls into it. The module provides encryption, decryption, hashing, secure random number generation, signature generation and verification, certificate generation and verification, message authentication functions, and key pair generation for RSA and DSA. The module can leverage the algorithm acceleration from SPARC and x86 processors when available." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2698", "Certificate Number": "2698", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Solaris Kernel Cryptographic Framework", "Module Type": "Software", "Validation Date": "08/08/201611/03/201602/13/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2698.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2698", "detail_available": true, "module_name": "Oracle Solaris Kernel Cryptographic Framework", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy and operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Oracle Solaris Kernel Cryptographic Framework module provides cryptographic functionality for the kernel module. The module provides encryption, decryption, hashing, signature generation and verification, secure random number generation, and message authentication functions. The module can leverage the algorithm acceleration from SPARC and x86 processors when available." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2697", "Certificate Number": "2697", "Vendor Name": "Ciena® Corporation", "Module Name": "Ciena 6500 Flex3 WaveLogic 3e OCLD Encryption Module", "Module Type": "Hardware", "Validation Date": "08/04/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2697.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2697", "detail_available": true, "module_name": "Ciena 6500 Flex3 WaveLogic 3e OCLD Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 3.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Ciena 6500 Packet-Optical Platform Flex3 WaveLogic 3e OCLD Encryption Module offers an integrated transport encryption solution providing protocol-agnostic 100Gb/s or 200Gb/s wirespeed encryption service for enterprises, datacenters, government and also offered through service providers as differentiated managed service.", "algorithms": [ "AES", "DES", "DRBG", "ECDH", "ECDSA", "HMAC", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2696", "Certificate Number": "2696", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SRX100, SRX110, SRX210, SRX220, SRX240, SRX550, and SRX650 Services Gateways", "Module Type": "Hardware", "Validation Date": "08/04/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2696.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2696", "detail_available": true, "module_name": "Juniper Networks SRX100, SRX110, SRX210, SRX220, SRX240, SRX550, and SRX650 Services Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper-evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Juniper Networks SRX Series Services Gateways provide the essential capabilities necessary to connect, secure, and manage enterprise and service provider networks, from the smallest sites to the largest headquarters and data centers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2695", "Certificate Number": "2695", "Vendor Name": "Seagate Technology LLC", "Module Name": "Seagate Secure® TCG Opal SSC Self-Encrypting Drive (SED) FIPS 140-2 Module", "Module Type": "Hardware", "Validation Date": "08/03/201605/23/201708/31/201710/30/201701/23/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2695.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2695", "detail_available": true, "module_name": "Seagate Secure® TCG Opal SSC Self-Encrypting Drive (SED) FIPS 140-2 Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS Mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The ‘Seagate Secure® TCG Opal SSC Self-Encrypting Drive (SED) FIPS 140-2 Module’ is embodied in Seagate Laptop thin and Laptop Self-Encrypting Drive model disk drives. The cryptographic module (CM) provides a wide range of cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, instantaneous user data disposal with cryptographic erase, independently controlled and protected user data LBA ranges, and authenticated FW download. The services are provided through an industry-standard TCG Opal SSC interface.", "algorithms": [ "AES", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2694", "Certificate Number": "2694", "Vendor Name": "Hitachi, Ltd.", "Module Name": "Hitachi Virtual Storage Platform (VSP) Encryption Board", "Module Type": "Hardware", "Validation Date": "08/03/201608/04/201710/06/201704/25/201803/25/201903/30/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2694.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2694", "detail_available": true, "module_name": "Hitachi Virtual Storage Platform (VSP) Encryption Board", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 8.1 and 8.2 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Hitachi Virtual Storage Platform (VSP) Encryption Board provides high speed data at rest encryption for Hitachi storage.", "algorithms": [ "AES", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2693", "Certificate Number": "2693", "Vendor Name": "Forcepoint", "Module Name": "Forcepoint Sidewinder", "Module Type": "Firmware", "Validation Date": "08/03/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2693.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2693", "detail_available": true, "module_name": "Forcepoint Sidewinder", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section Secure Operation. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2692", "Certificate Number": "2692", "Vendor Name": "Zanjia Electronic Science & Technology (Beijing) Co., Ltd.", "Module Name": "HSM-ZJ2014", "Module Type": "Hardware", "Validation Date": "07/28/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2692.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2692", "detail_available": true, "module_name": "HSM-ZJ2014", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "HSM-ZJ2014 is a hardware security module, providing cryptographic services including encryption, decryption, signature generation and verification, and key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2690", "Certificate Number": "2690", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "MX240, MX480, and MX960 3D Universal Edge Routers with the Multiservices MPC and Junos 14.2X4-D10.11", "Module Type": "Hardware", "Validation Date": "07/28/201605/02/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2690.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2690", "detail_available": true, "module_name": "MX240, MX480, and MX960 3D Universal Edge Routers with the Multiservices MPC and Junos 14.2X4-D10.11", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The MX 3D Universal Edge Routers deliver high performance, reliability, and scale to enable a cost-effective solution. Key features include support for a wide range of L2/L3 VPN services and advanced broadband network gateway functions, along with integrated routing, switching and security services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2689", "Certificate Number": "2689", "Vendor Name": "Silk", "Module Name": "Silk Encryption Module", "Module Type": "Software", "Validation Date": "07/27/201607/10/202002/11/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2689.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2689", "detail_available": true, "module_name": "Silk Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #2038.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Silk Encryption Module is a standalone cryptographic module for the Silk Cloud Data Platform. The module delivers core cryptographic functions and features robust algorithm support. Silk platform offloads to the Cryptographic Module various crypto functions such as authentication, secure key management, data integrity, management traffic encryption and data at rest encryption.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2688", "Certificate Number": "2688", "Vendor Name": "iStorage Limited", "Module Name": "datAshur Pro 3.0", "Module Type": "Hardware", "Validation Date": "07/26/201603/17/201706/02/201707/14/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2688.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2688", "detail_available": true, "module_name": "datAshur Pro 3.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "iStorage datAshur Secure USB Flash Drive (iStorage datAshur Pro 3.0 or datAshur) is an encrypted storage device that provides a secure way to store and transfer data. User authentication is self-contained via an onboard keypad. User data is protected by hardware-based 256-bit XTS-AES encryption to secure sensitive information in the event that the drive is lost or stolen. The data encryption key (DEK) and other cryptographic parameters are generated within the module on first use through the use of a NIST approved DRBG. The seed for the DRBG is also produced within the module from an NDRNG." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2687", "Certificate Number": "2687", "Vendor Name": "SyncDog, Inc.", "Module Name": "SyncDog Cryptographic Module", "Module Type": "Software", "Validation Date": "07/25/201603/18/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2687.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2687", "detail_available": true, "module_name": "SyncDog Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #1938.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The SyncDog Cryptographic Module provides validated cryptographic functions for SentinelSecure™ SentinelSecure secures data in transport and data at rest for all applications utilizing its security protocols. SentinelSecure provides a secure mobile communications platform and app containerization.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2686", "Certificate Number": "2686", "Vendor Name": "Micro Focus Data Security", "Module Name": "Voltage Cryptographic Module v.5.0", "Module Type": "Software", "Validation Date": "07/19/201608/04/201608/22/201610/12/201804/15/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2686.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2686", "module_name": "Voltage Cryptographic Module v.5.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Voltage Cryptographic Module v.5.0 provides the Validated algorithms used by the SecureMail, SecureFile and SecureData families of products.", "detail_available": true }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2685", "Certificate Number": "2685", "Vendor Name": "SPYRUS, Inc.", "Module Name": "SPYRUS USB-3 Module", "Module Type": "Hardware", "Validation Date": "07/19/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2685.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2685", "detail_available": true, "module_name": "SPYRUS USB-3 Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The SPYRUS USB-3 Module provides multiple security functionalities in a single platform, including WindowsToGo, PKI support, Secure Mass Storage and conventional cryptographic token capabilities. This Module provides Suite-B algorithms that ensure the protection and integrity of User Data and application data on board." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2684", "Certificate Number": "2684", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco C819 ISR, C880 ISR, C890 ISR, CGR 2010, C800M, ESR5921, and IR809", "Module Type": "Hardware", "Validation Date": "07/19/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2684.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2684", "detail_available": true, "module_name": "Cisco C819 ISR, C880 ISR, C890 ISR, CGR 2010, C800M, ESR5921, and IR809", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Integrated Services Router (ISR) are routing platforms that provide comprehensive security services including VPN for small businesses, enterprise small branch and teleworkers. The platforms are architected to enable the next phase of branch-office evolution, providing rich media collaboration and virtualization to the branch while offering a wide-range of connectivity options.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2683", "Certificate Number": "2683", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Integrated Services Router (ISR) 891W, 1941W, 829W", "Module Type": "Hardware", "Validation Date": "07/19/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2683.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2683", "detail_available": true, "module_name": "Cisco Integrated Services Router (ISR) 891W, 1941W, 829W", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Integrated Services Router (ISR) are routing platforms that provide comprehensive security services including VPN for small businesses, enterprise small branch and teleworkers. The platforms are architected to enable the next phase of branch-office evolution, providing rich media collaboration and virtualization to the branch while offering a wide-range of connectivity options.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2682", "Certificate Number": "2682", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Integrated Services Router (ISR) 1905 ISR, 1921 ISR, 1941 ISR, 2901 ISR, 2911 ISR, 2921 ISR, 2951 ISR, 3925 ISR, 3925E ISR, 3945 ISR, 3945E ISR, 5915 ESR and 5940 ESR", "Module Type": "Hardware", "Validation Date": "07/19/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2682.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2682", "detail_available": true, "module_name": "Cisco Integrated Services Router (ISR) 1905 ISR, 1921 ISR, 1941 ISR, 2901 ISR, 2911 ISR, 2921 ISR, 2951 ISR, 3925 ISR, 3925E ISR, 3945 ISR, 3945E ISR, 5915 ESR and 5940 ESR", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Integrated Services Router (ISR) are routing platforms that provide comprehensive security services including VPN for small businesses, enterprise small branch and teleworkers. The platforms are architected to enable the next phase of branch-office evolution, providing rich media collaboration and virtualization to the branch while offering a wide-range of connectivity options.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDH", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2681", "Certificate Number": "2681", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade® NetIron® CER 2000 Ethernet Routers and Brocade CES 2000 Routers and Switches", "Module Type": "Hardware", "Validation Date": "07/15/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2681.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2681", "detail_available": true, "module_name": "Brocade® NetIron® CER 2000 Ethernet Routers and Brocade CES 2000 Routers and Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident labels installed as specified in Appendix A and configured as specified in Tables 4 and 8 and as per Section 9 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Brocade NetIron CER 2000 Series is a family of compact routers that are purpose-built for high-performance Ethernet edge routing and MPLS applications. These fixed-form routers can store a complete Internet table and are ideal for supporting a wide range of applications in Metro Ethernet, data center, and campus networks. The Brocade NetIron CES 2000 Series of switches provides IP routing and advanced Carrier Ethernet capabilities in a compact form factor.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2680", "Certificate Number": "2680", "Vendor Name": "LG Electronics, Inc.", "Module Name": "LG Kernel Cryptographic Module", "Module Type": "Software", "Validation Date": "07/15/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2680.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2680", "detail_available": true, "module_name": "LG Kernel Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The LG Kernel Cryptographic Module is a software library located within the operating system kernel providing a C-language application program interface (API) for use by user and kernel applications that require cryptographic functionality." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2679", "Certificate Number": "2679", "Vendor Name": "Gemalto SA", "Module Name": "MultiApp V31 Platform", "Module Type": "Hardware", "Validation Date": "07/15/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2679.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2679", "detail_available": true, "module_name": "MultiApp V31 Platform", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys.", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The MultiApp ID smart cards are fully compliant with two major industry standards: Sun's Javacard 2.2.1 and Global Platform (GP) Card Specification version 2.1.1. They are therefore Java-GP cards, capable of managing applets in a controlled and secure manner in this multi-applet environment. This platform is delivered with a set of applet already loaded loaded in ROM and that can be installed if proper ordering options have been set.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2678", "Certificate Number": "2678", "Vendor Name": "EF Johnson Technologies", "Module Name": "Johnson Encryption Machine 2 (JEM2)", "Module Type": "Hardware", "Validation Date": "07/15/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2678.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2678", "detail_available": true, "module_name": "Johnson Encryption Machine 2 (JEM2)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The EF Johnson Technologies Johnson Encryption Machine 2 (JEM2) is a cryptographic module meeting the FIPS140-2, Level 1 requirement. The JEM2 provides cryptographic operations to support Project 25 infrastructure. The JEM2 supports AES OTAR, AES Key Wrap, AES, ECDSA, DRBG, SHA-1, SHA-256, SHA-512, and HMAC FIPS Approved algorithms.", "algorithms": [ "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2677", "Certificate Number": "2677", "Vendor Name": "SonicWall, Inc.", "Module Name": "SMA 6200 and SMA 7200", "Module Type": "Hardware", "Validation Date": "07/15/201606/13/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2677.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2677", "detail_available": true, "module_name": "SMA 6200 and SMA 7200", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "SonicWALL Software SMA 6200 and SMA 7200 are part of the SonicWALL Security Solution Enterprise product family. They provide hardware appliance based VPN Virtual Private Network mobile access solutions to a wide variety of end user devices including Microsoft Windows, Apple OSX, Linux, Apple iOS and Google Android among others." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2676", "Certificate Number": "2676", "Vendor Name": "Cohesity, Inc.", "Module Name": "Cohesity FIPS Object Module for OpenSSL", "Module Type": "Software", "Validation Date": "07/11/201610/12/201811/08/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2676.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2676", "detail_available": true, "module_name": "Cohesity FIPS Object Module for OpenSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security relevant modification to Cert. #2398", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Cohesity FIPS Object Module for OpenSSL is a general purpose cryptographic module compiled from the source code for the OpenSSL FIPS Object Module. It is incorporated into the CS2000 family of Cohesity Storage Systems.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2675", "Certificate Number": "2675", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Optical Networking Solution (ONS) 15454 Multiservice Transport Platforms (MSTPs) & NCS 2000 Series", "Module Type": "Hardware", "Validation Date": "07/11/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2675.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2675", "detail_available": true, "module_name": "Cisco Optical Networking Solution (ONS) 15454 Multiservice Transport Platforms (MSTPs) & NCS 2000 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 6 of the Security Policy with tamper evident seals installed as indicated in Section 5.6 of the Security Policy and when operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco ONS 15454 Multiservice Transport Platforms (MSTPs) and NCS 2000 Series provide capital and operational efficiency by addressing the increasing demand for multiple services, greater transport capacity, networking flexibility, multiple distance options, and management simplicity in a single platform.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2674", "Certificate Number": "2674", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung Kernel Cryptographic Module", "Module Type": "Software", "Validation Date": "07/11/201609/20/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2674.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2674", "detail_available": true, "module_name": "Samsung Kernel Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates random strings whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Provides general purpose cryptographic services to services in the Linux kernel and user-space applications, intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2673", "Certificate Number": "2673", "Vendor Name": "MRV Communications Inc.", "Module Name": "LX-4000T Series Console Servers", "Module Type": "Hardware", "Validation Date": "07/08/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2673.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2673", "detail_available": true, "module_name": "LX-4000T Series Console Servers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy. The protocols IPsec, SNMP, SSH and TLS shall not be used when operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The LX-4000T Series Console Servers are a key component of MRV's Out-of-Band Network solution. Out-of-Band Networks provide secure remote service port access and remote power control to devices in an organization's networks and infrastructures. This nearly eliminates the need for physical presence at a device to correct problems or manage its everyday operation. MRV's Out-of-Band Network solution includes console servers, terminal servers, device servers, remote power control and management system, making the LX Series an ideal choice for secure remote access." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2672", "Certificate Number": "2672", "Vendor Name": "Information Assurance Specialists, Inc.", "Module Name": "IAS Router", "Module Type": "Hardware", "Validation Date": "07/07/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2672.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2672", "detail_available": true, "module_name": "IAS Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "IAS Routers are purpose-built secure IP Routers/VPN Gateways designed to be small, lightweight, low power consumption, highly portable devices able to leverage a wide range of WAN connectivity options to allow secure communications back to a central site from nearly anywhere on the planet.", "algorithms": [ "AES", "DRBG", "ECDH", "KDF", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2671", "Certificate Number": "2671", "Vendor Name": "Duo Security, Inc.", "Module Name": "Duo Security Cryptographic Module", "Module Type": "Software", "Validation Date": "07/07/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2671.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2671", "detail_available": true, "module_name": "Duo Security Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. This validation entry is a non-security relevant modification to Cert. #1938. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Duo Security Cryptographic Module is a cryptographic engine for mobile devices. The module delivers core cryptographic functions to Duo Security's Two-Factor Authentication mobile application.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2670", "Certificate Number": "2670", "Vendor Name": "Ceragon Networks, Ltd.", "Module Name": "FibeAir® IP-20C, FibeAir® IP-20S, FibeAir® IP-20N, FibeAir® IP-20A, FibeAir® IP-20G, and FibeAir® IP-20GX", "Module Type": "Hardware", "Validation Date": "07/04/201610/24/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2670.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2670", "detail_available": true, "module_name": "FibeAir® IP-20C, FibeAir® IP-20S, FibeAir® IP-20N, FibeAir® IP-20A, FibeAir® IP-20G, and FibeAir® IP-20GX", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "FibeAir IP-20 platform provides secured wireless backhaul solutions to deliver mission-critical multimedia services, 4G and other applications with high security and reliability. The platform provides multi gigabit wireless links in 4-86GHz frequency bands, supporting IP and TDM services in a wide range of topologies and network architectures." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2669", "Certificate Number": "2669", "Vendor Name": "INTEGRITY Security Services", "Module Name": "INTEGRITY Security Services High Assurance Embedded Cryptographic Toolkit", "Module Type": "Software", "Validation Date": "06/30/201608/08/201612/06/201612/07/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2669.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2669", "detail_available": true, "module_name": "INTEGRITY Security Services High Assurance Embedded Cryptographic Toolkit", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Green Hills Software/INTEGRITY Security Services (ISS) ECT is a standards-based crypto toolkit providing a flexible framework to integrate encryption, digital signatures and other security mechanisms into a wide range of applications. ISS ECT is designed to support multiple cryptographic providers with a single common API, easily targeted to a variety of Operating Systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2668", "Certificate Number": "2668", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Motorola Network Router (MNR) S6000", "Module Type": "Hardware", "Validation Date": "06/30/201608/29/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2668.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2668", "detail_available": true, "module_name": "Motorola Network Router (MNR) S6000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "MNR S6000 routers are versatile, secure-capable devices that can ensure timely delivery of delay-sensitive traffic. Supporting secure integrated voice and data applications as well as high-speed site-to-site WAN connections, S6000 routers perform simultaneous functions - including compression and data prioritization - without compromising their ability to accomplish additional packet-handling functions as needed. In addition to the normal routing functions, the MNR S6000 supports data encryption and authentication over Ethernet and Frame Relay links using the IPSec and FRF.17 protocols.", "algorithms": [ "DES", "DSA", "HMAC", "RSA", "SHA", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2667", "Certificate Number": "2667", "Vendor Name": "Micron Technology, LLC", "Module Name": "Micron S650DC® SAS TCG Enterprise SSC Self-Encrypting Drive", "Module Type": "Hardware", "Validation Date": "06/30/201601/19/201706/29/201704/19/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2667.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2667", "detail_available": true, "module_name": "Micron S650DC® SAS TCG Enterprise SSC Self-Encrypting Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 7 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Micron Secure ® TCG Enterprise SSC Self-Encrypting Drive FIPS 140-2 Module is embodied in Micron S650DC SAS SED model solid state drive. These products meet the performance requirements of the most demanding Enterprise applications. The cryptographic module (CM) provides a wide range of cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption (AES-XTS), instantaneous user data disposal with cryptographic erase, independently controlled and protected user data LBA bands and authenticated FW download.", "algorithms": [ "AES", "DRBG", "HMAC", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2666", "Certificate Number": "2666", "Vendor Name": "Cambium Networks, Ltd.", "Module Name": "PTP 700 Point to Point Wireless Ethernet Bridge", "Module Type": "Hardware", "Validation Date": "06/29/201605/16/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2666.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2666", "detail_available": true, "module_name": "PTP 700 Point to Point Wireless Ethernet Bridge", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The PTP 700 is deployed in pairs to create a wireless bridge between two Ethernet networks. The Module operates in licensed, lightly-licensed, and unlicensed frequency bands between 4400 MHz and 5875 MHz, in channel bandwidths up to 45 MHz, providing aggregate data rates up to 450 Mbit/s. The Module transmits and receives Ethernet frames as plaintext, and transmits and receives encrypted wireless signals. The Module is available in 24 different variants, consisting of combinations of physical format, regional variants, capacity variants and ATEX/HAZLOC units." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2665", "Certificate Number": "2665", "Vendor Name": "DocuSign, Inc.", "Module Name": "DocuSign Signature Appliance", "Module Type": "Hardware", "Validation Date": "06/21/201607/25/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2665.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2665", "detail_available": true, "module_name": "DocuSign Signature Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. This module contains the embedded module eToken 5105 validated to FIPS 140-2 under Cert. #1883 operating in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The DocuSign Signature Appliance is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization's end-users. End-users will connect securely to the appliance from their PC for the purpose of signing documents and data." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2664", "Certificate Number": "2664", "Vendor Name": "Advanced Card Systems Ltd.", "Module Name": "ACOS5-64", "Module Type": "Hardware", "Validation Date": "06/20/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2664.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2664", "detail_available": true, "module_name": "ACOS5-64", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When installed, initialized and configured as specified in the Security Policy Section Secure Initialization. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Single Chip", "description": "ACOS5-64 is a hardware cryptographic module validated against FIPS 140-2 at Security Level 3. It is a two-factor authentication smart card module. It provides digital signature creation/verification for online authentication and data encryption/decryption for online transactions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2663", "Certificate Number": "2663", "Vendor Name": "Palo Alto Networks", "Module Name": "PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series and PA-7050 Firewalls", "Module Type": "Hardware", "Validation Date": "06/20/201606/23/201602/13/201802/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2663.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2663", "detail_available": true, "module_name": "PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series and PA-7050 Firewalls", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Palo Alto Networks PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series and PA-7050 firewalls are multi-chip standalone modules that provide network security by enabling enterprises to see and control applications, users, and content using three unique identification technologies: App-ID, User-ID, and Content-ID. These identification technologies enable enterprises to create business-relevant security polices - safely enabling organizations to adopt new applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2662", "Certificate Number": "2662", "Vendor Name": "LG Electronics, Inc.", "Module Name": "LG Framework Cryptographic Module", "Module Type": "Software", "Validation Date": "06/17/201609/02/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2662.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2662", "detail_available": true, "module_name": "LG Framework Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The protocol TLS shall not be used when operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The LG Framework Cryptographic Module is a software library that provides cryptographic functionality." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2661", "Certificate Number": "2661", "Vendor Name": "Hewlett Packard®, Enterprise", "Module Name": "HPE 6125XLG Blade Switches", "Module Type": "Hardware", "Validation Date": "06/16/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2661.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2661", "detail_available": true, "module_name": "HPE 6125XLG Blade Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The HPE Networking device is suitable for a range of uses: at the edge of a network, connecting server clusters in a data center, in an enterprise LAN core, and in large-scale industrial networks and campus networks. The device includes fixed-port L2/L3 managed Ethernet switch appliances. This device is based on the Comware 7.1 platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2660", "Certificate Number": "2660", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series", "Module Type": "Hardware", "Validation Date": "06/16/201607/22/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2660.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2660", "detail_available": true, "module_name": "Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series, is a FIPS 140-2 Level 2 SSD (Solid State Drive), supporting TCG Enterprise SSC based SED (Self-Encrypting Drive) features, designed to protect unauthorized access to the user data stored in its NAND Flash memories. The built-in AES HW engines in the cryptographic module’s controller provide on-the-fly encryption and decryption of the user data without performance loss. The SED’s nature also provides instantaneous sanitization of the user data via cryptographic erase." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2658", "Certificate Number": "2658", "Vendor Name": "Rubrik Inc.", "Module Name": "Rubrik Cryptographic Library", "Module Type": "Software", "Validation Date": "06/15/201602/11/202209/27/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2658.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2658", "detail_available": true, "module_name": "Rubrik Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #2038.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Rubrik Cryptographic Library provides FIPS 140-2 validated cryptographic functions (including Suite B algorithms) for Rubrik’s Hybrid Appliances.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2657", "Certificate Number": "2657", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux libgcrypt Cryptographic Module v4.0 [1] and Red Hat Enterprise Linux libgcrypt Cryptographic Module v5.0 [2]", "Module Type": "Software", "Validation Date": "06/13/201607/28/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2657.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2657", "detail_available": true, "module_name": "Red Hat Enterprise Linux libgcrypt Cryptographic Module v4.0 [1] and Red Hat Enterprise Linux libgcrypt Cryptographic Module v5.0 [2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The libgcrypt FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the libgcrypt library delivered with RHEL 7.1 [1] and RHEL 7.4 [2]." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2656", "Certificate Number": "2656", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Motorola GGM 8000 Gateway", "Module Type": "Hardware", "Validation Date": "06/09/201607/06/201608/29/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2656.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2656", "detail_available": true, "module_name": "Motorola GGM 8000 Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "GGM 8000 devices are versatile, secure-capable devices that can ensure timely delivery of delay-sensitive traffic. Supporting secure integrated voice and data applications as well as high-speed site-to-site WAN connections, GGM 8000 perform simultaneous functions - including compression and data prioritization - without compromising their ability to accomplish additional packet-handling functions as needed. In addition to the normal packet forwarding functions, the GGM 8000 supports data encryption and authentication over Ethernet and Frame Relay links using the IPSec and FRF.17 protocols.", "algorithms": [ "DES", "DSA", "HMAC", "RSA", "SHA", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2655", "Certificate Number": "2655", "Vendor Name": "Nuvoton Technology Corporation", "Module Name": "NPCT6XX TPM 1.2", "Module Type": "Hardware", "Validation Date": "06/09/201608/19/201602/15/201810/22/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2655.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2655", "detail_available": true, "module_name": "NPCT6XX TPM 1.2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized, and configured as specified in the Security Policy Section 8", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Nuvoton NPCT6XX TPM 1.2 is a hardware cryptographic module that implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography; as well as key generation and random number generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2654", "Certificate Number": "2654", "Vendor Name": "Broadcom Ltd.", "Module Name": "BCM58100B0 Series: BCM58101B0, BCM58102B0, BCM58103B0", "Module Type": "Hardware", "Validation Date": "06/07/201606/13/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2654.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2654", "detail_available": true, "module_name": "BCM58100B0 Series: BCM58101B0, BCM58102B0, BCM58103B0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Highly integrated, low power, security processor." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2653", "Certificate Number": "2653", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Adaptive Security Appliance (ASA) Virtual", "Module Type": "Software", "Validation Date": "06/06/201608/15/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2653.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2653", "detail_available": true, "module_name": "Cisco Adaptive Security Appliance (ASA) Virtual", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA Virtual Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes.", "algorithms": [ "AES", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2652", "Certificate Number": "2652", "Vendor Name": "Vormetric, Inc.", "Module Name": "Vormetric Data Security Manager Module", "Module Type": "Hardware", "Validation Date": "06/06/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2652.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2652", "detail_available": true, "module_name": "Vormetric Data Security Manager Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When Operated in FIPS mode. The protocol SSH shall not be used when operated in FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Vormetric Data Security Server is a multi-chip standalone cryptographic module. The Vormetric Data Security Server is the central point of management for the Vormetric Data Security product. It manages keys and policies, and controls Vormetric Transparent Encryption Agents. These agents contain the Vormetric Encryption Expert Cryptographic Module, which has been validated separately from this module." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2651", "Certificate Number": "2651", "Vendor Name": "Huawei Technologies Co., Ltd.", "Module Name": "Huawei FIPS Cryptographic Library (HFCL)", "Module Type": "Software", "Validation Date": "06/03/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2651.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2651", "detail_available": true, "module_name": "Huawei FIPS Cryptographic Library (HFCL)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 6.1. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Huawei FIPS Cryptographic Library (HFCL) is a software cryptographic module which provides FIPS approved Cryptographic functions to consuming applications via an Application Programming Interface (API).", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2650", "Certificate Number": "2650", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ASA Service Module (SM)", "Module Type": "Hardware", "Validation Date": "06/02/201608/15/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2650.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2650", "detail_available": true, "module_name": "Cisco ASA Service Module (SM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The Cisco ASA Service Module (SM) provides comprehensive security, performance, and reliability for network environments of all sizes.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2649", "Certificate Number": "2649", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade® ICX ™ 6610 and ICX 7450 Series", "Module Type": "Hardware", "Validation Date": "05/27/201607/14/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2649.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2649", "detail_available": true, "module_name": "Brocade® ICX ™ 6610 and ICX 7450 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed and with configurations as defined in Table 5 of the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The ICX 6610 series is an access layer Gigabit Ethernet switch designed from the ground up for the enterprise data center environment. The Brocade 7450 Switch delivers the performance and scalability required for enterprise Gigabit Ethernet (GbE) access deployments.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2648", "Certificate Number": "2648", "Vendor Name": "NetApp, Inc.", "Module Name": "NetApp Cryptographic Security Module", "Module Type": "Software", "Validation Date": "05/27/201606/10/201610/29/201902/10/202107/20/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2648.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2648", "detail_available": true, "module_name": "NetApp Cryptographic Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The NetApp Cryptographic Security Module is a software library that provides cryptographic services to a vast array of NetApp's storage and networking products.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2647", "Certificate Number": "2647", "Vendor Name": "SPYRUS, Inc.", "Module Name": "SPYCOS® 3.0 QFN", "Module Type": "Hardware", "Validation Date": "05/25/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2647.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2647", "detail_available": true, "module_name": "SPYCOS® 3.0 QFN", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "SPYCOS® 3.0 is a hardware encryption engine in QFN form factor supporting Suite B functionality that is ideal for embedded and secure flash storage applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2646", "Certificate Number": "2646", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung Flash Memory Protector V1.1", "Module Type": "Software-Hybrid", "Validation Date": "05/13/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2646.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2646", "detail_available": true, "module_name": "Samsung Flash Memory Protector V1.1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The driver for the on-the-fly Hardware encryption module to flash memory for Disk/File Encryption solution. The Harware module supports AES with CBC mode and XTS-AES cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2645", "Certificate Number": "2645", "Vendor Name": "Harris Corporation", "Module Name": "RF-7800W Broadband Ethernet Radio", "Module Type": "Hardware", "Validation Date": "05/13/201612/02/201612/09/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2645.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2645", "detail_available": true, "module_name": "RF-7800W Broadband Ethernet Radio", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 3.1 of the Security Policy and the tamper evident seals installed as indicated in Section 2.4 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The RF-7800W(-OU47x,-OU49x,-OU50x) Broadband Ethernet Radio(BER) is designed for High Capacity Line of Sight (HCLOS) networks with broadband Ethernet requirements. The radio can be mounted on a mast for quick deployment or on a tower system and is designed for long haul backbone systems. The BER operates in the 4.4 - 5.8 GHz frequency band. The BER is an ideal wireless networking solution for public safety, first responders, training and simulation networks and long haul/short haul battlefield communications. The RF-7800W operates in Point-to-Point and Point to Multipoint in the same platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2644", "Certificate Number": "2644", "Vendor Name": "nCipher Security Limited", "Module Name": "nShield F3 10+, nShield F3 500+, nShield F3 6000+, nShield F3 500+ for nShield Connect+, nShield F3 1500+ for nShield Connect+ and nShield F3 6000+ for nShield Connect+", "Module Type": "Hardware", "Validation Date": "05/13/201608/17/201806/03/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2644.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2644", "detail_available": true, "module_name": "nShield F3 10+, nShield F3 500+, nShield F3 6000+, nShield F3 500+ for nShield Connect+, nShield F3 1500+ for nShield Connect+ and nShield F3 6000+ for nShield Connect+", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy. The protocol TLS shall not be used when operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The nShield modules: nShield F3 10+, nShield F3 500+, nShield F3 6000+, nShield F3 500+ for nShield Connect+, nShield F3 1500+ for nShield Connect+, nShield F3 6000+ for nShield Connect+ are tamper evident and tamper responsive Hardware Security Modules which provide support for the widest range of cryptographic algorithms, application programming interfaces (APIs) and host operating systems, enabling the devices to be used with virtually any business application. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2643", "Certificate Number": "2643", "Vendor Name": "nCipher Security Limited", "Module Name": "nShield F2 500+, nShield F2 1500+ and nShield F2 6000+", "Module Type": "Hardware", "Validation Date": "05/13/201606/20/201807/27/201806/03/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2643.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2643", "detail_available": true, "module_name": "nShield F2 500+, nShield F2 1500+ and nShield F2 6000+", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy. The protocol TLS shall not be used when operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The nShield modules: nShield F2 500+, nShield F2 1500+, nShield F2 6000+ are tamper evident and tamper responsive Hardware Security Modules which provide support for the widest range of cryptographic algorithms, application programming interfaces (APIs) and host operating systems, enabling the devices to be used with virtually any business application. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2642", "Certificate Number": "2642", "Vendor Name": "nCipher Security Limited", "Module Name": "MiniHSM, MiniHSM for nShield Edge F2, and MiniHSM for Time Stamp Master Clock", "Module Type": "Hardware", "Validation Date": "05/13/201607/24/201806/03/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2642.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2642", "detail_available": true, "module_name": "MiniHSM, MiniHSM for nShield Edge F2, and MiniHSM for Time Stamp Master Clock", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy. The protocol TLS shall not be used when operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The MiniHSM, MiniHSM for nShield Edge F2 and MiniHSM for Time Stamp Master Clock are fully featured HSMs supplied in a single chip package. The MiniHSM Modules offer all the security and key management features of other nShield modules - but with reduced processing speed. The MiniHSM modules are OEM parts and will be included within other appliances or products, for example switches or routers. The MiniHSM modules have a real time clock which also makes them suitable for use as a time-stamping engine." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2641", "Certificate Number": "2641", "Vendor Name": "nCipher Security Limited", "Module Name": "nShield F2 6000e, nShield F2 1500e, nShield F2 500e and nShield F2 10e", "Module Type": "Hardware", "Validation Date": "05/13/201601/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2641.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2641", "detail_available": true, "module_name": "nShield F2 6000e, nShield F2 1500e, nShield F2 500e and nShield F2 10e", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy. The protocol TLS shall not be used when operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The nShield modules: nShield F2 10e, nShield F2 500e, nShield F2 1500e, nShield F2 6000e are tamper evident and tamper responsive Hardware Security Modules which provide support for the widest range of cryptographic algorithms, application programming interfaces (APIs) and host operating systems, enabling the devices to be used with virtually any business application. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2640", "Certificate Number": "2640", "Vendor Name": "nCipher Security Limited", "Module Name": "nShield F3 6000e, nShield F3 1500e, nShield F3 500e, nShield F3 10e, nShield F3 6000e for nShield Connect, nShield F3 1500e for nShield Connect and nShield F3 500e for nShield Connect", "Module Type": "Hardware", "Validation Date": "05/13/201601/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2640.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2640", "detail_available": true, "module_name": "nShield F3 6000e, nShield F3 1500e, nShield F3 500e, nShield F3 10e, nShield F3 6000e for nShield Connect, nShield F3 1500e for nShield Connect and nShield F3 500e for nShield Connect", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy. The protocol TLS shall not be used when operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The nShield modules: nShield F3 10e, nShield F3 500e, nShield F3 1500e, nShield F3 6000e, nShield F3 500e for nShield Connect, nShield F3 1500e for nShield Connect, nShield F3 6000e for nShield Connect are tamper evident and tamper responsive Hardware Security Modules which provide support for the widest range of cryptographic algorithms, application programming interfaces (APIs) and host operating systems, enabling the devices to be used with virtually any business application. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2639", "Certificate Number": "2639", "Vendor Name": "nCipher Security Limited", "Module Name": "MiniHSM, MiniHSM for nShield Edge F3, and MiniHSM for Time Stamp Master Clock", "Module Type": "Hardware", "Validation Date": "05/13/201606/03/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2639.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2639", "detail_available": true, "module_name": "MiniHSM, MiniHSM for nShield Edge F3, and MiniHSM for Time Stamp Master Clock", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy. The protocol TLS shall not be used when operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The MiniHSM, MiniHSM for nShield Edge F3 and MiniHSM for Time Stamp Master Clock are fully featured HSMs supplied in a single chip package. The MiniHSM Modules offer all the security and key management features of other nShield modules - but with reduced processing speed. The MiniHSM modules are OEM parts and will be included within other appliances or products, for example switches or routers. The MiniHSM modules have a real time clock which also makes them suitable for use as a time-stamping engine." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2638", "Certificate Number": "2638", "Vendor Name": "nCipher Security Limited", "Module Name": "nShield F3 10+, nShield F3 500+, nShield F3 6000+, nShield F3 500+ for nShield Connect+, nShield F3 1500+ for nShield Connect+ and nShield F3 6000+ for nShield Connect+", "Module Type": "Hardware", "Validation Date": "05/13/201606/20/201807/27/201806/03/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2638.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2638", "detail_available": true, "module_name": "nShield F3 10+, nShield F3 500+, nShield F3 6000+, nShield F3 500+ for nShield Connect+, nShield F3 1500+ for nShield Connect+ and nShield F3 6000+ for nShield Connect+", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy. The protocol TLS shall not be used when operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The nShield modules: nShield F3 10+, nShield F3 500+, nShield F3 6000+, nShield F3 500+ for nShield Connect+, nShield F3 1500+ for nShield Connect+, nShield F3 6000+ for nShield Connect+ are tamper evident and tamper responsive Hardware Security Modules which provide support for the widest range of cryptographic algorithms, application programming interfaces (APIs) and host operating systems, enabling the devices to be used with virtually any business application. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2637", "Certificate Number": "2637", "Vendor Name": "Palo Alto Networks", "Module Name": "PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series and PA-7050 Firewalls", "Module Type": "Hardware", "Validation Date": "05/13/201609/08/201601/11/201802/13/201802/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2637.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2637", "detail_available": true, "module_name": "PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series and PA-7050 Firewalls", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Palo Alto Networks PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series and PA-7050 firewalls are multi-chip standalone modules that provide network security by enabling enterprises to see and control applications, users, and content using three unique identification technologies: App-ID, User-ID, and Content-ID. These identification technologies enable enterprises to create business-relevant security polices - safely enabling organizations to adopt new applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2636", "Certificate Number": "2636", "Vendor Name": "Redline Communications", "Module Name": "RDL-3000 and eLTE-MT", "Module Type": "Hardware", "Validation Date": "05/13/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2636.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2636", "detail_available": true, "module_name": "RDL-3000 and eLTE-MT", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 3.1 of the Security Policy and the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The RDL-3000, Elte-MT Broadband Wireless Systems by Redline Communications leverage proven orthogonal frequency-division multiplexing (OFDM) technology to deliver high-speed Ethernet throughput over wireless links." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2635", "Certificate Number": "2635", "Vendor Name": "Ciena® Corporation", "Module Name": "Ciena 6500 Packet-Optical Platform 4x10G", "Module Type": "Hardware", "Validation Date": "05/13/201608/15/201605/06/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2635.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2635", "detail_available": true, "module_name": "Ciena 6500 Packet-Optical Platform 4x10G", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When installed, initialized and configured as specified in Section 3.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The 6500 Packet Optical Platform 4x10G OTR with encryption card offers an integrated and protocol agnostic transport encryption solution in a high density form factor. With 4 independent AES-256 10G encryption engines, this ultra-low latency wirespeed encryption solution is designed for deployments within enterprises of all sizes, government agencies and datacenters, whether as standalone encryption solution or as part of a service provider managed service offering.", "algorithms": [ "AES", "DES", "DRBG", "ECDH", "ECDSA", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2634", "Certificate Number": "2634", "Vendor Name": "Seagate Technology LLC", "Module Name": "Seagate Secure® TCG Enterprise SSC 1200.2 SSD Self-Encrypting Drive", "Module Type": "Hardware", "Validation Date": "05/13/201610/25/201608/31/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2634.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2634", "detail_available": true, "module_name": "Seagate Secure® TCG Enterprise SSC 1200.2 SSD Self-Encrypting Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in Section 7 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Seagate Secure® TCG Enterprise SSC Self-Encrypting Drive FIPS 140-2 Module is embodied in Seagate 1200.2 SSD SED model disk drives. These products meet the performance requirements of the most demanding Enterprise applications. The cryptographic module (CM) provides a wide range of cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, instantaneous user data disposal with cryptographic erase, independently controlled and protected user data LBA bands and authenticated FW download.", "algorithms": [ "AES", "DRBG", "HMAC", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2633", "Certificate Number": "2633", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux OpenSSH Client Cryptographic Module", "Module Type": "Software", "Validation Date": "05/12/201606/17/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2633.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2633", "detail_available": true, "module_name": "Red Hat Enterprise Linux OpenSSH Client Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Red Hat Enterprise Linux 7.1 OpenSSL Module validated to FIPS 140-2 under Cert. #2441 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The OpenSSH Client cryptographic module provides the client-side component for an SSH protocol version 2 protected communication channel. OpenSSH is the standard SSH implementation and shipped with RHEL 7.1. Its cryptographic mechanisms use the OpenSSL library in FIPS 140-2 mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2632", "Certificate Number": "2632", "Vendor Name": "SonicWall, Inc.", "Module Name": "SonicWALL SM 9800", "Module Type": "Hardware", "Validation Date": "05/12/201606/12/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2632.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2632", "detail_available": true, "module_name": "SonicWALL SM 9800", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The SonicWALL™ SuperMassive™ Series is SonicWALL's Next-Generation Firewall (NGFW) platform designed for large networks to deliver scalability, reliability and deep security at multi-gigabit speeds with near zero latency." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2631", "Certificate Number": "2631", "Vendor Name": "Intel Corporation", "Module Name": "Intel OpenSSL FIPS Object Module", "Module Type": "Software", "Validation Date": "05/03/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2631.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2631", "detail_available": true, "module_name": "Intel OpenSSL FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Intel OpenSSL FIPS Object Module provides cryptographic services for Intel Security products.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2630", "Certificate Number": "2630", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux OpenSSH Server Cryptographic Module", "Module Type": "Software", "Validation Date": "05/02/201606/17/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2630.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2630", "detail_available": true, "module_name": "Red Hat Enterprise Linux OpenSSH Server Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Red Hat Enterprise Linux 7.1 OpenSSL Module validated to FIPS 140-2 under Cert. #2441 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The OpenSSH Server cryptographic module provides the server-side component for an SSH protocol version 2 protected communication channel. OpenSSH is the standard SSH implementation and shipped with RHEL 7.1. Its cryptographic mechanisms use the OpenSSL library in FIPS 140-2 mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2629", "Certificate Number": "2629", "Vendor Name": "Zebra Technologies Corporation", "Module Name": "ZBR-88W8787-WLAN", "Module Type": "Firmware-Hybrid", "Validation Date": "05/01/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2629.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2629", "detail_available": true, "module_name": "ZBR-88W8787-WLAN", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The ZBR-88W8787-WLAN Module implements cryptographic support for Zebra wireless devices." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2628", "Certificate Number": "2628", "Vendor Name": "Giesecke+Devrient Mobile Security GmbH", "Module Name": "StarSign Crypto-USB Token S powered by Sm@rtCafé Expert 7.0 Secure Element", "Module Type": "Hardware", "Validation Date": "04/28/201607/03/201703/26/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2628.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2628", "detail_available": true, "module_name": "StarSign Crypto-USB Token S powered by Sm@rtCafé Expert 7.0 Secure Element", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "StarSign Crypto-USB Token S powered by Sm@rtCafé Expert 7.0 Secure Element is a highly secured and integrated smartcard-based platform from Giesecke & Devrient complying with JavaCard Classic 3.0.4 and GlobalPlatform 2.2.1 standards. The Sm@rtCafé Expert 7.0 OS-platform is deployed in national ID, ePassport, authentication and digital signature programs with match-on-card biometric verification. StarSign Crypto-USB Token S is the ideal platform in a USB-Token form factor for secure logical access, online tax declaration, web based online authentication applications using FIDO and certificate", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2626", "Certificate Number": "2626", "Vendor Name": "Century Longmai Technology Co. Ltd", "Module Name": "mToken CryptoID", "Module Type": "Hardware", "Validation Date": "04/14/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2626.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2626", "detail_available": true, "module_name": "mToken CryptoID", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "mToken CryptoID is designed based on a secure smartcard chip that utilizes the in-built mCOS to communicate with computer device via USB interface in a \"plug and play\" manner. It can realize various Public Key Infrastructure (PKI) applications including digital signature, online authentications, online transactions, software security, etc." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2625", "Certificate Number": "2625", "Vendor Name": "ECI Telecom Ltd.", "Module Name": "ECI TR10_4EN Encryption Module", "Module Type": "Hardware", "Validation Date": "04/28/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2625.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2625", "detail_available": true, "module_name": "ECI TR10_4EN Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "TR10_4EN is a ‘1U’ sized card that fits into ECI’s Apollo chassis.", "algorithms": [ "AES", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2624", "Certificate Number": "2624", "Vendor Name": "Siemens PLM Software Inc.", "Module Name": "Teamcenter Cryptographic Module", "Module Type": "Software", "Validation Date": "04/27/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2624.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2624", "detail_available": true, "module_name": "Teamcenter Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When entropy is externally loaded, no assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Teamcenter powers innovation and productivity by connecting people and processes with knowledge. Teamcenter is the de facto standard for PLM deployment, providing solutions to drive business performance goals. This includes the need to increase the yield of innovation, compress time-to-market, meet business and regulatory requirements, optimize operational resources and maximize globalization advantages. With this FCAP-FIPS certification status, Teamcenter now offers the best in class and highest levels of encryption to our security-conscious customers.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2622", "Certificate Number": "2622", "Vendor Name": "SUSE, LLC", "Module Name": "SUSE Linux Enterprise Server 12 - NSS Module", "Module Type": "Software", "Validation Date": "04/22/201607/06/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2622.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2622", "detail_available": true, "module_name": "SUSE Linux Enterprise Server 12 - NSS Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SUSE Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2621", "Certificate Number": "2621", "Vendor Name": "Forcepoint", "Module Name": "Websense C Cryptographic Module", "Module Type": "Software", "Validation Date": "04/21/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2621.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2621", "detail_available": true, "module_name": "Websense C Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Websense produces a family of web, e-mail and data security solutions that can be deployed on pre-configured, security hardened hardware or as customer installable software. The Websense C Crypto Module provides support for cryptographic and secure communications services for these solutions.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2620", "Certificate Number": "2620", "Vendor Name": "Palo Alto Networks", "Module Name": "Palo Alto Networks VM-Series", "Module Type": "Software", "Validation Date": "04/21/201609/08/201601/11/201802/13/201802/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2620.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2620", "detail_available": true, "module_name": "Palo Alto Networks VM-Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The VM-Series allows you to protect your applications and data from cyber threats with our next-generation firewall security and advanced threat prevention features." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2619", "Certificate Number": "2619", "Vendor Name": "Vocera Communications, Inc.", "Module Name": "Vocera Cryptographic Module v3.0", "Module Type": "Software-Hybrid", "Validation Date": "04/19/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2619.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2619", "detail_available": true, "module_name": "Vocera Cryptographic Module v3.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "Vocera B3000n Badge is a wearable hands-free voice-controlled device that provides easy-to-use and instantaneous communication on a wireless LAN network. The Vocera Cryptographic Module, embedded in the B3000n Badge, ensures protected communications using industry-standard secure wireless communication protocols.", "algorithms": [ "AES", "DRBG", "HMAC", "KDF", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2618", "Certificate Number": "2618", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ASA 5506-X, ASA 5506H-X, ASA 5506W-X, ASA 5508-X, ASA 5512-X, ASA 5515-X, ASA 5516-X, ASA 5525-X, ASA 5545-X, ASA 5555-X, ASA 5585-X SSP-10, 5585-X SSP-20, 5585-X SSP-40 and 5585-X SSP-60 Adaptive Security Appliances", "Module Type": "Hardware", "Validation Date": "04/19/201608/10/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2618.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2618", "detail_available": true, "module_name": "Cisco ASA 5506-X, ASA 5506H-X, ASA 5506W-X, ASA 5508-X, ASA 5512-X, ASA 5515-X, ASA 5516-X, ASA 5525-X, ASA 5545-X, ASA 5555-X, ASA 5585-X SSP-10, 5585-X SSP-20, 5585-X SSP-40 and 5585-X SSP-60 Adaptive Security Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2617", "Certificate Number": "2617", "Vendor Name": "Palo Alto Networks", "Module Name": "WildFire WF-500", "Module Type": "Hardware", "Validation Date": "04/18/201602/13/201802/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2617.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2617", "detail_available": true, "module_name": "WildFire WF-500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "WildFire WF-500 identifies unknown malware, zero-day exploits, and Advanced Persistent Threats (APTs) through dynamic analysis, and automatically disseminates protection in near real-time to help security teams meet the challenge of advanced cyber-attacks" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2616", "Certificate Number": "2616", "Vendor Name": "Palo Alto Networks", "Module Name": "PA-3060 and PA-7080 Firewalls", "Module Type": "Hardware", "Validation Date": "04/18/201609/08/201601/11/201802/13/201802/21/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2616.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2616", "detail_available": true, "module_name": "PA-3060 and PA-7080 Firewalls", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Palo Alto Networks PA-3060 and PA-7080 firewalls provide network security by enabling enterprises to see and control applications, users, and content using three unique identification technologies: App-ID, User-ID, and Content-ID. These identification technologies, found in Palo Alto Networks' enterprise firewalls, enable enterprises to create business-relevant security policies - safely enabling organizations to adopt new applications, instead of the traditional \"all-or-nothing\" approach offered by traditional port-blocking firewalls used in many security infrastructures." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2615", "Certificate Number": "2615", "Vendor Name": "Mojo Networks, Inc.", "Module Name": "AirTight Wireless Sensor", "Module Type": "Hardware", "Validation Date": "04/12/201604/14/201604/15/201604/19/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2615.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2615", "detail_available": true, "module_name": "AirTight Wireless Sensor", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The module performs wireless intrusion detection and prevention. It monitors radio channels to ensure conformance of wireless activity to security policy. It mitigates various types of wireless security violations such as rogue wireless networks, unauthorized wireless connections, network mis-configurations and denial of service attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2613", "Certificate Number": "2613", "Vendor Name": "Nokia Corporation", "Module Name": "SR-OS Cryptographic Module", "Module Type": "Firmware", "Validation Date": "04/11/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2613.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2613", "detail_available": true, "module_name": "SR-OS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in the Security Policy Section 9.1", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The SR-OS Cryptographic Module (SRCM) provides the cryptographic algorithm functions needed to allow SR-OS to implement cryptography for those services and protocols that require it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2612", "Certificate Number": "2612", "Vendor Name": "Qualcomm Technologies, Inc.", "Module Name": "Qualcomm Pseudo Random Number Generator", "Module Type": "Hardware", "Validation Date": "04/08/201606/12/201702/12/201810/10/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2612.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2612", "detail_available": true, "module_name": "Qualcomm Pseudo Random Number Generator", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "Qualcomm Pseudo Random Number Generator is a hardware random number generator that provides cryptographic functions through on-chip entropy sources and hash based DRBG." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2611", "Certificate Number": "2611", "Vendor Name": "Silent Circle", "Module Name": "Java Crypto Module", "Module Type": "Software", "Validation Date": "04/07/201606/20/201603/13/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2611.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2611", "detail_available": true, "module_name": "Java Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Java Crypto Module provides cryptographic functions for SilentOS from Silent Circle.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2610", "Certificate Number": "2610", "Vendor Name": "Apple Inc.", "Module Name": "Apple OS X CoreCrypto Module, v6.0", "Module Type": "Software", "Validation Date": "04/05/201603/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2610.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2610", "detail_available": true, "module_name": "Apple OS X CoreCrypto Module, v6.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Apple OS X CoreCrypto Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2609", "Certificate Number": "2609", "Vendor Name": "Apple Inc.", "Module Name": "Apple iOS CoreCrypto Kernel Module v6.0", "Module Type": "Software", "Validation Date": "04/05/201603/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2609.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2609", "detail_available": true, "module_name": "Apple iOS CoreCrypto Kernel Module v6.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Apple iOS CoreCrypto Kernel Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2608", "Certificate Number": "2608", "Vendor Name": "Sonus Networks, Inc.", "Module Name": "SBC 5110 and 5210 Session Border Controllers", "Module Type": "Hardware", "Validation Date": "04/05/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2608.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2608", "detail_available": true, "module_name": "SBC 5110 and 5210 Session Border Controllers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The SBC 5110 and 5210 Session Border Controllers are high-performance air-cooled, 2U, IP encryption appliances that provide secure SIP-based communications with robust security, reduced latency, real-time encryption (VOIP signaling and media traffic), media transcoding, flexible SIP session routing & policy management.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2607", "Certificate Number": "2607", "Vendor Name": "Microsoft Corporation", "Module Name": "Secure Kernel Code Integrity (skci.dll) in Microsoft Windows 10 Enterprise, Windows 10 Enterprise LTSB", "Module Type": "Software", "Validation Date": "06/02/201608/26/201604/30/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2607.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2607", "detail_available": true, "module_name": "Secure Kernel Code Integrity (skci.dll) in Microsoft Windows 10 Enterprise, Windows 10 Enterprise LTSB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with the module Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub under Cert. #2604 operating in FIPS mode or Code Integrity (ci.dll) in Microsoft Windows Enterprise LTSB under Cert. #3437 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Secure Kernel Code Integrity (SKCI) running in the Virtual Secure Mode (VSM) of the Hyper-V hypervisor will only grant execute access to physical pages in the kernel that have been successfully verified. Executable pages will not have write permission outside of Hyper-V. Therefore, only verified code can be executed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2606", "Certificate Number": "2606", "Vendor Name": "Microsoft Corporation", "Module Name": "Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub", "Module Type": "Software", "Validation Date": "06/02/201608/26/201606/10/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2606.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2606", "detail_available": true, "module_name": "Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with the module Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub under Cert. #2605 operating in FIPS mode and Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub under Cert. #2604 operating in FIPS mode or Code Integrity (ci.dll) in Windows Enterprise LTSB under Cert. #3437 operating in FIPS mode or Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub under Cert. #3469 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) provides cryptographic services to Windows components and applications. It includes cryptographic algorithms in an easy-to-use cryptographic module via the Cryptography Next Generation (CNG) API. It can be dynamically linked into applications for the use of general-purpose FIPS 140-2 validated cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2605", "Certificate Number": "2605", "Vendor Name": "Microsoft Corporation", "Module Name": "Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub", "Module Type": "Software", "Validation Date": "06/02/201608/26/201606/06/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2605.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2605", "detail_available": true, "module_name": "Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules BitLocker(R) Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB validated to FIPS 140-2 under Cert. #2601 operating in FIPS mode or BitLocker(R) Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB validated to FIPS 140-2 under Cert. #2602 operating in FIPS mode or BitLocker(R) Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub validated to FIPS 140-2 under Cert. #2701 or #3451 operating in FIPS mode or BitLocker(R) Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise validated to FIPS 140-2 under Cert. #2702 or #3464 operating in FIPS mode or BitLocker(R) Windows OS Loader (winload) in Windows 10 Enterprise LTSB validated to FIPS 140-2 under Cert. #3427 operating in FIPS mode or BitLocker(R) Windows Resume (winresume) in Windows 10 Enterprise LTSB validated to FIPS 140-2 under Cert. #3426 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Kernel Mode Cryptographic Primitives Library (cng.sys) runs as a kernel mode export driver, and provides cryptographic services, through their documented interfaces, to Windows kernel components. It supports several cryptographic algorithms accessible via a FIPS function table request IRP (I/O request packet)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2604", "Certificate Number": "2604", "Vendor Name": "Microsoft Corporation", "Module Name": "Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub", "Module Type": "Software", "Validation Date": "06/02/201608/26/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2604.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2604", "detail_available": true, "module_name": "Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules BitLocker(R) Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB validated to FIPS 140-2 under Cert. #2601 operating in FIPS mode or BitLocker(R) Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB validated to FIPS 140-2 under Cert. #2602 operating in FIPS mode or BitLocker(R) Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub validated to FIPS 140-2 under Cert. #2701 operating in FIPS mode or BitLocker(R) Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise validated to FIPS 140-2 under Cert. #2702 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Code Integrity (ci.dll) verifies the integrity of executable files, including kernel mode drivers, critical system components, and user mode cryptographic modules as they are loaded into memory from the disk." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2603", "Certificate Number": "2603", "Vendor Name": "Microsoft Corporation", "Module Name": "BitLocker® Dump Filter (dumpfve.sys) in Microsoft Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB", "Module Type": "Software", "Validation Date": "06/02/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2603.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2603", "detail_available": true, "module_name": "BitLocker® Dump Filter (dumpfve.sys) in Microsoft Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with the module Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB under Cert. #2604 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The BitLocker® Dump Filter (dumpfve.sys) is the full volume encryption filter that resides in the system dump stack. Whenever the dump stack is called (in the event of a system crash or for hibernation), this filter ensures that all data is encrypted before it gets written to the disk as a dump file or hibernation file." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2602", "Certificate Number": "2602", "Vendor Name": "Microsoft Corporation", "Module Name": "BitLocker® Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB", "Module Type": "Software", "Validation Date": "06/02/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2602.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2602", "detail_available": true, "module_name": "BitLocker® Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Boot Manager in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB validated to FIPS 140-2 under Cert. #2600 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "BitLocker® Windows Resume is an operating system loader which loads the Windows OS kernel (ntoskrnl.exe) and other boot stage binary image files, as well as previous operating system state information, when Windows has been previously put into a sleep or hibernate power state." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2601", "Certificate Number": "2601", "Vendor Name": "Microsoft Corporation", "Module Name": "BitLocker® Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB", "Module Type": "Software", "Validation Date": "06/02/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2601.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2601", "detail_available": true, "module_name": "BitLocker® Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Boot Manager in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB validated to FIPS 140-2 under Cert. #2600 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The BitLocker® Windows OS Loader loads the boot-critical driver and OS kernel image files." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2600", "Certificate Number": "2600", "Vendor Name": "Microsoft Corporation", "Module Name": "Boot Manager in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB", "Module Type": "Software", "Validation Date": "06/02/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2600.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2600", "detail_available": true, "module_name": "Boot Manager in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Windows system boot manager is called by the bootstrapping code that resides in the boot sector. It checks its own integrity, checks the integrity of the Windows OS Loader, and then launches it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2599", "Certificate Number": "2599", "Vendor Name": "IBM", "Module Name": "IBM Cloud Object Storage System’s™ FIPS Cryptographic Module", "Module Type": "Software", "Validation Date": "04/01/201604/12/201603/31/201703/27/201806/04/202003/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2599.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2599", "detail_available": true, "module_name": "IBM Cloud Object Storage System’s™ FIPS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The IBM Cloud Object Storage System’s™ FIPS Object Module is a full featured general purpose cryptographic library that is distributed as a component of ClevOS™ FIPS Edition, the underlying technology for IBM Cloud Object Store Appliances.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2598", "Certificate Number": "2598", "Vendor Name": "Utimaco Inc.", "Module Name": "Enterprise Secure Key Manager", "Module Type": "Hardware", "Validation Date": "04/01/201612/21/201712/04/201812/06/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2598.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2598", "detail_available": true, "module_name": "Enterprise Secure Key Manager", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2597", "Certificate Number": "2597", "Vendor Name": "Apple Inc.", "Module Name": "Apple OS X CoreCrypto Kernel Module v6.0", "Module Type": "Software", "Validation Date": "03/29/201603/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2597.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2597", "detail_available": true, "module_name": "Apple OS X CoreCrypto Kernel Module v6.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Apple OS X CoreCrypto Kernel Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2596", "Certificate Number": "2596", "Vendor Name": "McAfee, Inc.", "Module Name": "Network Security Platform Sensor NS-9300 P", "Module Type": "Hardware", "Validation Date": "03/29/201605/03/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2596.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2596", "detail_available": true, "module_name": "Network Security Platform Sensor NS-9300 P", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2595", "Certificate Number": "2595", "Vendor Name": "Chunghwa Telecom Co., Ltd.", "Module Name": "HiCOS PKI Native Smart Card Cryptographic Module", "Module Type": "Hardware", "Validation Date": "03/29/201611/29/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2595.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2595", "detail_available": true, "module_name": "HiCOS PKI Native Smart Card Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The HiCOS PKI native smart card module is a single chip implementation of a cryptographic module. The HiCOS PKI native smart card module is mounted in an ID-1 class smart card body that adheres to ISO/IEC specifications for Integrated Circuit Chip (ICC) based identification cards. The module consists of the chip (ICC), the contact faceplate, and the electronic connectors between the chip and contact pad, all contained within an epoxy substrate." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2594", "Certificate Number": "2594", "Vendor Name": "Apple Inc.", "Module Name": "Apple iOS CoreCrypto Module v6.0", "Module Type": "Software", "Validation Date": "03/29/201603/11/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2594.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2594", "detail_available": true, "module_name": "Apple iOS CoreCrypto Module v6.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Apple iOS CoreCrypto Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2593", "Certificate Number": "2593", "Vendor Name": "McAfee, Inc.", "Module Name": "Network Security Platform Sensor NS-9300 S", "Module Type": "Hardware", "Validation Date": "03/29/201605/03/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2593.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2593", "detail_available": true, "module_name": "Network Security Platform Sensor NS-9300 S", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2592", "Certificate Number": "2592", "Vendor Name": "Zebra Technologies Corporation", "Module Name": "Zebra DCS Cryptographic Library", "Module Type": "Firmware", "Validation Date": "03/25/201608/15/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2592.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2592", "detail_available": true, "module_name": "Zebra DCS Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "This validation entry is a non-security relevant modification to Cert. #1467", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The Zebra DCS Cryptographic Library provides FIPS 140-2 Level 1 certified encryption and security practices to protect data sensitive transmission between the Embedded devices which include cordless scanners, cradles and terminals." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2591", "Certificate Number": "2591", "Vendor Name": "McAfee, Inc.", "Module Name": "Network Security Platform Sensor NS-9100 and NS-9200", "Module Type": "Hardware", "Validation Date": "03/24/201605/03/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2591.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2591", "detail_available": true, "module_name": "Network Security Platform Sensor NS-9100 and NS-9200", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2590", "Certificate Number": "2590", "Vendor Name": "ARX (Algorithmic Research)", "Module Name": "CoSign", "Module Type": "Hardware", "Validation Date": "03/24/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2590.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2590", "detail_available": true, "module_name": "CoSign", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS Mode. This module contains the embedded module eToken 5105 validated to FIPS 140-2 under Cert. #1883 operating in FIPS mode. No assurance of the minimum strength of generated keys.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "CoSign is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization's end-users. End-users will connect securely to CoSign from their PC for the purpose of signing documents and data." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2589", "Certificate Number": "2589", "Vendor Name": "Sonus Networks, Inc.", "Module Name": "SBC 7000 Session Border Controller", "Module Type": "Hardware", "Validation Date": "03/24/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2589.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2589", "detail_available": true, "module_name": "SBC 7000 Session Border Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The SBC 7000 Session Border Controller is a high-performance air-cooled, 5U, IP encryption appliances that provide secure SIP-based communications with robust security, reduced latency, real-time encryption (VOIP signaling and media traffic), media transcoding, flexible SIP session routing & policy management.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2587", "Certificate Number": "2587", "Vendor Name": "Hewlett Packard Enterprise Development LP", "Module Name": "HP BladeSystem Onboard Administrator Firmware", "Module Type": "Firmware", "Validation Date": "03/21/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2587.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2587", "detail_available": true, "module_name": "HP BladeSystem Onboard Administrator Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as indicated in the Security Policy in Section 3", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The module provides administrative control of HP BladeSystem c-Class enclosures. The cryptographic functions of the module provide security for administrative access via HTTPS and SSH, and to administrative commands for the BladeSystem enclosure.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2586", "Certificate Number": "2586", "Vendor Name": "Integral Memory PLC.", "Module Name": "Integral AES 256 Bit Crypto SSD Underlying PCB", "Module Type": "Hardware", "Validation Date": "03/21/201606/21/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2586.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2586", "detail_available": true, "module_name": "Integral AES 256 Bit Crypto SSD Underlying PCB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Integral Crypto SSD is the Full Disk Encryption solution for Windows desktops and laptops. Featuring AES 256-bit Hardware Encryption so you can encrypt and protect your sensitive data and get the speed, reliability and power benefits of SSD. It comes in 32 GB, 64 GB, 128 GB, 256 GB, 512 GB, 1 TB and 2 TB SATA II & III versions. The devices feature an epoxy resin coating around both the circuit components and the printed circuit board (PCB)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2585", "Certificate Number": "2585", "Vendor Name": "EMC Corporation", "Module Name": "VNX 6 Gb/s SAS I/O Module with Encryption from EMC", "Module Type": "Hardware", "Validation Date": "03/21/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2585.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2585", "detail_available": true, "module_name": "VNX 6 Gb/s SAS I/O Module with Encryption from EMC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The VNX 6Gb/s SAS I/O Module with Encryption is an optimized solution for native SAS/SATA HBA applications. It is the heart of any VNX storage system, providing the interface to the physical storage media. Its benefits include cost and universal drive support for SAS and SATA disks. The VNX 6Gb/s SAS I/O Module with Encryption is a high-density SAS controller solution that significantly increases total system performance, diagnostics, scalability and manageability. It provides the highest density, lowest power/port SAS controller solution available.", "algorithms": [ "AES", "KTS", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2584", "Certificate Number": "2584", "Vendor Name": "Advantech B+B Smartworx", "Module Name": "Advantech B+B SmartWorx Cryptographic Module", "Module Type": "Software", "Validation Date": "03/21/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2584.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2584", "detail_available": true, "module_name": "Advantech B+B SmartWorx Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Advantech B+B SmartWorx Cryptographic Module is a software module that provides cryptographic services to Advantech B+B SmartWorx products. The module provides a number of FIPS 140 validated cryptographic algorithms for services such as IPsec. The module provides applications with a library interface that enables them to access the various cryptographic algorithm functions supplied by the module." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2583", "Certificate Number": "2583", "Vendor Name": "Box, Inc.", "Module Name": "Box JCA Cryptographic Module", "Module Type": "Software", "Validation Date": "03/21/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2583.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2583", "detail_available": true, "module_name": "Box JCA Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Box JCA Cryptographic Module is a Java Cryptography Architecture provider that provides encryption, hashing and random number generation utilizing FIPS 140-2 validated algorithms.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2582", "Certificate Number": "2582", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 6.6 Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "03/16/201604/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2582.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2582", "detail_available": true, "module_name": "Red Hat Enterprise Linux 6.6 Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Network Security Services (NSS) Module validated to FIPS 140-2 under Cert. #2564 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Linux kernel Crypto API implemented in Red Hat Enterprise Linux 6.6 provides services operating inside the Linux kernel with various ciphers, message digests and an approved random number generator." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2581", "Certificate Number": "2581", "Vendor Name": "FireEye, Inc.", "Module Name": "FireEye HX Series: HX 4400, HX 4400D, HX 4402, HX 9402", "Module Type": "Hardware", "Validation Date": "03/14/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2581.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2581", "detail_available": true, "module_name": "FireEye HX Series: HX 4400, HX 4400D, HX 4402, HX 9402", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FireEye HX series appliances enable security operations teams to correlate network and endpoint activity. Organizations can automatically investigate alerts generated by FireEye Threat Prevention Platforms, log management, and network security products, apply intelligence from FireEye to continuously validate Indicators of Compromises on the endpoints and identify if a compromise has occurred and assess the potential risk.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2580", "Certificate Number": "2580", "Vendor Name": "FireEye, Inc.", "Module Name": "FireEye MX Series: MX 900, MX 8400", "Module Type": "Hardware", "Validation Date": "03/14/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2580.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2580", "detail_available": true, "module_name": "FireEye MX Series: MX 900, MX 8400", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FireEye MX series appliances are mobile management platforms that work in conjunction with the FireEye MTP App to assimilate and disperse threat information to mobile endpoints, and offer integration with MDM solutions for a true detect to fix solution.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2579", "Certificate Number": "2579", "Vendor Name": "Qualcomm Technologies, Inc.", "Module Name": "QTI Inline Crypto Engine (UFS)", "Module Type": "Hardware", "Validation Date": "03/11/201602/12/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2579.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2579", "detail_available": true, "module_name": "QTI Inline Crypto Engine (UFS)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "QTI Inline Crypto Engine (UFS) provides high throughput storage data encryption and decryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2578", "Certificate Number": "2578", "Vendor Name": "IBM Security", "Module Name": "IBM Security Network Intrusion Prevention System Version 4.6.2", "Module Type": "Hardware", "Validation Date": "03/07/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2578.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2578", "detail_available": true, "module_name": "IBM Security Network Intrusion Prevention System Version 4.6.2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Network Intrusion Prevention System (NIPS) automatically blocks malicious attacks while preserving network bandwidth and availability. The appliances are purpose-built, Layer 2 network security appliances that you can deploy either at the gateway or the network to block intrusion attempts, denial of service (DoS) attacks, malicious code, backdoors, spyware, peer-to-peer applications, and a growing list of threats without requiring extensive network reconfiguration." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2577", "Certificate Number": "2577", "Vendor Name": "Aruba, a Hewlett Packard Enterprise Company", "Module Name": "Aruba Linux Cryptographic Module", "Module Type": "Software", "Validation Date": "03/02/201611/10/202003/15/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2577.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2577", "detail_available": true, "module_name": "Aruba Linux Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #2038.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Aruba Linux Cryptographic Module implements full and approved cryptographic algorithm support, including Suite B algorithm compliance, for Aruba products. It provides secure key management, data integrity, data at rest encryption, and secure communications.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2576", "Certificate Number": "2576", "Vendor Name": "Zinc Inc.", "Module Name": "Zinc Cryptographic Module", "Module Type": "Software", "Validation Date": "03/02/201608/08/201612/12/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2576.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2576", "detail_available": true, "module_name": "Zinc Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #1938.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Zinc Cryptographic Module provides cryptographic functions for Zinc Inc.’s mobile applications.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2575", "Certificate Number": "2575", "Vendor Name": "Cellcrypt", "Module Name": "Cellcrypt Secure Core 3 FIPS 140-2 Module", "Module Type": "Software", "Validation Date": "03/02/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2575.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2575", "detail_available": true, "module_name": "Cellcrypt Secure Core 3 FIPS 140-2 Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Cellcrypt Secure Core 3 FIPS 140-2 Module Version 2.0.10 is a cryptographic software library providing privacy, authentication and integrity services. There are three major protocol groups supported: - Offline or store-and-forward based protocols - File storage and message attachments - Online or session-based protocols", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2574", "Certificate Number": "2574", "Vendor Name": "Hewlett Packard Enterprise Development LP", "Module Name": "iLO 4 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "03/02/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2574.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2574", "detail_available": true, "module_name": "iLO 4 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The HP Integrated Lights-Out 4 (HP iLO 4) built into HP ProLiant Gen8 and Gen9 servers is an autonomous secure management component embedded directly on the server motherboard. iLO helps simplify initial server setup, power and thermal optimization, remote server administration, and provides server health monitoring with the HP Active Health System (AHS).", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2573", "Certificate Number": "2573", "Vendor Name": "Aruba a Hewlett Packard Enterprise Company", "Module Name": "Aruba Common Cryptographic Module", "Module Type": "Software", "Validation Date": "03/01/201602/28/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2573.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2573", "detail_available": true, "module_name": "Aruba Common Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Aruba Common Cryptographic Module Version 1.0 is a software shared library that provides cryptographic services required by Aruba software applications.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDH", "ECDSA", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2572", "Certificate Number": "2572", "Vendor Name": "McAfee, Inc.", "Module Name": "Network Security Platform Sensor M-8000 S", "Module Type": "Hardware", "Validation Date": "02/25/201605/03/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2572.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2572", "detail_available": true, "module_name": "Network Security Platform Sensor M-8000 S", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2571", "Certificate Number": "2571", "Vendor Name": "Canon U.S.A., Inc.", "Module Name": "Canon imageRUNNER Crypto Module 2.1.1.1 for MEAP", "Module Type": "Software", "Validation Date": "02/25/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2571.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2571", "detail_available": true, "module_name": "Canon imageRUNNER Crypto Module 2.1.1.1 for MEAP", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Canon imageRUNNER Crypto Module for MEAP security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2570", "Certificate Number": "2570", "Vendor Name": "Certicom Corp.", "Module Name": "Security Builder® Linux Kernel Cryptographic Module", "Module Type": "Software", "Validation Date": "02/23/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2570.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2570", "detail_available": true, "module_name": "Security Builder® Linux Kernel Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the Security Policy Appendix A", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Certicom Security Builder® Linux Kernel Cryptographic Module is a software-only external Linux Kernel module that provides general-purpose cryptographic services to the remainder of the kernel." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2569", "Certificate Number": "2569", "Vendor Name": "Hiddn Security AS", "Module Name": "CM1+", "Module Type": "Hardware", "Validation Date": "02/22/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2569.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2569", "detail_available": true, "module_name": "CM1+", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The CM1+ is a 256-bit AES hardware encryption engine for protection of data at rest. The unit operates on the SATA protocol independent of the storage device, which allows encryption of disk drives of various storage capacities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2568", "Certificate Number": "2568", "Vendor Name": "Security First Corp.", "Module Name": "SecureParser®", "Module Type": "Software", "Validation Date": "02/22/201610/03/201612/23/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2568.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2568", "detail_available": true, "module_name": "SecureParser®", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The SecureParser® is a security and high data availability architecture delivered in the form of a software toolkit that provides cryptographic data splitting (data encryption, random or deterministic distribution to multiple shares including additional fault tolerant bits, key splitting, authentication, integrity, share reassembly, key restoration and decryption) of arbitrary data. During the split process, additional redundant data may be optionally written to each share enabling the capability of restoring the original data when all shares are not available." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2567", "Certificate Number": "2567", "Vendor Name": "IBM Security", "Module Name": "IBM Security XGS 3100, XGS 4100, XGS 5100, and XGS 7100", "Module Type": "Hardware", "Validation Date": "02/19/201612/20/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2567.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2567", "detail_available": true, "module_name": "IBM Security XGS 3100, XGS 4100, XGS 5100, and XGS 7100", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Network Intrusion Prevention System (IPS) automatically blocks malicious attacks while preserving network bandwidth and availability. The appliances are purpose-built, Layer 2 network security appliances that you can deploy either at the gateway or the network to block intrusion attempts, denial of service (DoS) attacks, malicious code, backdoors, spyware, peer-to-peer applications, and a growing list of threats without requiring extensive network reconfiguration. The XGS 3100, XGS 4100, XGS 5100, and XGS 7100 can be securely managed via SiteProtector, which is a central management console" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2566", "Certificate Number": "2566", "Vendor Name": "Skyhigh Networks", "Module Name": "Java Crypto Module", "Module Type": "Software", "Validation Date": "02/18/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2566.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2566", "detail_available": true, "module_name": "Java Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Java Crypto Module provides cryptographic functions for Skyhigh Networks cloud visibility and enablement products.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2565", "Certificate Number": "2565", "Vendor Name": "Hiddn Security AS", "Module Name": "coCrypt CM1+", "Module Type": "Hardware", "Validation Date": "02/18/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2565.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2565", "detail_available": true, "module_name": "coCrypt CM1+", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The coCrypt CM1+ is a 256-bit AES hardware encryption engine which encrypts data either to a replacable microSD storage card or an USB flash drive. The unit allows the user to expand the storage capacity whenever needed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2564", "Certificate Number": "2564", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 6.6 NSS Module", "Module Type": "Software", "Validation Date": "02/17/201608/16/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2564.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2564", "detail_available": true, "module_name": "Red Hat Enterprise Linux 6.6 NSS Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major Internet security standards. NSS is available free of charge under a variety of open source compatible licenses. See http://www.mozilla.org/projects/security/pki/nss/" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2563", "Certificate Number": "2563", "Vendor Name": "IBM Security", "Module Name": "IBM Security SiteProtector System Cryptographic Module", "Module Type": "Software", "Validation Date": "02/17/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2563.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2563", "detail_available": true, "module_name": "IBM Security SiteProtector System Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SiteProtector is a centralized management system that unifies management and analysis for network, server, and desktop protection agents and small networks or appliances. The SiteProtector is used as the central controlling point for IBM ISS appliances deployed on the network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2562", "Certificate Number": "2562", "Vendor Name": "Senetas Corporation Ltd. and SafeNet Inc.", "Module Name": "CN6000 Series Encryptors", "Module Type": "Hardware", "Validation Date": "02/17/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2562.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2562", "detail_available": true, "module_name": "CN6000 Series Encryptors", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The CN6000 Series is a high-speed hardware encryption platform that secures data over optical and twisted-pair Ethernet and Fibre Channel networks. Models validated are the CN6100 10G Ethernet operating at a line rate of 10Gb/s and the CN6040, Ethernet and FC selectable model operating at data rates up to 4Gb/s. Data privacy is provided by FIPS approved AES CFB and CTR algorithms. GCM is available on the CN6040 for applications that also demand authentication. Additionally TRANSEC (also known as Traffic Flow Security or TFS) transmission security capability can be used to remove patterns from" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2561", "Certificate Number": "2561", "Vendor Name": "Medtronic Care Management Services, LLC", "Module Name": "CC FM TLS/SRTP", "Module Type": "Software", "Validation Date": "02/16/201603/22/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2561.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2561", "detail_available": true, "module_name": "CC FM TLS/SRTP", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "CC FM TLS/SRTP facilitates secure communication for the TLS and SRTP protocols." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2560", "Certificate Number": "2560", "Vendor Name": "Unisys Corporation", "Module Name": "Unisys Linux Kernel Cryptographic API Module", "Module Type": "Software", "Validation Date": "02/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2560.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2560", "detail_available": true, "module_name": "Unisys Linux Kernel Cryptographic API Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 11", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Unisys Linux Kernel Cryptographic API Module is a software-only cryptographic module that comprises a set of Linux kernel modules. It provides general purpose cryptographic services to the remainder of the Linux kernel.", "algorithms": [ "AES", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2559", "Certificate Number": "2559", "Vendor Name": "VMware, Inc.", "Module Name": "VMware Horizon JCE (Java Cryptographic Extension) Module", "Module Type": "Software", "Validation Date": "02/12/201605/18/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2559.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2559", "detail_available": true, "module_name": "VMware Horizon JCE (Java Cryptographic Extension) Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The VMware Horizon JCE (Java Cryptographic Extension) Module is a versatile software library that implements FIPS-140-2 approved cryptographic services for VMware products and platforms.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2558", "Certificate Number": "2558", "Vendor Name": "McAfee, Inc.", "Module Name": "Network Security Platform Sensor M-8000 P", "Module Type": "Hardware", "Validation Date": "02/11/201605/03/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2558.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2558", "detail_available": true, "module_name": "Network Security Platform Sensor M-8000 P", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2557", "Certificate Number": "2557", "Vendor Name": "Senetas Corporation Ltd. and SafeNet Inc.", "Module Name": "CN Series Ethernet Encryptors", "Module Type": "Hardware", "Validation Date": "02/11/201604/11/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2557.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2557", "detail_available": true, "module_name": "CN Series Ethernet Encryptors", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The CN4010 and CN6010 are high-speed hardware encryption modules that secure data over twisted-pair Ethernet and optical networks. The modules support data rates to 1Gb/s and 100Mb/s and 10Mb/s modes. The CN6010 is additionally equipped with pluggable SFPs to support a variety of optical network interfaces. Data privacy is provided by FIPS approved AES CFB and CTR algorithms as well as GCM for applications that demand authentication. Additional transmission security is provided via TRANSEC capability which can be used to remove patterns in network traffic and prevent traffic analysis." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2556", "Certificate Number": "2556", "Vendor Name": "Infineon Technologies AG", "Module Name": "Trusted Platform Module 1.2 SLB 9660/SLB 9665/SLB 9670", "Module Type": "Hardware", "Validation Date": "02/09/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2556.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2556", "detail_available": true, "module_name": "Trusted Platform Module 1.2 SLB 9660/SLB 9665/SLB 9670", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode as specified in Security Policy Sections 1.1 and 8.1", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The TPM is a single chip module that provides computer manufacturers with the core components of a subsystem used to assure authenticity, integrity and confidentiality in e-commerce and internet communications within a Trusted Computing Platform. The TPM is a complete solution implementing the TCG specifications Version 1.2, Revision 116, 1 March 2011. See www.trustedcomputinggroup.org for further information on TCG and TPM.", "algorithms": [ "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2555", "Certificate Number": "2555", "Vendor Name": "McAfee, Inc.", "Module Name": "Network Security Platform Sensor M-1250, M-1450, M-2750, M-2850, M-2950, M-3050, M-4050 and M-6050", "Module Type": "Hardware", "Validation Date": "02/09/201605/03/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2555.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2555", "detail_available": true, "module_name": "Network Security Platform Sensor M-1250, M-1450, M-2750, M-2850, M-2950, M-3050, M-4050 and M-6050", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2554", "Certificate Number": "2554", "Vendor Name": "IBM® Corporation", "Module Name": "IBM(R) Security QRadar(R) Cryptographic Security Kernel", "Module Type": "Software", "Validation Date": "02/02/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2554.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2554", "detail_available": true, "module_name": "IBM(R) Security QRadar(R) Cryptographic Security Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The IBM(R) Security QRadar(R) Cryptographic Security Kernel is multi-algorithm library providing general-purpose cryptographic services. The purpose of the module is to provide a single API for cryptographic functionality that can provide centralized control over FIPS-Approved mode status, provide availability of only FIPS-Approved algorithms or vendor-affirmed implementations of non FIPS-Approved algorithms, and provide for centralized logging and reporting of the cryptographic engine.", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2553", "Certificate Number": "2553", "Vendor Name": "ZOLL Medical Corporation", "Module Name": "R Series Data Comm II", "Module Type": "Hardware", "Validation Date": "02/02/201601/05/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2553.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2553", "detail_available": true, "module_name": "R Series Data Comm II", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. This module contains the embedded module OpenSSL FIPS Object Module validated to FIPS 140-2 under Cert. #1747 operating in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The ZOLL R Series Data Comm II module allows data to be wirelessly transmitted." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2552", "Certificate Number": "2552", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Motorola Solutions Astro Subscriber uMACE - Level 3", "Module Type": "Hardware", "Validation Date": "02/02/201601/30/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2552.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2552", "detail_available": true, "module_name": "Motorola Solutions Astro Subscriber uMACE - Level 3", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and configured to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The uMACE cryptographic processor is used in security modules embedded in Motorola's Astro family of radio systems products. It provides secure voice and data capabilities as well as APCO Over-The-Air-Rekeying and advanced key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2551", "Certificate Number": "2551", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "02/04/201601/04/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2551.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2551", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2550", "Certificate Number": "2550", "Vendor Name": "Intel Corporation", "Module Name": "McAfee Linux Cryptographic Module", "Module Type": "Software", "Validation Date": "01/29/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2550.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2550", "detail_available": true, "module_name": "McAfee Linux Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as indicated in the Security Policy in Section Secure Operation. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The McAfee Linux Cryptographic Module provides cryptographic services for McAfee Linux and security appliance products built upon this platform. McAfee Linux is an operating system built with a focus on the needs of security appliances.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2549", "Certificate Number": "2549", "Vendor Name": "SUSE, LLC", "Module Name": "SUSE Linux Enterprise Server 12 - Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "01/29/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2549.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2549", "detail_available": true, "module_name": "SUSE Linux Enterprise Server 12 - Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module SUSE Linux Enterprise Server 12 - OpenSSL Module v2.0 validated to FIPS 140-2 under Cert. #2435 operating in FIPS mode and with module SUSE Linux Enterprise Server 12 - StrongSwan Cryptographic Module version 1.0 validated to FIPS 140-2 under Cert. #2484 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SUSE Kernel Crypto API module provides cryptographic services to the Linux operating system kernel." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2548", "Certificate Number": "2548", "Vendor Name": "Redpine Signals, Inc.", "Module Name": "RS9113", "Module Type": "Hardware", "Validation Date": "01/28/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2548.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2548", "detail_available": true, "module_name": "RS9113", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When initialized and configured as specified in Section 5.2 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The RS9113 modules' family is based on Redpine Signals' RS9113 ultra-low-power Convergence SoC. These modules offer dual-band 1x1 802.11n, dual-mode Bluetooth 4.0 and Zigbee 802.15.4 in a single device. They are high performance, long range and ultra-low power modules. The modules provide guaranteed availability of connectivity at all locations within the defined zones, availability at all times, devices' mobility, security of data collection and transmission to backend database, low power for battery operated devices and bandwidth needs." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2547", "Certificate Number": "2547", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Motorola Solutions Astro Subscriber uMACE - Level 2", "Module Type": "Hardware", "Validation Date": "01/28/201601/30/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2547.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2547", "detail_available": true, "module_name": "Motorola Solutions Astro Subscriber uMACE - Level 2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and configured to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The uMACE cryptographic processor is used in security modules embedded in Motorola's Astro family of radio systems products. It provides secure voice and data capabilities as well as APCO Over-The-Air-Rekeying and advanced key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2546", "Certificate Number": "2546", "Vendor Name": "Senetas Corporation Ltd. and SafeNet Inc.", "Module Name": "CN1000/CN3000 Series Encryptors", "Module Type": "Hardware", "Validation Date": "01/26/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2546.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2546", "detail_available": true, "module_name": "CN1000/CN3000 Series Encryptors", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The CN1000/CN3000 Series is a high-speed hardware encryption platform designed to secure data transmitted over Ethernet networks. The CN1000 Series supports line rates of 10/100/1000 Mbps while the CN3000 extends the CN Series line rate capability to 10Gbps. SafeNet, Inc. makes Senetas products available globally under a master distribution agreement and are co-branded as such." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2545", "Certificate Number": "2545", "Vendor Name": "HID Global and Oberthur Technologies", "Module Name": "HID Global ActivID Applet Suite v2.7.4 on Oberthur Technologies Cosmo V8", "Module Type": "Hardware", "Validation Date": "01/26/201608/11/201708/17/201711/02/201704/24/201811/23/201804/13/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2545.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2545", "detail_available": true, "module_name": "HID Global ActivID Applet Suite v2.7.4 on Oberthur Technologies Cosmo V8", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated and configured in FIPS mode as specified in Section 10 of the Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "HID Global ActivID Applet v2.7.4 is a Java Card applet suite that uses the Oberthur Technologies Cosmo v8 operating system. The product can be used over contact and contactless interface and can be configured for support of GSC-IS v2.1 and PIV standards (NIST SP 800-73-4 and SP 800-78-4).", "algorithms": [ "DES", "DRBG", "KAS", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2544", "Certificate Number": "2544", "Vendor Name": "HID Global and Giesecke+Devrient Mobile Security America Inc.", "Module Name": "HID Global ActivID Applet Suite v2.7.5 and v2.7.6 on Giesecke & Devrient Sm@rtCafé Expert 7.0", "Module Type": "Hardware", "Validation Date": "01/26/201607/03/201707/14/201703/09/201811/30/201801/12/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2544.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2544", "detail_available": true, "module_name": "HID Global ActivID Applet Suite v2.7.5 and v2.7.6 on Giesecke & Devrient Sm@rtCafé Expert 7.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with module Sm@rtCafé Expert 7.0 validated to FIPS 140-2 under Cert. #2327 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Single Chip", "description": "HID Global ActivID Applet v2.7.5 and v2.7.6 are Java Card applet suites that use the Sm@rtCafé Expert 7.0 operating system. The products can be used over contact and contactless interface and can be configured for support of GSC-IS v2.1 and PIV standards (NIST SP 800-73-4 and SP 800-78-4).", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "KAS", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2543", "Certificate Number": "2543", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiClient 5.0 VPN Client", "Module Type": "Software", "Validation Date": "01/26/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2543.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2543", "detail_available": true, "module_name": "FortiClient 5.0 VPN Client", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and configured according to the Entropy Token Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiClient VPN client provides a FIPS 140-2 validated, IPSec and SSL VPN client for Windows platforms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2542", "Certificate Number": "2542", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiClient 5.0 VPN Client", "Module Type": "Software", "Validation Date": "01/26/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2542.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2542", "detail_available": true, "module_name": "FortiClient 5.0 VPN Client", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and configured according to the Entropy Token Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiClient VPN client provides a FIPS 140-2 validated, IPSec and SSL VPN client for Windows platforms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2541", "Certificate Number": "2541", "Vendor Name": "Relocation Management Worldwide", "Module Name": "VERN (TM) RMW Crypto Library", "Module Type": "Software", "Validation Date": "01/26/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2541.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2541", "detail_available": true, "module_name": "VERN (TM) RMW Crypto Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The VERN RMW Crypto Library version 1.2 is a software cryptographic library that provides cryptographic services to the overall VERN Web application. The software contains implementations of approved cryptographic algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2540", "Certificate Number": "2540", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiMail-1000D and FortiMail-3000D", "Module Type": "Hardware", "Validation Date": "01/25/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2540.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2540", "detail_available": true, "module_name": "FortiMail-1000D and FortiMail-3000D", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiMail family of email security appliances provide an effective barrier against the ever-rising volume of sophisticated spam and malware and includes features designed to facilitate regulatory compliance. FortiMail 5.2 offers both inbound and outbound scanning, advanced antispam and antivirus filtering capabilities, malware emulation both locally and via integration with FortiSandbox, data leak prevention, identity based encryption and extensive quarantine and archiving capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2539", "Certificate Number": "2539", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiMail 5.2", "Module Type": "Firmware", "Validation Date": "01/25/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2539.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2539", "detail_available": true, "module_name": "FortiMail 5.2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiMail family of email security appliances provide an effective barrier against the ever-rising volume of sophisticated spam and malware and includes features designed to facilitate regulatory compliance. FortiMail 5.2 offers both inbound and outbound scanning, advanced antispam and antivirus filtering capabilities, malware emulation both locally and via integration with FortiSandbox, data leak prevention, identity based encryption and extensive quarantine and archiving capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2538", "Certificate Number": "2538", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade(R) 7840 Extension Switch", "Module Type": "Hardware", "Validation Date": "01/19/201607/19/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2538.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2538", "detail_available": true, "module_name": "Brocade(R) 7840 Extension Switch", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and when tamper evident labels are installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Brocade 7840 Extension Switch provides fast, reliable WN/MAN connectivity for remote data replication, backup, and migration with Fibre Channel and advanced Fibre Channel over IP (FCIP) technology." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2537", "Certificate Number": "2537", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "01/15/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2537.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2537", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2536", "Certificate Number": "2536", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "01/15/201604/11/201705/22/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2536.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2536", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2535", "Certificate Number": "2535", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "01/15/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2535.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2535", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2534", "Certificate Number": "2534", "Vendor Name": "Kodiak Networks, Inc.", "Module Name": "Push To Talk Client Crypto Module", "Module Type": "Software", "Validation Date": "01/14/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2534.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2534", "detail_available": true, "module_name": "Push To Talk Client Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Embedded", "description": "Kodiak Push-to-Talk is a carrier-integrated Broadband Push-to-Talk service platform. It sets a new standard for instant communications by providing PTT service over 4G LTE, 4G HSPA+, Wi-Fi, and 3G.", "algorithms": [ "AES", "DES", "DRBG", "ECDH", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2533", "Certificate Number": "2533", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade(R) MLXe(R) NetIron(R) Ethernet Routers", "Module Type": "Hardware", "Validation Date": "01/12/201605/23/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2533.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2533", "detail_available": true, "module_name": "Brocade(R) MLXe(R) NetIron(R) Ethernet Routers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident labels installed as specified in Annex A and configured as specified in Tables 8, 12 and 16 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Brocade MLXe Series routers feature industry-leading 100 Gigabit Ethernet (GbE), 10 GbE, and 1 GbE wire-speed density; rich IPv4, IPv6, Multi-VRF, MPLS, and Carrier Ethernet capabilities without compromising performance; and advanced Layer 2 switching. This release introduces a new interface card BR-MLX-10GX4-IPSEC-M, which has built-in capability to negotiate IKEv2 sessions and establish IPSec tunnels to allow Virtual Private Networks to be created within the network. In addition, BR-MLX-10GX4-IPSEC-M has PHY level support for MACSec protocol.", "algorithms": [ "AES", "DES", "DRBG", "ECDH", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2532", "Certificate Number": "2532", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "01/13/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2532.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2532", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2531", "Certificate Number": "2531", "Vendor Name": "Intel Corporation", "Module Name": "McAfee Web Gateway WG5000 and WG5500 Appliances", "Module Type": "Hardware", "Validation Date": "01/11/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2531.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2531", "detail_available": true, "module_name": "McAfee Web Gateway WG5000 and WG5500 Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Policy Section Secure Operation. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The McAfee Web Gateway is a high-performance, enterprise-strength proxy security appliance family that provides the caching, authentication, administration, authorization controls and deep-level content security filtering required by today's most demanding enterprises. McAfee Web Gateway WG5000 and WG5500 Appliances deliver scalable deployment flexibility and performance. McAfee Web Gateway WG5000 and WG5500 Appliances deliver comprehensive security for all aspects of Web 2.0 traffic." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2530", "Certificate Number": "2530", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade(R) FCX 624/648, ICX (TM) 6610, ICX 6450, ICX 7750, ICX 7450 and SX 800/1600 Series", "Module Type": "Hardware", "Validation Date": "01/11/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2530.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2530", "detail_available": true, "module_name": "Brocade(R) FCX 624/648, ICX (TM) 6610, ICX 6450, ICX 7750, ICX 7450 and SX 800/1600 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed and with the configurations in Tables 4, 7, 12 and 13 as defined in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FastIron SX series chassis devices are modular switches that provide the enterprise network with a complete end-to-end Enterprise LAN solution. The ICX 6610 series is an access layer Gigabit Ethernet switch designed from the ground up for the enterprise data center environment. Brocade ICX 6450 switches provide enterprise-class stackable LAN switching solutions to meet the growing demands of campus networks, and the Brocade ICX 7750 is a 10/40 GbE Ethernet switch. The Brocade ICX 7450 Switch delivers the performance, flexibility, and scalability required for enterprise Gigabit Ethernet (", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "KDF", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2529", "Certificate Number": "2529", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiAnalyzer-200D", "Module Type": "Hardware", "Validation Date": "01/11/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2529.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2529", "detail_available": true, "module_name": "FortiAnalyzer-200D", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiAnalyzer family of logging, analyzing, and reporting appliances securely aggregate log data from Fortinet devices and other syslog-compatible devices. Using a comprehensive suite of customizable reports, users can filter and review records, including traffic, event, virus, attack, Web content, and email data." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2528", "Certificate Number": "2528", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiAnalyzer-3000D", "Module Type": "Hardware", "Validation Date": "01/10/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2528.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2528", "detail_available": true, "module_name": "FortiAnalyzer-3000D", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiAnalyzer family of logging, analyzing, and reporting appliances securely aggregate log data from Fortinet devices and other syslog-compatible devices. Using a comprehensive suite of customizable reports, users can filter and review records, including traffic, event, virus, attack, Web content, and email data." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2527", "Certificate Number": "2527", "Vendor Name": "Francotyp-Postalia GmbH", "Module Name": "Postal mRevenector US 2014", "Module Type": "Hardware", "Validation Date": "01/05/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2527.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2527", "detail_available": true, "module_name": "Postal mRevenector US 2014", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Francotyp-Postalia (FP) is one of the leading global suppliers of mail center solutions. A major component of the business of FP is the development, manufacture and support of postal franking machines (postage meters). These postal franking machines incorporate a postal security device (PSD) that performs all postage meter cryptographic and postal security functions and which protects both Critical Security Parameters (CSPs) and Postal Relevant Data Items (PRDIs) from unauthorized access. The Postal mRevenector US 2014 is FP’s latest generation of PSD. The cryptographic module neither relie" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2526", "Certificate Number": "2526", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiAnalyzer 5.2", "Module Type": "Firmware", "Validation Date": "01/05/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2526.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2526", "detail_available": true, "module_name": "FortiAnalyzer 5.2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and configured according to the Entropy Token Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiAnalyzer family of logging, analyzing, and reporting appliances securely aggregate log data from Fortinet devices and other syslog-compatible devices. Using a comprehensive suite of customizable reports, users can filter and review records, including traffic, event, virus, attack, Web content, and email data." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2525", "Certificate Number": "2525", "Vendor Name": "CounterTack, Inc.", "Module Name": "CounterTack Sentinel Endpoint Module", "Module Type": "Software", "Validation Date": "01/05/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2525.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2525", "detail_available": true, "module_name": "CounterTack Sentinel Endpoint Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Sentinel Endpoint Module installs on target servers and workstations to provide cryptographic functionality for real-time threat detection and response capabilities. Deployed as part of CounterTack's Sentinel platform, the sensor communicates behavioral data to a central cluster, which provides real-time analysis, correlation with external threat intelligence and rapid-response containment that scales even the largest enterprises.", "algorithms": [ "AES", "DES", "DRBG", "ECDH", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2524", "Certificate Number": "2524", "Vendor Name": "HyTrust, Inc.", "Module Name": "HyTrust KeyControl (TM) Cryptographic Module", "Module Type": "Software", "Validation Date": "01/05/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2524.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2524", "detail_available": true, "module_name": "HyTrust KeyControl (TM) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "HyTrust KeyControl is a key management system that is available in three different formats (ISO, OVA and AMI) and can be run on physical x86 based hardware as a virtual machine and on one of a number of different hypervisor platforms or as a combination of both when running in clustered mode.", "algorithms": [ "AES", "DRBG", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2523", "Certificate Number": "2523", "Vendor Name": "Intel Corporation", "Module Name": "McAfee Web Gateway WBG-5000-C and WBG-5500-C Appliances", "Module Type": "Hardware", "Validation Date": "01/05/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2523.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2523", "detail_available": true, "module_name": "McAfee Web Gateway WBG-5000-C and WBG-5500-C Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section Secure Operation. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The McAfee Web Gateway is a high-performance, enterprise-strength proxy security appliance family that provides the caching, authentication, administration, authorization controls and deep-level content security filtering required by today's most demanding enterprises. McAfee Web Gateway WBG-5000-C and WBG-5500-C Appliances deliver scalable deployment flexibility and performance. McAfee Web Gateway WBG-5000-C and WBG-5500-C Appliances deliver comprehensive security for all aspects of Web 2.0 traffic." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2522", "Certificate Number": "2522", "Vendor Name": "Intel Corporation", "Module Name": "McAfee Web Gateway Virtual Appliance", "Module Type": "Software", "Validation Date": "01/05/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2522.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2522", "detail_available": true, "module_name": "McAfee Web Gateway Virtual Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section Secure Operation. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The McAfee Web Gateway is a high-performance, enterprise-strength proxy security appliance family that provides the caching, authentication, administration, authorization controls and deep-level content security filtering required by today's most demanding enterprises. The McAfee Web Gateway Virtual Appliance delivers scalable deployment flexibility and performance. The McAfee Web Gateway Virtual Appliance delivers comprehensive security for all aspects of Web 2.0 traffic." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2521", "Certificate Number": "2521", "Vendor Name": "KIOXIA Corporation", "Module Name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX04S model) Type A", "Module Type": "Hardware", "Validation Date": "01/05/201602/12/201605/03/201610/02/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2521.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2521", "detail_available": true, "module_name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX04S model) Type A", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive is used for solid state drive data security. This Cryptographic Module (CM) provides various cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, cryptographic erase, independently protected user data LBA bands, and FW download." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2520", "Certificate Number": "2520", "Vendor Name": "KIOXIA Corporation", "Module Name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX04S model) Type B", "Module Type": "Hardware", "Validation Date": "01/05/201602/25/201605/03/201609/12/201709/22/201710/02/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2520.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2520", "detail_available": true, "module_name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX04S model) Type B", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive is used for solid state drive data security. This Cryptographic Module (CM) provides various cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, cryptographic erase, independently protected user data LBA bands, and FW download." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2519", "Certificate Number": "2519", "Vendor Name": "Hewlett Packard®, Enterprise", "Module Name": "HP FlexFabric 5900CP and 12910 Switch Series", "Module Type": "Hardware", "Validation Date": "01/05/201601/08/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2519.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2519", "detail_available": true, "module_name": "HP FlexFabric 5900CP and 12910 Switch Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with opacity shield and tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The HP FlexFabric 5900CP Switch Series provides a converged, top-of-rack, data center switch architecture that offers wire once for FCoE converged environments. With 48 converged ports that support 1/10GbE and 4/8 FC, the FlexFabric 5900CP delivers versatile convergence for connecting FC, iSCSI and FC SANs. The HP FlexFabric 12910 Switch is a next-generation modular data center core switch designed to support virtualized data centers and the evolving needs of private and public cloud deployments. The FlexFabric 12910 switch delivers unprecedented levels of performance, buffering, scale, and av" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2518", "Certificate Number": "2518", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiManager-4000D", "Module Type": "Hardware", "Validation Date": "01/05/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2518.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2518", "detail_available": true, "module_name": "FortiManager-4000D", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiManager OS is a firmware operating system that runs exclusively on Fortinet's FortiManager product family. FortiManager units are PC-based, purpose built appliances." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2517", "Certificate Number": "2517", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiManager-1000D", "Module Type": "Hardware", "Validation Date": "01/05/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2517.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2517", "detail_available": true, "module_name": "FortiManager-1000D", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "FortiManager Network Security Management Appliances were designed to provide security management for large enterprise organizations and service providers. They enable you to centrally manage any number of Fortinet devices, including FortiManager, FortiWiFi, and FortiCarrier™. FortiManager provides the high performance and scalability you need to efficiently apply policies and distribute content security/firmware updates, regardless of the size of your network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2516", "Certificate Number": "2516", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade VDX 6740, VDX 6740T and VDX 8770 Switches", "Module Type": "Hardware", "Validation Date": "12/29/201501/26/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2516.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2516", "detail_available": true, "module_name": "Brocade VDX 6740, VDX 6740T and VDX 8770 Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Brocade VDX 8770 Switch is designed to scale out Brocade VCS fabrics and support complex environments with dense virtualization and dynamic automation requirements. The Brocade VDX 6740 and VDX 6740T are a next generation fixed form factor VCS enabled 10 Gb/40 Gb Ethernet fabric switch for ToR fabric deployments.", "algorithms": [ "AES", "CVL", "DES", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2515", "Certificate Number": "2515", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiManager 5.2", "Module Type": "Firmware", "Validation Date": "12/29/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2515.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2515", "detail_available": true, "module_name": "FortiManager 5.2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and configured according to the Entropy Token Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Firmware", "embodiment": "Multi-Chip Stand Alone", "description": "The FortiManager OS is a firmware operating system that runs exclusively on Fortinet's FortiManager product family. FortiManager units are PC-based, purpose built appliances." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2514", "Certificate Number": "2514", "Vendor Name": "Aruba a Hewlett Packard Enterprise Company", "Module Name": "Aruba AP-204 and AP-205 Wireless Access Points", "Module Type": "Hardware", "Validation Date": "12/24/201501/15/201607/06/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2514.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2514", "detail_available": true, "module_name": "Aruba AP-204 and AP-205 Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's 802.11ac Wi-Fi access points operate at gigabit speeds, offering extreme performance for mobile devices. In FIPS 140-2 mode, the AP 204 & 205 support encrypted management and WPA2 tunneled pass through to Aruba Mobility Controllers. Aruba APs also support wireless intrusion detection/prevention services and wireless mesh topologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2513", "Certificate Number": "2513", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade(R) DCX, DCX 8510-8, DCX-4S and DCX 8510-4 Backbones, 6510 FC Switch, 6520 FC Switch, 7800 and 7840 Extension Switch", "Module Type": "Hardware", "Validation Date": "12/24/201504/21/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2513.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2513", "detail_available": true, "module_name": "Brocade(R) DCX, DCX 8510-8, DCX-4S and DCX 8510-4 Backbones, 6510 FC Switch, 6520 FC Switch, 7800 and 7840 Extension Switch", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and when tamper evident labels are installed on the initially built configuration as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Brocade DCX, DCX 8510-8, DCX-4S and DCX 8510-4 Backbones and the 6510 and 6520 Switch provide a reliable, scalable Fibre Channel switching infrastructure with market-leading 16 Gbps technology and capabilities that support demanding, enterprise-class private cloud storage and highly virtualized environments. The Brocade 7800 Extension Switch provides fast, reliable WAN/MAN connectivity for remote data replication, backup, and migration with Fibre Channel and advanced Fibre Channel over IP (FCIP) technology." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2512", "Certificate Number": "2512", "Vendor Name": "Christie Digital Systems Canada Inc.", "Module Name": "Christie F-IMB 4K Integrated Media Block (IMB)", "Module Type": "Hardware", "Validation Date": "12/24/201506/27/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2512.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2512", "detail_available": true, "module_name": "Christie F-IMB 4K Integrated Media Block (IMB)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS Mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Christie F-IMB is a DCI-compliant solution to enable the playback of the video, audio and timed text essence on a Christie digital cinema projector with the Fusion architecture. The F-IMB permits the playback of alternative content and High Frame Rate (HFR) material." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2511", "Certificate Number": "2511", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Integrated Services Router (ISR) 4351 and 4331 (with SM-ES3X-16-P, SM-ES3X-24-P, SM-D-ES3X-48-P, PVDM4-32, PVDM4-64, PVDM4-128 and PVDM4-256) and Cisco Integrated Services Router (ISR) 4321 (with PVDM4-32, PVDM4-64, PVDM4-128 and PVDM4-256)", "Module Type": "Hardware", "Validation Date": "12/24/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2511.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2511", "detail_available": true, "module_name": "Cisco Integrated Services Router (ISR) 4351 and 4331 (with SM-ES3X-16-P, SM-ES3X-24-P, SM-D-ES3X-48-P, PVDM4-32, PVDM4-64, PVDM4-128 and PVDM4-256) and Cisco Integrated Services Router (ISR) 4321 (with PVDM4-32, PVDM4-64, PVDM4-128 and PVDM4-256)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Integrated Services Router (ISR) are routing platforms that provide comprehensive security services including VPN for small businesses, enterprise small branch and teleworkers. The platforms are architected to enable the next phase of branch-office evolution, providing rich media collaboration and virtualization to the branch while offering a wide-range of connectivity options.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2510", "Certificate Number": "2510", "Vendor Name": "Athena SCS, Inc.", "Module Name": "iEngine SSID Applet on Athena SCS IDProtect Duo for SLE78", "Module Type": "Hardware", "Validation Date": "12/23/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2510.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2510", "detail_available": true, "module_name": "iEngine SSID Applet on Athena SCS IDProtect Duo for SLE78", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "IDProtect is a Cryptographic Module based on the Athena OS755 Java Card smartcard operating system with 404KB of Flash. IDProtect is compliant with the latest Java Card 3.0.4 and Global Platform 2.2.1 specifications. IDProtect supports FIPS approved DRBG, SHA-2, AES, ECDSA and ECC key generation. The SSID Java Card applet of iEngine is an applet supporting the latest version of the SSID standard for high-performance government application.", "algorithms": [ "AES", "DRBG", "ECDSA", "KDF", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2509", "Certificate Number": "2509", "Vendor Name": "Hewlett Packard®, Enterprise", "Module Name": "HPE HLR Cryptographic Module", "Module Type": "Software", "Validation Date": "12/22/201512/09/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2509.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2509", "detail_available": true, "module_name": "HPE HLR Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The HP OpenCall HLR Cryptographic Module provides cryptographic services that allows the HP OpenCall HLR to protect sensitive application and subscriber data at rest and during transit" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2508", "Certificate Number": "2508", "Vendor Name": "Toshiba Corporation", "Module Name": "Toshiba TCG Enterprise SSC Self-Encrypting Hard Disk Drive (AL14SEQ model)", "Module Type": "Hardware", "Validation Date": "12/22/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2508.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2508", "detail_available": true, "module_name": "Toshiba TCG Enterprise SSC Self-Encrypting Hard Disk Drive (AL14SEQ model)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Toshiba TCG Enterprise SSC Self-Encrypting Hard Disk Drive is used for hard disk drive data security. This Cryptographic Module (CM) provides various cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, cryptographic erase, independently protected user data LBA bands, and FW download." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2507", "Certificate Number": "2507", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung Flash Memory Protector V1.0", "Module Type": "Software-Hybrid", "Validation Date": "12/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2507.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2507", "detail_available": true, "module_name": "Samsung Flash Memory Protector V1.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "The driver for the on-the-fly Hardware encryption module to flash memory for Disk/File Encryption solution. The Harware module supports AES with CBC mode and XTS-AES cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2506", "Certificate Number": "2506", "Vendor Name": "Hewlett Packard Enterprise Development LP", "Module Name": "HP P-Class Smart Array Gen9 RAID Controllers", "Module Type": "Hardware", "Validation Date": "12/21/201506/27/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2506.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2506", "detail_available": true, "module_name": "HP P-Class Smart Array Gen9 RAID Controllers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The HP P-Class Smart Array RAID Controllers make up a family of serial-attached SCSI host bus adapters that provide intelligent control for storage array. The controllers can be card-based or embedded within an HP server, and provide a high speed data path, on-board storage cache, remote management, and encryption of data at rest, for the controlled storage arrays.", "algorithms": [ "AES", "DRBG", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2505", "Certificate Number": "2505", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco FIPS Object Module", "Module Type": "Software", "Validation Date": "12/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2505.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2505", "detail_available": true, "module_name": "Cisco FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 4.2 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco FIPS Object Module (FOM) is a software library that provides cryptographic services to a vast array of Cisco's networking and collaboration products. The module provides FIPS 140 validated cryptographic algorithms for services such as IPSEC, SRTP, SSH, TLS, 802.1x, etc. The module does not directly implement any of these protocols, instead it provides the cryptographic primitives and functions to allow a developer to implement the various protocols.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2504", "Certificate Number": "2504", "Vendor Name": "Certicom Corp.", "Module Name": "Security Builder FIPS Java Module", "Module Type": "Software", "Validation Date": "12/18/201501/22/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2504.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2504", "detail_available": true, "module_name": "Security Builder FIPS Java Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Security Builder FIPS Java Module is a standards-based cryptographic toolkit written in Java. It supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into Java-based applications. The Security Builder FIPS Java Module is intended for use by developers who want government level security and can also be used in conjunction with other Certicom developer toolkits including Security Builder PKI and Security Builder SSL." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2502", "Certificate Number": "2502", "Vendor Name": "BlackBerry Limited", "Module Name": "BlackBerry Cryptographic Java Module", "Module Type": "Software", "Validation Date": "12/18/201501/22/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2502.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2502", "detail_available": true, "module_name": "BlackBerry Cryptographic Java Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "BlackBerry is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry is a totally integrated package that includes hardware, software and service, providing a complete end-to-end solution. The BlackBerry Cryptographic Java Module is a software module that provides cryptographic services to BlackBerryproducts such as the BlackBerry PlayBook Administration Service, and other BlackBerry products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2501", "Certificate Number": "2501", "Vendor Name": "Hewlett Packard Enterprise Development LP", "Module Name": "HP BladeSystem c-Class Virtual Connect Module", "Module Type": "Firmware", "Validation Date": "12/18/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2501.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2501", "detail_available": true, "module_name": "HP BladeSystem c-Class Virtual Connect Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 3.1 of the Security Policy", "module_type": "Firmware", "embodiment": "Multi-Chip Embedded", "description": "Virtual Connect implements server edge virtualization between the server and data center infrastructure allowing networks to communicate with individual servers or pools of HP BladeSystem server blades. Virtual Connect simplifies the setup and administration of server LAN and SAN connections.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "HMAC", "KAS", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2500", "Certificate Number": "2500", "Vendor Name": "SafeNet Assured Technologies, LLC", "Module Name": "Luna® G5 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "12/18/201511/20/201703/27/201805/24/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2500.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2500", "detail_available": true, "module_name": "Luna® G5 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "\"Luna® G5 delivers key management in a portable appliance. All key materials are maintained exclusively within the confines of the hardware. The small form-factor and on-board key storage sets the product apart, making it especially attractive to customers who need to physically remove and store the small appliance holding PKI root keys. The appliance directly connects the HSM to the application server via a USB interface.", "algorithms": [ "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2499", "Certificate Number": "2499", "Vendor Name": "", "Module Name": "", "Module Type": "Software", "Validation Date": "12/18/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2499.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2499", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Software", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2498", "Certificate Number": "2498", "Vendor Name": "Aruba a Hewlett Packard Enterprise Company", "Module Name": "Aruba AP-214, AP-215, AP-274, AP-275, AP-277 and AP-228 Wireless Access Points", "Module Type": "Hardware", "Validation Date": "12/17/201501/15/201607/06/201610/03/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2498.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2498", "detail_available": true, "module_name": "Aruba AP-214, AP-215, AP-274, AP-275, AP-277 and AP-228 Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's 802.11ac Wi-Fi access points operate at gigabit speeds, offering extreme performance for mobile devices. In FIPS 140-2 mode, Aruba APs in conjunction with a Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also support wireless intrusion detection/prevention services and wireless mesh topologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2497", "Certificate Number": "2497", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Systems 2504, 7500, 8510 Wireless LAN Controllers and Cisco Catalyst 6807-XL Switch with Wireless Services Module-2 (WiSM2)", "Module Type": "Hardware", "Validation Date": "12/16/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2497.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2497", "detail_available": true, "module_name": "Cisco Systems 2504, 7500, 8510 Wireless LAN Controllers and Cisco Catalyst 6807-XL Switch with Wireless Services Module-2 (WiSM2)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Flex 7500 and the 8500 Series Controllers are highly scalable branch controllers for enterprise, service provider and multisite wireless deployments. The Cisco 2500 Series Wireless Controller are used in small to medium-sized enterprises and branch offices. The Cisco Wireless Service Module-2 (WiSM2) Controller for Cisco Catalyst 6800 Series Switches, is a highly scalable and flexible platform that enables systemwide services for mission-critical wireless networking in medium-sized to large enterprises and campus environments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2496", "Certificate Number": "2496", "Vendor Name": "Dell, Inc.", "Module Name": "Dell OpenSSL Cryptographic Library", "Module Type": "Software", "Validation Date": "12/16/201508/22/201601/30/201708/31/201710/05/201802/19/201906/19/201901/24/202004/20/202005/19/202005/18/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2496.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2496", "detail_available": true, "module_name": "Dell OpenSSL Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Dell OpenSSL Cryptographic Library v2.3 and v2.4 is used within various Dell EMC Networking products, including the S and Z-Series. Dell EMC Networking S and Z-Series are high performance 10/40GbE ToR and Core Fabric switching products designed for highly virtualized Data Centers. These switches are built on top of Dell’s Data Center hardened OS, Dell EMC Networking OS.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2495", "Certificate Number": "2495", "Vendor Name": "Marvell Semiconductor, Inc.", "Module Name": "NITROXIII CNN35XX-NFBE HSM Family", "Module Type": "Hardware", "Validation Date": "12/15/201502/23/201606/03/201608/19/201609/15/201711/09/201711/17/201712/11/201704/02/201909/30/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2495.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2495", "detail_available": true, "module_name": "NITROXIII CNN35XX-NFBE HSM Family", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "CNN35XX-NFBE HSM Family is a high performance purpose built solution for key management and crypto acceleration compliance to FIPS 140-2. The module supports flexible key store that can be partitioned up to 32 individually managed and isolated partitions. This is a SRIOV capable PCIe adapter and can be used in virtualization environment to extend services like virtual key management, crypto and TLS offloads to VMs in dedicated I/O channels. This product is suitable for PKI vendors, SSL servers/load balancers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2494", "Certificate Number": "2494", "Vendor Name": "FireEye, Inc.", "Module Name": "FireEye NX Series: NX-900, NX-1400, NX-2400, NX-4400, NX-4420, NX-7400, NX-7420, NX-7500, NX-10000, NX-9450, NX-10450", "Module Type": "Hardware", "Validation Date": "12/16/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2494.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2494", "detail_available": true, "module_name": "FireEye NX Series: NX-900, NX-1400, NX-2400, NX-4400, NX-4420, NX-7400, NX-7420, NX-7500, NX-10000, NX-9450, NX-10450", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FireEye Network Threat Prevention Platform identifies and blocks zero-day Web exploits, droppers (binaries), and multi-protocol callbacks to help organizations scale their advanced threat defenses across a range of deployments, from the multi-gigabit headquarters down to remote, branch, and mobile offices. FireEye Network with Intrusion Prevention System (IPS) technology further optimizes spend, substantially reduces false positives, and enables compliance while driving security across known and unknown threats.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2493", "Certificate Number": "2493", "Vendor Name": "FireEye, Inc.", "Module Name": "FireEye FX Series: FX-5400, FX-8400", "Module Type": "Hardware", "Validation Date": "12/16/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2493.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2493", "detail_available": true, "module_name": "FireEye FX Series: FX-5400, FX-8400", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FireEye FX series is a group of threat prevention platforms that protect content against attacks originating in a wide range of file types. Web mail, online file transfer tools, the cloud, and portable file storage devices can introduce malware that can spread to file shares and content repositories. The FireEye FX platform analyzes network file shares and enterprise content management stores to detect and quarantine malware brought in by employees and others that bypass next-generation firewalls, IPS, AV, and gateways.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2492", "Certificate Number": "2492", "Vendor Name": "FireEye, Inc.", "Module Name": "FireEye EX Series: EX-3400, EX-5400, EX-8400, EX-8420", "Module Type": "Hardware", "Validation Date": "12/16/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2492.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2492", "detail_available": true, "module_name": "FireEye EX Series: EX-3400, EX-5400, EX-8400, EX-8420", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FireEye EX series secures against advanced email attacks. As part of the FireEye Threat Prevention Platform, the FireEye EX uses signature-less technology to analyze every email attachment and successfully quarantine spear-phishing emails used in advanced targeted attacks.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2491", "Certificate Number": "2491", "Vendor Name": "FireEye, Inc.", "Module Name": "FireEye CM Series: CM-4400, CM-7400, CM-9400", "Module Type": "Hardware", "Validation Date": "12/16/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2491.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2491", "detail_available": true, "module_name": "FireEye CM Series: CM-4400, CM-7400, CM-9400", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 3 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The FireEye CM series is a group of management platforms that consolidates the administration, reporting, and data sharing of the FireEye NX, EX, FX and AX series in one easy-to-deploy, network-based platform. Within the FireEye deployment, the FireEye CM enables real-time sharing of the auto-generated threat intelligence to identify and block advanced attacks targeting the organization. It also enables centralized configuration, management, and reporting of FireEye platforms.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2490", "Certificate Number": "2490", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 6506, 6506-E, 6509, 6509-E Switches with Wireless Services Module-2 (WiSM2)", "Module Type": "Hardware", "Validation Date": "12/15/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2490.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2490", "detail_available": true, "module_name": "Cisco Catalyst 6506, 6506-E, 6509, 6509-E Switches with Wireless Services Module-2 (WiSM2)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Cisco Wireless Service Module 2 (WiSM2) Controller for Cisco Catalyst 6500 Series Switches, is a highly scalable and flexible platform that enables systemwide services for mission-critical wireless networking in medium-sized to large enterprises and campus environments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2489", "Certificate Number": "2489", "Vendor Name": "SafeNet Assured Technologies, LLC", "Module Name": "Luna® PCI-E Cryptographic Module and Luna® PCI-E Cryptographic Module for Luna® SA", "Module Type": "Hardware", "Validation Date": "12/15/201511/20/201703/27/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2489.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2489", "detail_available": true, "module_name": "Luna® PCI-E Cryptographic Module and Luna® PCI-E Cryptographic Module for Luna® SA", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "\"The Luna PCI-e cryptographic module is a multi-chip embedded hardware cryptographic module in the form of a PCI-Express card that typically resides within a custom computing or secure communications appliance. The cryptographic module is contained in its own secure enclosure that provides physical resistance to tampering. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI-e card.\"", "algorithms": [ "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2488", "Certificate Number": "2488", "Vendor Name": "SafeNet Assured Technologies, LLC", "Module Name": "Luna® PCI-E Cryptographic Module and Luna® PCI-E Cryptographic Module for Luna® SA", "Module Type": "Hardware", "Validation Date": "12/15/201511/20/201703/27/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2488.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2488", "detail_available": true, "module_name": "Luna® PCI-E Cryptographic Module and Luna® PCI-E Cryptographic Module for Luna® SA", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "\"The Luna PCI-e cryptographic module is a multi-chip embedded hardware cryptographic module in the form of a PCI-Express card that typically resides within a custom computing or secure communications appliance. The cryptographic module is contained in its own secure enclosure that provides physical resistance to tampering. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI-e card.\"", "algorithms": [ "DES", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2487", "Certificate Number": "2487", "Vendor Name": "SafeNet Assured Technologies, LLC", "Module Name": "Luna® G5 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "12/15/201511/20/201703/27/201805/24/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2487.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2487", "detail_available": true, "module_name": "Luna® G5 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Luna® G5 delivers key management in a portable appliance. All key materials are maintained exclusively within the confines of the hardware. The small form-factor and on-board key storage sets the product apart, making it especially attractive to customers who need to physically remove and store the small appliance holding PKI root keys. The appliance directly connects the HSM to the application server via a USB interface.", "algorithms": [ "DES", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2486", "Certificate Number": "2486", "Vendor Name": "SafeNet Assured Technologies, LLC", "Module Name": "Luna® Backup HSM Cryptographic Module", "Module Type": "Hardware", "Validation Date": "12/15/201511/20/201703/27/201805/24/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2486.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2486", "detail_available": true, "module_name": "Luna® Backup HSM Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Luna® Backup HSM Hardware Security Module (HSM) provides the same level of security as the Luna® SA and Luna® PCI-E HSMs in a convenient, small, low-cost form factor. The Luna Backup HSM ensures that sensitive cryptographic material remains strongly protected in hardware even when not being used. One can easily back up and duplicate keys securely to the Luna Backup HSM for safekeeping in case of emergency, failure or disaster.", "algorithms": [ "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2485", "Certificate Number": "2485", "Vendor Name": "Chunghwa Telecom Co., Ltd.", "Module Name": "HiKey PKI Token", "Module Type": "Hardware", "Validation Date": "12/14/201501/22/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2485.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2485", "detail_available": true, "module_name": "HiKey PKI Token", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "With tamper evident seals and security devices installed as indicated in the Security Policy. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The HiKey token modules are multi-chip standalone implementations of a cryptographic module. The Hikey token modules are USB tokens that adhere to ISO/IEC specifications for Integrated Circuit Chip (ICC) based identification cards." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2484", "Certificate Number": "2484", "Vendor Name": "SUSE, LLC", "Module Name": "SUSE Linux Enterprise Server 12 - StrongSwan Cryptographic Module", "Module Type": "Software", "Validation Date": "12/14/201503/26/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2484.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2484", "detail_available": true, "module_name": "SUSE Linux Enterprise Server 12 - StrongSwan Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module SUSE Linux Enterprise Server 12 - OpenSSL Module validated to FIPS 140-2 under Cert. #2435 [1] or with SUSE Linux Enterprise Server OpenSSL Module validated to FIPS 140-2 under Cert. #3038 [2] operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SUSE StrongSwan is a complete Ipsec implementation for Linux kernel." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2483", "Certificate Number": "2483", "Vendor Name": "SafeLogic Inc.", "Module Name": "CryptoComply for Java", "Module Type": "Software", "Validation Date": "12/11/201501/25/201603/29/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2483.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2483", "detail_available": true, "module_name": "CryptoComply for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SafeLogic's CryptoComply for Java is designed to provide FIPS 140-2 validated cryptographic functionality and is available for licensing.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2482", "Certificate Number": "2482", "Vendor Name": "Draeger Medical Systems Inc.", "Module Name": "DRAEGER WCM9113 802.11ABGN VG2", "Module Type": "Hardware", "Validation Date": "12/07/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2482.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2482", "detail_available": true, "module_name": "DRAEGER WCM9113 802.11ABGN VG2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When initialized and configured as specified in Section 5.2 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The DRAEGER WCM9113 802.11ABGN VG2 is a dual band 802.11n Wireless Communications Module used in a variety of Draeger products for wireless communications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2481", "Certificate Number": "2481", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI-e Cryptographic Module", "Module Type": "Hardware", "Validation Date": "12/02/201501/10/201706/23/201706/23/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2481.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2481", "detail_available": true, "module_name": "Luna® PCI-e Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "This validation entry is a non-security relevant modification to Cert. #1694", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Luna PCI-e cryptographic module is a multi-chip embedded hardware cryptographic module in the form of a PCI-Express card that typically resides within a custom computing or secure communications appliance. The cryptographic module is contained in its own secure enclosure that provides physical resistance to tampering. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI-e card.", "algorithms": [ "AES", "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2480", "Certificate Number": "2480", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI-e Cryptographic Module", "Module Type": "Hardware", "Validation Date": "12/02/201501/10/201706/23/201706/23/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2480.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2480", "detail_available": true, "module_name": "Luna® PCI-e Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "This validation entry is a non-security relevant modification to Cert. #1693.", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Luna PCI-e cryptographic module is a multi-chip embedded hardware cryptographic module in the form of a PCI-Express card that typically resides within a custom computing or secure communications appliance. The cryptographic module is contained in its own secure enclosure that provides physical resistance to tampering. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI-e card.", "algorithms": [ "AES", "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2479", "Certificate Number": "2479", "Vendor Name": "Dell EMC", "Module Name": "VMAX 6 Gb/s SAS I/O Module with Encryption from EMC", "Module Type": "Hardware", "Validation Date": "12/01/201512/02/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2479.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2479", "detail_available": true, "module_name": "VMAX 6 Gb/s SAS I/O Module with Encryption from EMC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Dell EMC Data at Rest Encryption provides hardware-based, on-array, back-end encryption for Dell EMC storage systems, including the Symmetrix VMAX. Data at Rest Encryption protects information from unauthorized access when drives are physically removed from the system and also offers a convenient means of decommissioning all drives in the system at once. Dell EMC 6Gb/s SAS I/O modules implement AES-XTS 256-bit encryption on all drives in the system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2478", "Certificate Number": "2478", "Vendor Name": "KONA I Co., Ltd.", "Module Name": "KONA N41M0", "Module Type": "Hardware", "Validation Date": "11/25/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2478.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2478", "detail_available": true, "module_name": "KONA N41M0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The KONA N41M0 smart card can be employed in solutions which provide secure PKI (public key infrastructure) and digital signature technology. KONA N41M0 serves as highly portable physical forms which enhances the security of network access and ensures secure electronic communications. KONA N41M0 supports on-card Triple DES, AES, ECC and 2048-bit RSA algorithms with on-card key generation. The KONA N41M0 smart card is Java-based smart cards for physical and logical access, e-transactions and other applications, which is compliant to Java Card v3.0.4 and GlobalPlatform 2.2.", "algorithms": [ "AES", "DES", "DRBG", "ECDH", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2477", "Certificate Number": "2477", "Vendor Name": "Dolby Laboratories, Inc.", "Module Name": "IMS-SM", "Module Type": "Hardware", "Validation Date": "11/23/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2477.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2477", "detail_available": true, "module_name": "IMS-SM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS Mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The IMS-SM is the Security Manager module present in the Dolby Laboratories, Inc. IMS1000 (for hardware models IMS-SM-C1, IMS-SM-C2, IMS-SM-E1 and IMS-SM-E2) or IMS2000 (for hardware models IMS2-SM-C1, IMS2-SM-C2, IMS2-SM-C3) that can be hosted inside D-Cinema DLP projectors. It supports highest JPEG-2000 decoding capabilities and accepts alternative content as well." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2476", "Certificate Number": "2476", "Vendor Name": "KONA I Co., Ltd.", "Module Name": "KONA N41M0", "Module Type": "Hardware", "Validation Date": "11/20/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2476.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2476", "detail_available": true, "module_name": "KONA N41M0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The KONA N41M0 smart card can be employed in solutions which provide secure PKI (public key infrastructure) and digital signature technology. KONA N41M0 serves as highly portable physical forms which enhances the security of network access and ensures secure electronic communications. KONA N41M0 supports on-card Triple DES, AES, ECC and 2048-bit RSA algorithms with on-card key generation. The KONA N41M0 smart card is Java-based smart cards for physical and logical access, e-transactions and other applications, which is compliant to Java Card v3.0.4 and GlobalPlatform 2.2.", "algorithms": [ "AES", "DES", "DRBG", "ECDH", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2475", "Certificate Number": "2475", "Vendor Name": "Red Cocoa II L.L.C.", "Module Name": "C-ACE", "Module Type": "Hardware", "Validation Date": "11/16/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2475.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2475", "detail_available": true, "module_name": "C-ACE", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The C-ACE module is a single-chip cryptographic engine designed to be implemented in a radio compliant with the APCO Project 25 Over-The-Air Rekeying (OTAR) protocol." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2474", "Certificate Number": "2474", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung CryptoCore Module", "Module Type": "Software", "Validation Date": "11/16/201503/22/201603/24/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2474.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2474", "detail_available": true, "module_name": "Samsung CryptoCore Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "A multipurpose cryptographic library which provides symmetric/asymmetric cipher, message digest, key agreement, and PRNG services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2473", "Certificate Number": "2473", "Vendor Name": "OpenSSL Software Services Inc.", "Module Name": "OpenSSL FIPS Object Module RE", "Module Type": "Software", "Validation Date": "11/13/201501/25/201604/28/201601/10/201701/20/201701/30/201703/17/201704/25/201701/24/201804/25/201808/09/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2473.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2473", "detail_available": true, "module_name": "OpenSSL FIPS Object Module RE", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The OpenSSL FIPS Object Module RE is a general purpose cryptographic module delivered as open source code. It is designed for ease of use with the popular OpenSSL cryptographic library and toolkit and is available for use without charge for a wide variety of platforms. The basic validation can also be extended quickly and affordably to accommodate new platforms and many types of modifications.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2472", "Certificate Number": "2472", "Vendor Name": "SUSE, LLC", "Module Name": "SUSE Linux Enterprise Server 12 - OpenSSH Client Module", "Module Type": "Software", "Validation Date": "11/13/201501/02/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2472.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2472", "detail_available": true, "module_name": "SUSE Linux Enterprise Server 12 - OpenSSH Client Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module SUSE Linux Enterprise Server 12 - OpenSSL Module validated to FIPS 140-2 under Cert. #2435 [1] operating in FIPS mode or with SUSE Linux Enterprise Server OpenSSL Module validated to FIPS 140-2 under Cert. #3038 [2] operating in FIPS mode.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SUSE client software that provides encrypted network communication using the SSH protocol." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2471", "Certificate Number": "2471", "Vendor Name": "SUSE, LLC", "Module Name": "SUSE Linux Enterprise Server 12 - OpenSSH Server Module", "Module Type": "Software", "Validation Date": "11/13/201501/02/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2471.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2471", "detail_available": true, "module_name": "SUSE Linux Enterprise Server 12 - OpenSSH Server Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module SUSE Linux Enterprise Server 12 - OpenSSL Module validated to FIPS 140-2 under Cert. #2435 [1] operating in FIPS mode or with SUSE Linux Enterprise Server OpenSSL Module validated to FIPS 140-2 under Cert. #3038 [2] operating in FIPS mode.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SUSE server software that provides encrypted network communication using the SSH protocol." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2470", "Certificate Number": "2470", "Vendor Name": "Feitian Technologies Co., Ltd.", "Module Name": "FT-JCOS (Feitian Java Card Platform)", "Module Type": "Hardware", "Validation Date": "11/05/201506/12/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2470.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2470", "detail_available": true, "module_name": "FT-JCOS (Feitian Java Card Platform)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The FT-JCOS (Feitian Java Card Platform) cryptographic module, validated to FIPS 140-2 overall Level 3, is a single chip smartcard module implementing the JavaCard and Global Platform operational environment, with Card Manager also considered as Issuer Security Domain (ISD), a demonstration Applet used to demonstrate the cryptographic functions of the module, and a supplementary security domain that is also considered as Applet Provider Security Domain (APSD).The FT-JCOS exposes PKI and MoC APIs and is designed for high performance Government, Enterprise and Financial smartcard applications.", "algorithms": [ "AES", "DES", "DRBG", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2469", "Certificate Number": "2469", "Vendor Name": "Dell Inc.", "Module Name": "RSA BSAFE(R) Crypto-J JSAFE and JCE Software Module", "Module Type": "Software", "Validation Date": "10/30/201504/12/201601/24/201702/09/201711/23/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2469.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2469", "detail_available": true, "module_name": "RSA BSAFE(R) Crypto-J JSAFE and JCE Software Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2468", "Certificate Number": "2468", "Vendor Name": "Dell Inc.", "Module Name": "RSA BSAFE(R) Crypto-J JSAFE and JCE Software Module", "Module Type": "Software", "Validation Date": "10/30/201504/12/201601/24/201702/09/201711/27/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2468.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2468", "detail_available": true, "module_name": "RSA BSAFE(R) Crypto-J JSAFE and JCE Software Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2467", "Certificate Number": "2467", "Vendor Name": "Pure Storage, Inc.", "Module Name": "Purity Encryption Module", "Module Type": "Software-Hybrid", "Validation Date": "10/30/201512/19/201702/08/201802/21/201807/12/201810/22/201807/26/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2467.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2467", "detail_available": true, "module_name": "Purity Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software-Hybrid", "embodiment": "Multi-Chip Stand Alone", "description": "Purity Encryption Module is a standalone cryptographic module for the Purity Operating Environment for FlashArray (Purity//FA). Purity//FA powers Pure Storage's FlashArray family of products which provide economical all-flash storage. Purity Encryption Module enables FlashArray to support always-on, inline encryption of data with an internal key management scheme that requires no user intervention." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2466", "Certificate Number": "2466", "Vendor Name": "ViaSat, Inc.", "Module Name": "Enhanced Bandwidth Efficient Modem (EBEM) Cryptographic Module", "Module Type": "Hardware", "Validation Date": "10/30/201512/14/201511/08/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2466.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2466", "detail_available": true, "module_name": "Enhanced Bandwidth Efficient Modem (EBEM) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seal installed as indicated in the Security Policy for the optional ESEM feature", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Enhanced Bandwidth Efficient Modem (EBEM) is the only commercially-available bandwith efficient modem certified to MIL-STD-188-165B and compliant with STANAG 4486 ed. 3. The MD-1366 defines a new military standard in FDMA for high-speed satellite communications. Using military and commercial satellites at X-, C-, Ku-, and Ka-band frequencies, the MD-1366 delivers much-needed capacity for the military's high speed broadband and multimedia transmissions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2465", "Certificate Number": "2465", "Vendor Name": "Silent Circle", "Module Name": "Mobile Application Cryptographic Module", "Module Type": "Software", "Validation Date": "10/30/201502/11/201606/20/201603/13/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2465.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2465", "detail_available": true, "module_name": "Mobile Application Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. This validation entry is a non-security relevant modification to Cert. #1938. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Silent Circle Mobile Application Cryptographic Module provides cryptographic functions for Silent Circle mobile applications, including Silent Phone Silent Text, Silent World, Silent VPN, and Silent Manager.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2464", "Certificate Number": "2464", "Vendor Name": "SUSE, LLC", "Module Name": "SUSE Linux Enterprise Server 12 libgcrypt Cryptographic Module", "Module Type": "Software", "Validation Date": "10/30/201511/17/201701/24/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2464.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2464", "detail_available": true, "module_name": "SUSE Linux Enterprise Server 12 libgcrypt Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "SUSE Libgcrypt is a general purpose cryptographic library based on the code from GnuPG." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2463", "Certificate Number": "2463", "Vendor Name": "Accellion, Inc.", "Module Name": "Accellion Cryptographic Module", "Module Type": "Software", "Validation Date": "10/30/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2463.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2463", "detail_available": true, "module_name": "Accellion Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "Accellion Cryptographic Module is a key component of Accellion's secure collaboration solution that enables enterprises to securely share and transfer files. Extensive tracking and reporting tools allow compliance with SOX, HIPAA, FDA and GLB regulations while providing enterprise grade security and ease of use." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2462", "Certificate Number": "2462", "Vendor Name": "Hitachi, Ltd.", "Module Name": "Hitachi Virtual Storage Platform (VSP) Encryption Module", "Module Type": "Hardware", "Validation Date": "10/29/201502/25/201604/07/201608/04/201710/06/201704/24/201803/21/201903/30/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2462.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2462", "detail_available": true, "module_name": "Hitachi Virtual Storage Platform (VSP) Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Hitachi Virtual Storage Platform (VSP) Encryption Module provides high speed data at rest encryption for Hitachi storage.", "algorithms": [ "AES", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2461", "Certificate Number": "2461", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Astro Subscriber Motorola Advanced Crypto Engine (MACE) - Security Level 3", "Module Type": "Hardware", "Validation Date": "10/27/201501/30/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2461.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2461", "detail_available": true, "module_name": "Astro Subscriber Motorola Advanced Crypto Engine (MACE) - Security Level 3", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and configured to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The MACE cryptographic processor is used in security modules embedded in Motorola's Astro family of radio systems products. It provides secure voice and data capabilities as well as APCO Over-The-Air-Rekeying and advanced key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2460", "Certificate Number": "2460", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Astro Subscriber Motorola Advanced Crypto Engine (MACE) - Security Level 2", "Module Type": "Hardware", "Validation Date": "10/27/201501/30/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2460.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2460", "detail_available": true, "module_name": "Astro Subscriber Motorola Advanced Crypto Engine (MACE) - Security Level 2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and configured to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Single Chip", "description": "The MACE cryptographic processor is used in security modules embedded in Motorola's Astro family of radio systems products. It provides secure voice and data capabilities as well as APCO Over-The-Air-Rekeying and advanced key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2459", "Certificate Number": "2459", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "10/27/201504/11/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2459.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2459", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2458", "Certificate Number": "2458", "Vendor Name": "Barracuda Networks", "Module Name": "Barracuda Cryptographic Software Module", "Module Type": "Software", "Validation Date": "10/22/201512/08/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2458.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2458", "detail_available": true, "module_name": "Barracuda Cryptographic Software Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Barracuda Cryptographic Software Module is a cryptographic software library that provides fundamental cryptographic functions for applications in Barracuda security products that require FIPS 140-2 approved cryptographic functions.", "algorithms": [ "AES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2457", "Certificate Number": "2457", "Vendor Name": "Aruba a Hewlett Packard Enterprise Company", "Module Name": "Aruba 7XXX Series Controllers with ArubaOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "10/22/201501/14/201607/06/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2457.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2457", "detail_available": true, "module_name": "Aruba 7XXX Series Controllers with ArubaOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "Aruba's family of Mobility Controllers are network infrastructure devices providing secure, scalable solutions for enterprise Wi-Fi, network security policy enforcement, VPN services, and wireless intrusion detection and prevention. Mobility controllers serve as central points of authentication, encryption, access control, and network coordination for all mobile network services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2456", "Certificate Number": "2456", "Vendor Name": "Oracle Corporation", "Module Name": "Acme Packet 3820 and Acme Packet 4500", "Module Type": "Hardware", "Validation Date": "10/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2456.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2456", "detail_available": true, "module_name": "Acme Packet 3820 and Acme Packet 4500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "The Acme Packet 3820 and 4500 are one rack unit (1U) platforms that feature Oracle's purpose-built hardware design tightly integrated with Acme Packet OS, to provide the critical controls for delivering trusted, real-time communications - voice, video, and application data sessions - across Internet Protocol (IP) network borders.", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2455", "Certificate Number": "2455", "Vendor Name": "SiCore Technologies Inc.", "Module Name": "SHIELD Secure Coprocessor", "Module Type": "Hardware", "Validation Date": "10/14/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2455.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2455", "detail_available": true, "module_name": "SHIELD Secure Coprocessor", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "A secure co-processor with a PCI Express Interface", "algorithms": [ "AES", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2454", "Certificate Number": "2454", "Vendor Name": "LogRhythm", "Module Name": "LogRhythm FIPS Object Module", "Module Type": "Software", "Validation Date": "09/30/201505/05/201601/24/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2454.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2454", "detail_available": true, "module_name": "LogRhythm FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The LogRhythm FIPS Object Module 6.3.4 is a general purpose cryptographic module. It is designed for ease of use with the popular OpenSSL cryptographic library and toolkit and is available for use without charge for a wide variety of platforms. The basic validation can also be extended quickly and affordably to accommodate new platforms and many types of modification.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2453", "Certificate Number": "2453", "Vendor Name": "Palo Alto Networks", "Module Name": "Panorama M-100", "Module Type": "Hardware", "Validation Date": "09/30/201504/21/201602/13/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2453.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2453", "detail_available": true, "module_name": "Panorama M-100", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Panorama on the M-100 provides centralized management and visibilty of multiple Palo Alto Networks next-generation firewalls and supports distributed management and logging functions. It allows you to oversee all applications, users, and content traversing the network and then create application enablement policies that protect and control the entire network. Using Panorama for policy and device management increases operational effeciency in managing and maintaining distributed network of firewalls." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2452", "Certificate Number": "2452", "Vendor Name": "Utimaco Inc.", "Module Name": "Atalla Cryptographic Subsystem (ACS)", "Module Type": "Hardware", "Validation Date": "09/30/201501/25/201612/21/201712/04/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2452.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2452", "detail_available": true, "module_name": "Atalla Cryptographic Subsystem (ACS)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Atalla Cryptographic Subsystem (ACS) is a multi-chip embedded cryptographic module that provides secure cryptographic processing, key management, and storage capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2451", "Certificate Number": "2451", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks RE1800 and RE2600 Routing Engines Cryptographic Modules", "Module Type": "Hardware", "Validation Date": "09/30/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2451.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2451", "detail_available": true, "module_name": "Juniper Networks RE1800 and RE2600 Routing Engines Cryptographic Modules", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Juniper Networks RE1800 and RE2600 Routing Engines, are multi-chip embedded cryptographic modules that control a router or switch's interfaces, system management, and user access to the device. The RE runs Junos 14.1R4 with the FIPS mode package. The RE is compatible with the Juniper Networks MX Series 3D Universal Edge Routers, EX Series Switches, T Series Routers, M Series Multiservice Edge Routers, and PTX Series Packet Transport Routers. These devices provide dedicated high-performance flow processing and integrate advanced security capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2450", "Certificate Number": "2450", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series", "Module Type": "Hardware", "Validation Date": "09/23/201503/21/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2450.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2450", "detail_available": true, "module_name": "Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2449", "Certificate Number": "2449", "Vendor Name": "Cobham TCS Limited", "Module Name": "Cobham AES Cryptographic Firmware-Hybrid Module", "Module Type": "Firmware-Hybrid", "Validation Date": "09/23/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2449.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2449", "detail_available": true, "module_name": "Cobham AES Cryptographic Firmware-Hybrid Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware-Hybrid", "embodiment": "Multi-chip standalone", "description": "The Cobham AES Cryptographic Firmware-Hybrid Module is used in Cobham’s products to provide secure AES Encryption such as in the NETNode IP Mesh radio to protect data transmitted over the NETNode high capacity ad-hoc multi-radio mesh network.", "algorithms": [ "AES", "DES", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2448", "Certificate Number": "2448", "Vendor Name": "Vectra Networks", "Module Name": "Vectra Networks Cryptographic Module", "Module Type": "Software", "Validation Date": "09/17/201502/10/201601/18/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2448.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2448", "detail_available": true, "module_name": "Vectra Networks Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Vectra Networks Cryptographic Module provides cryptographic functions for the Vectra X-Series platforms software, which delivers a new class of advanced persistent threat (APT) defense delivering real-time detection and analysis of active network breaches.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2447", "Certificate Number": "2447", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 6.6 OpenSSH Client Cryptographic Module", "Module Type": "Software", "Validation Date": "09/16/201504/28/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2447.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2447", "detail_available": true, "module_name": "Red Hat Enterprise Linux 6.6 OpenSSH Client Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Red Hat Enterprise Linux 6.6 OpenSSL Module validated to FIPS 140-2 under Cert. #2441 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The OpenSSH Client cryptographic module provides the client-side component for an SSH protocol version 2 protected communication channel. OpenSSH is the standard SSH implementation and shipped with RHEL 6.6. Its cryptographic mechanisms use the OpenSSL library in FIPS 140-2 mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2446", "Certificate Number": "2446", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 6.6 OpenSSH Server Cryptographic Module", "Module Type": "Software", "Validation Date": "09/16/201504/28/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2446.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2446", "detail_available": true, "module_name": "Red Hat Enterprise Linux 6.6 OpenSSH Server Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Red Hat Enterprise Linux 6.6 OpenSSL Module validated to FIPS 140-2 under Cert. #2441 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The OpenSSH Server cryptographic module provides the server-side component for an SSH protocol version 2 protected communication channel. OpenSSH is the standard SSH implementation and shipped with RHEL 6.6. Its cryptographic mechanisms use the OpenSSL library in FIPS 140-2 mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2445", "Certificate Number": "2445", "Vendor Name": "Accellion USA, LLC", "Module Name": "Accellion kiteworks Cryptographic Module", "Module Type": "Software", "Validation Date": "09/15/201506/17/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2445.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2445", "detail_available": true, "module_name": "Accellion kiteworks Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Accellion kiteworks Cryptographic Module is a key component of Accellion's kiteworks product that enables enterprises to securely share and transfer files. Extensive tracking and reporting tools allow compliance with SOX, HIPAA, FDA and GLB regulations while providing enterprise grade security and ease of use." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2444", "Certificate Number": "2444", "Vendor Name": "Lexmark International, Inc.", "Module Name": "Lexmark™ Crypto Module", "Module Type": "Firmware", "Validation Date": "09/14/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2444.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2444", "detail_available": true, "module_name": "Lexmark™ Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "No assurance of the minimum strength of generated keys", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The Lexmark™ Crypto Module is a firmware option for Lexmark™ and Dell® Multi-Function Printers that permit the transfer, storage and printing of encrypted print jobs. Using the Lexmark™ Crypto Module, a printer is capable of encrypting and decrypting data input to and output from the module crypto kernel using the AES (FIPS 197) encryption algorithm." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2443", "Certificate Number": "2443", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Pitney Bowes MS1 X4 Postal Security Device (PSD)", "Module Type": "Hardware", "Validation Date": "09/09/201504/24/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2443.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2443", "detail_available": true, "module_name": "Pitney Bowes MS1 X4 Postal Security Device (PSD)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS Mode.", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The MS1 X4 PSD is a single chip cryptographic module using the Maxim MAX32590 hardware that provides security services to support the creation of digital postage evidence in the form of an indicium." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2442", "Certificate Number": "2442", "Vendor Name": "Kanguru Solutions", "Module Name": "Kanguru Defender Elite300", "Module Type": "Hardware", "Validation Date": "09/09/201506/21/201604/22/202010/16/202001/09/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2442.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2442", "detail_available": true, "module_name": "Kanguru Defender Elite300", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Kanguru Defender Elite300 Cryptographic Module is a 256-bit AES hardware encrypted USB flash drive used primarily to secure data at rest. The device can also be used as a secure platform for remote access and virtualized applications run directly from the drive. The Kanguru Defender line of secure USB solutions is remotely manageable through the Kanguru Remote Management Console (KRMC)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2441", "Certificate Number": "2441", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 6.6 OpenSSL Module, Red Hat Enterprise Linux 7.1 OpenSSL Module", "Module Type": "Software", "Validation Date": "09/08/201501/27/201602/16/201612/21/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2441.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2441", "detail_available": true, "module_name": "Red Hat Enterprise Linux 6.6 OpenSSL Module, Red Hat Enterprise Linux 7.1 OpenSSL Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The OpenSSL FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the OpenSSL library." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2440", "Certificate Number": "2440", "Vendor Name": "Oracle Corporation", "Module Name": "Java Card Platform for Infineon on SLE 78 (SLJ 52GxxyyyzR)", "Module Type": "Hardware", "Validation Date": "09/03/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2440.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2440", "detail_available": true, "module_name": "Java Card Platform for Infineon on SLE 78 (SLJ 52GxxyyyzR)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The cryptographic module consists of M7892B11 security controller by Infineon Technologies together with embedded software providing a secure execution environment consisting of a Java Card Runtime, Java Card Virtual Machine, Java Card API and Global Platform Card Manager along with native cryptographic library calls made available to applets through Java Card APIs. It is compliant with Java Card specifications version 3.0.1 Classic Edition and the Global Platform card specification version 2.2. In particular, it implements the GlobalPlatform ID Configuration 1.0." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2439", "Certificate Number": "2439", "Vendor Name": "Nuvoton Technology Corporation", "Module Name": "NPCT6XX TPM 1.2", "Module Type": "Hardware", "Validation Date": "09/03/201508/15/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2439.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2439", "detail_available": true, "module_name": "NPCT6XX TPM 1.2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and installed, initialized, and configured as specified in the Security Policy Section 8", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Nuvoton NPCT6XX TPM 1.2 is a hardware cryptographic module that implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography; as well as key generation and random number generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2438", "Certificate Number": "2438", "Vendor Name": "Alcatel-Lucent", "Module Name": "Alcatel-Lucent 1830 Photonic Service Switch (PSS)", "Module Type": "Hardware", "Validation Date": "09/03/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2438.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2438", "detail_available": true, "module_name": "Alcatel-Lucent 1830 Photonic Service Switch (PSS)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to Section 3.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The 1830 PSS is a scalable, next-generation Dense Wave Division Multipexer (DWDM) platform that supports data center aggregation for Ethernet, Fiber Channel (FC) and other protocols. Multiprotocol services can then be dynamically and flexibly transported over metro and long-haul spans, using Tunable and Reconfigurable Optical Add-Drop Multiplexers (T-ROADMs) for optical wavelengths. The 1830 PSS enables transparent L2 Ethernet or FC and L3 IP services over the optical link." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2437", "Certificate Number": "2437", "Vendor Name": "HID Global", "Module Name": "HID Global ActivID Applet Suite v2.6.2B on Oberthur Technologies ID-One Cosmo V7", "Module Type": "Hardware", "Validation Date": "08/26/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2437.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2437", "detail_available": true, "module_name": "HID Global ActivID Applet Suite v2.6.2B on Oberthur Technologies ID-One Cosmo V7", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated with module Oberthur ID-One Cosmo V7-n validated to FIPS 140-2 under Cert. #1236 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This product combines the Oberthur Technologies ID-One Cosmo V7 card loaded with the HID Global ActivID Applet Suite v2.6.2B. The smart card is a JC2.2.2 & GP2.1.1 compliant dual-interface module. HID ActivID Applet framework works over dual-interface and supports GSC-IS v2.1 specifications. The product supports secure issuance and post-issuance along with SMA protocol (secure messaging) for FIPS 140-2 L3 and One Time Password generation. The combined product is suitable for government and corporate deployments.", "algorithms": [ "DES", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2436", "Certificate Number": "2436", "Vendor Name": "Huawei Device (Dongguan) Co. Ltd.", "Module Name": "EDK Management Module", "Module Type": "Software", "Validation Date": "08/26/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2436.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2436", "detail_available": true, "module_name": "EDK Management Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Huawei EDK Management Module provides cryptographic services for applications/services running on Huawei mobile phones." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2435", "Certificate Number": "2435", "Vendor Name": "SUSE, LLC", "Module Name": "SUSE Linux Enterprise Server 12 - OpenSSL Module", "Module Type": "Software", "Validation Date": "08/20/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2435.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2435", "detail_available": true, "module_name": "SUSE Linux Enterprise Server 12 - OpenSSL Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "OpenSSL is an open-source library of various cryptographic algorithms written mainly in C." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2434", "Certificate Number": "2434", "Vendor Name": "SafeNet, Inc.", "Module Name": "ProtectServer Internal Express 2 (PSI-E2)", "Module Type": "Hardware", "Validation Date": "08/20/201511/24/201501/10/201706/23/201706/23/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2434.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2434", "detail_available": true, "module_name": "ProtectServer Internal Express 2 (PSI-E2)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the Security Policy Section 3", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The SafeNet PSI-E 2 is a high-end intelligent PCI adapter card, used either standalone or in the SafeNet PSE 2 appliance, that provides a wide range of cryptographic functions using firmware and dedicated hardware processors. The module provides key management (e.g., generation, storage, deletion, and backup), an extensive suite of cryptographic mechanisms, and process management including separation between operators. The PSI-E 2 also features non-volatile tamper protected memory for key storage, a hardware random number generator, and an RTC." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2433", "Certificate Number": "2433", "Vendor Name": "Forcepoint", "Module Name": "Websense Java Crypto Module", "Module Type": "Software", "Validation Date": "08/19/201504/11/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2433.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2433", "detail_available": true, "module_name": "Websense Java Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Websense Java Crypto Module provides cryptographic functions for a variety of security solutions from Forcepoint.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2432", "Certificate Number": "2432", "Vendor Name": "VASCO Data Security International, Inc.", "Module Name": "DIGIPASS GO-7", "Module Type": "Hardware", "Validation Date": "08/19/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2432.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2432", "detail_available": true, "module_name": "DIGIPASS GO-7", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "DIGIPASS GO-7 is a 'one-button' strong authentication hardware device, based on VASCO's proven DIGIPASS technology. With a single press of a button, DIGIPASS GO-7 generates and displays a dynamic one-time password every time the user wants to log onto an application, website or network.", "algorithms": [ "AES", "KDF" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2431", "Certificate Number": "2431", "Vendor Name": "iStorage Limited", "Module Name": "iStorage datAshur SSD 3.0 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "08/19/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2431.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2431", "detail_available": true, "module_name": "iStorage datAshur SSD 3.0 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "iStorage datAshur SSD 3.0 Cryptographic Module" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2430", "Certificate Number": "2430", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung Kernel Cryptographic Module", "Module Type": "Software", "Validation Date": "08/14/201509/04/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2430.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2430", "detail_available": true, "module_name": "Samsung Kernel Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates random strings whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Provides general purpose cryptographic services to services in the Linux kernel and user-space applications, intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2429", "Certificate Number": "2429", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® Backup HSM Cryptographic Module", "Module Type": "Hardware", "Validation Date": "08/11/201509/04/201510/26/201501/14/201601/22/201605/12/201601/10/201706/23/201706/23/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2429.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2429", "detail_available": true, "module_name": "Luna® Backup HSM Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Luna® Backup HSM Hardware Security Module (HSM) provides the same level of security as the Luna® SA and Luna® PCI-E HSMs in a convenient, small, low-cost form factor. The Luna Backup HSM ensures that sensitive cryptographic material remains strongly protected in hardware even when not being used. One can easily back up and duplicate keys securely to the Luna Backup HSM for safekeeping in case of emergency, failure or disaster.", "algorithms": [ "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2428", "Certificate Number": "2428", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI-E Cryptographic Module and Luna® PCI-E Cryptographic Module for Luna® SA", "Module Type": "Hardware", "Validation Date": "08/11/201509/18/201510/26/201512/15/201501/10/201706/23/201706/23/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2428.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2428", "detail_available": true, "module_name": "Luna® PCI-E Cryptographic Module and Luna® PCI-E Cryptographic Module for Luna® SA", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Luna PCI-e cryptographic module is a multi-chip embedded hardware cryptographic module in the form of a PCI-Express card that typically resides within a custom computing or secure communications appliance. The cryptographic module is contained in its own secure enclosure that provides physical resistance to tampering. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI-e card.", "algorithms": [ "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2427", "Certificate Number": "2427", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI-E Cryptographic Module and Luna® PCI-E Cryptographic Module for Luna® SA", "Module Type": "Hardware", "Validation Date": "08/11/201509/30/201510/26/201512/15/201501/10/201706/23/201706/23/201702/21/201805/03/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2427.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2427", "detail_available": true, "module_name": "Luna® PCI-E Cryptographic Module and Luna® PCI-E Cryptographic Module for Luna® SA", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Luna PCI-e cryptographic module is a multi-chip embedded hardware cryptographic module in the form of a PCI-Express card that typically resides within a custom computing or secure communications appliance. The cryptographic module is contained in its own secure enclosure that provides physical resistance to tampering. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI-e card.", "algorithms": [ "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2426", "Certificate Number": "2426", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® G5 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "08/11/201509/04/201510/26/201501/14/201601/22/201605/12/201601/10/201706/23/201706/23/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2426.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2426", "detail_available": true, "module_name": "Luna® G5 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Luna® G5 delivers key management in a portable appliance. All key materials are maintained exclusively within the confines of the hardware. The small form-factor and on-board key storage sets the product apart, making it especially attractive to customers who need to physically remove and store the small appliance holding PKI root keys. The appliance directly connects the HSM to the application server via a USB interface.", "algorithms": [ "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2425", "Certificate Number": "2425", "Vendor Name": "wolfSSL Inc.", "Module Name": "wolfCrypt", "Module Type": "Software", "Validation Date": "08/11/201509/15/201509/30/201511/18/201506/23/201608/11/201708/25/201710/20/201703/27/201804/06/201806/07/201810/15/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2425.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2425", "detail_available": true, "module_name": "wolfCrypt", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "wolfCrypt module is a comprehensive suite of FIPS Approved algorithms. All key sizes and modes have been implemented to allow flexibility and efficiency.", "algorithms": [ "AES", "DES", "HMAC", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2424", "Certificate Number": "2424", "Vendor Name": "Rockwell Collins, Inc.", "Module Name": "DVP-200", "Module Type": "Hardware", "Validation Date": "08/11/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2424.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2424", "detail_available": true, "module_name": "DVP-200", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The DVP-200 is data and voice (audio) encryption unit. The DVP uses 128-bit AES for encryption. Public key exchanges and over-the-air rekey capable. Digital voice encoding/decoding to NATO STANAG 4591 MELPe at 2400 and 1200 bps. The DVP's internal modem is configurable from 75 bps through 2400 bps. Data rates through 19200 bps are obtainable using an external modem." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2423", "Certificate Number": "2423", "Vendor Name": "Qualcomm Technologies, Inc.", "Module Name": "QTI Cryptographic Module on Crypto 5 Core", "Module Type": "Software-Hybrid", "Validation Date": "08/11/201512/03/201502/12/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2423.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2423", "detail_available": true, "module_name": "QTI Cryptographic Module on Crypto 5 Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "This cryptographic module implements block ciphers including AES, Triple-DES, hash functions SHA-1 and SHA-256, Message Authentication Code functions HMAC and CMAC and DRBG 800-90A." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2422", "Certificate Number": "2422", "Vendor Name": "Nimble Storage, a Hewlett Packard Enterprise company", "Module Name": "Nimble Storage FIPS Object Module", "Module Type": "Software", "Validation Date": "08/11/201503/01/201606/07/201607/25/201603/26/201801/26/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2422.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2422", "detail_available": true, "module_name": "Nimble Storage FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security relevant modification to Cert. #1747", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Nimble Storage FIPS Object Module 2.0.9 is a general purpose cryptographic module built from the OpenSSL FIPS Object Module 2.0.9 source code, which is validated under certificate #1747. It is designed for ease of use with the popular OpenSSL cryptographic library and toolkit.", "algorithms": [ "AES", "CVL", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2421", "Certificate Number": "2421", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Aironet 1142, 1262, 1532e/i, 1552e/i, 1572, 1602e/i, 1702, 2602e/i, 2702e/i, 3502e/i, 3602e/i/p and 3702e/i/p Wireless LAN Access Points", "Module Type": "Hardware", "Validation Date": "08/06/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2421.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2421", "detail_available": true, "module_name": "Cisco Aironet 1142, 1262, 1532e/i, 1552e/i, 1572, 1602e/i, 1702, 2602e/i, 2702e/i, 3502e/i, 3602e/i/p and 3702e/i/p Wireless LAN Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cisco Aironet Series Wireless Access Points provide highly secure and reliable wireless connections for both indoor and outdoor environments.", "algorithms": [ "AES", "CVL", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2420", "Certificate Number": "2420", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® Crypto for C", "Module Type": "Software", "Validation Date": "08/05/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2420.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2420", "detail_available": true, "module_name": "IBM® Crypto for C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The IBM Crypto for C v8.4.0.0 (ICC) cryptographic module is implemented in the C programming language. It is packaged as dynamic (shared) libraries usable by applications written in a language that supports C language linking conventions (e.g. C, C++, Java, Assembler, etc.) for use on commercially available operating systems. The ICC allows these applications to access cryptographic functions using an Application Programming Interface (API) provided through an ICC import library and based on the API defined by the OpenSSL group." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2419", "Certificate Number": "2419", "Vendor Name": "Hewlett Packard®, Enterprise", "Module Name": "TippingPoint Intrusion Prevention System", "Module Type": "Hardware", "Validation Date": "08/05/201508/14/201512/09/201501/06/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2419.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2419", "detail_available": true, "module_name": "TippingPoint Intrusion Prevention System", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with pick-resistant locks and opaque cover installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Inserted transparently into the network, the HP TippingPoint Intrusion Prevention System (IPS) is an in-line security device that performs high-performance, deep packet inspection to protect customer networks from attack. The IPS blocks malicious and unwanted traffic, while allowing good traffic to pass unimpeded. In fact, the IPS optimizes the performance of good traffic by continually cleansing the network and prioritizing applications that are mission critical." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2418", "Certificate Number": "2418", "Vendor Name": "Hewlett Packard®, Enterprise", "Module Name": "TippingPoint Intrusion Prevention System", "Module Type": "Hardware", "Validation Date": "07/30/201508/14/201512/09/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2418.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2418", "detail_available": true, "module_name": "TippingPoint Intrusion Prevention System", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Inserted transparently into the network, the HP TippingPoint Intrusion Prevention System (IPS) is an in-line security device that performs high-performance, deep packet inspection to protect customer networks from attack. The IPS blocks malicious and unwanted traffic, while allowing good traffic to pass unimpeded. In fact, the IPS optimizes the performance of good traffic by continually cleansing the network and prioritizing applications that are mission critical." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2417", "Certificate Number": "2417", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise Control Center", "Module Type": "Hardware", "Validation Date": "07/30/201507/31/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2417.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2417", "detail_available": true, "module_name": "McAfee Firewall Enterprise Control Center", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Policy Section Secure Operation.", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise Control Center simplifies the management of multiple McAfee Firewall Enterprise appliances. Control Center enables centralized management and monitoring of the McAfee Firewall Enterprise solutions, allowing network administrators to centrally define firewall policy, deploy updates and inventory their firewall products.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2416", "Certificate Number": "2416", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise Control Center Virtual Appliance", "Module Type": "Software", "Validation Date": "07/30/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2416.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2416", "detail_available": true, "module_name": "McAfee Firewall Enterprise Control Center Virtual Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy in Section Secure Operation. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise Control Center simplifies the management of multiple McAfee Firewall Enterprise appliances. Control Center enables centralized management and monitoring of the McAfee Firewall Enterprise solutions, allowing network administrators to centrally define firewall policy, deploy updates and inventory their firewall products.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2415", "Certificate Number": "2415", "Vendor Name": "Morpho", "Module Name": "IDeal Citiz™ v2.0 Open", "Module Type": "Hardware", "Validation Date": "07/28/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2415.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2415", "detail_available": true, "module_name": "IDeal Citiz™ v2.0 Open", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The IDeal Citiz™ v2.0 Open is a single chip cryptographic module, which combines an implementation of the Sun Java Card Version 3.0.2 Classic Edition and GlobalPlatform Version 2.1.1 specifications on a dual interface chip (ISO 7816 contact and ISO 14443 contactless interface communication protocols). The module aims to host applets written in Java programming language and relying on cryptographic services and biometric features available at platform level. In particular, Ideal Citiz™ v2.0 Open allows third party developers to implement the biometric \"Match On Card\" user authentication.", "algorithms": [ "AES", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2414", "Certificate Number": "2414", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Astro Subscriber Motorola Advanced Crypto Engine (MACE)", "Module Type": "Hardware", "Validation Date": "07/23/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2414.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2414", "detail_available": true, "module_name": "Astro Subscriber Motorola Advanced Crypto Engine (MACE)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and configured to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The MACE cryptographic processor is used in security modules embedded in Motorola's Astro family of radio systems products. It provides secure voice and data capabilities as well as APCO Over-The-Air-Rekeying and advanced key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2413", "Certificate Number": "2413", "Vendor Name": "Hewlett Packard®, Enterprise", "Module Name": "TippingPoint Intrusion Prevention System", "Module Type": "Hardware", "Validation Date": "07/23/201508/14/201512/09/201501/06/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2413.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2413", "detail_available": true, "module_name": "TippingPoint Intrusion Prevention System", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Inserted transparently into the network, the HP TippingPoint Intrusion Prevention System (IPS) is an in-line security device that performs high-performance, deep packet inspection to protect customer networks from attack. The IPS blocks malicious and unwanted traffic, while allowing good traffic to pass unimpeded. In fact, the IPS optimizes the performance of good traffic by continually cleansing the network and prioritizing applications that are mission critical." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2412", "Certificate Number": "2412", "Vendor Name": "CellTrust® Corporation", "Module Name": "CellTrust Cryptographic Module (CTCM)", "Module Type": "Software", "Validation Date": "07/22/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2412.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2412", "detail_available": true, "module_name": "CellTrust Cryptographic Module (CTCM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The CellTrust Cryptographic Module v2.0 (CTCM) is part of CellTrust Trusted Foundation that performs cryptographic operations for transmission and storage of sensitive information. The CTCM is classified by FIPS 140-2 as a software module, multi-chip standalone module embodiment. FIPS is Federal Information Processing Standards developed by the United States federal government.", "algorithms": [ "ECDSA", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2411", "Certificate Number": "2411", "Vendor Name": "Apple Inc.", "Module Name": "Apple OS X CoreCrypto Kernel Module v5.0", "Module Type": "Software", "Validation Date": "07/22/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2411.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2411", "detail_available": true, "module_name": "Apple OS X CoreCrypto Kernel Module v5.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Apple OS X CoreCrypto Kernel Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2410", "Certificate Number": "2410", "Vendor Name": "KIOXIA Corporation", "Module Name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX model NA02, NA04, NA05)", "Module Type": "Hardware", "Validation Date": "07/22/201508/31/201611/19/202011/30/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2410.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2410", "detail_available": true, "module_name": "KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive (PX model NA02, NA04, NA05)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The KIOXIA TCG Enterprise SSC Self-Encrypting Solid State Drive is used for solid state drive data security. This Cryptographic Module (CM) provides various cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, cryptographic erase, independently protected user data LBA bands, and FW download." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2409", "Certificate Number": "2409", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ASR 1001, 1001-X, 1002, 1002-X, 1004, 1006 and 1013", "Module Type": "Hardware", "Validation Date": "07/22/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2409.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2409", "detail_available": true, "module_name": "Cisco ASR 1001, 1001-X, 1002, 1002-X, 1004, 1006 and 1013", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 9 of the Security Policy and with the configurations in Table 1 as defined in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The ASR 1000 Routers accelerate services by offering performance and resiliency with optimized, intelligent services; establishing a benchmark for price-to-performance offerings in the enterprise routing, service provider edge, and broadband aggregation segments; facilitating significant network innovations in areas such as secure WAN aggregation, managed customer-premises-equipment services, and service provider edge services, and reducing operating expenses and capital expenditures by facilitating managed or hosted services over identical architectures and operating environments.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2408", "Certificate Number": "2408", "Vendor Name": "Apple Inc.", "Module Name": "Apple OS X CoreCrypto Module, v5.0", "Module Type": "Software", "Validation Date": "07/22/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2408.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2408", "detail_available": true, "module_name": "Apple OS X CoreCrypto Module, v5.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Apple OS X CoreCrypto Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2407", "Certificate Number": "2407", "Vendor Name": "Apple Inc.", "Module Name": "Apple iOS CoreCrypto Kernel Module v5.0", "Module Type": "Software", "Validation Date": "07/22/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2407.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2407", "detail_available": true, "module_name": "Apple iOS CoreCrypto Kernel Module v5.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Apple iOS CoreCrypto Kernel Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2406", "Certificate Number": "2406", "Vendor Name": "Digicine Oristar Technology Development (Beijing) Co., Ltd.", "Module Name": "AQ42-M", "Module Type": "Hardware", "Validation Date": "07/09/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2406.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2406", "detail_available": true, "module_name": "AQ42-M", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "AQ42-M is a hardware security module that provides decryption, decoding/encoding of audio/video data for the digital cinema projector system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2405", "Certificate Number": "2405", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "07/08/201502/03/201611/07/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2405.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2405", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2404", "Certificate Number": "2404", "Vendor Name": "Digital Defence Ltd", "Module Name": "Secure Mobile", "Module Type": "Software", "Validation Date": "07/06/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2404.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2404", "detail_available": true, "module_name": "Secure Mobile", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated with the Microsoft Windows CE, Windows Mobile, and Windows Embedded Handheld Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #560 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Secure Mobile Cryptographic Module provides core cryptographic functionality in a Windows Embedded Handheld environment. It supports XTS-AES-128 cipher mode for storage encryption, KDF acc. to NIST SP 800-108 to derive the storage encryption key, and HMAC-SHA-256 for integrity protection of its binaries and settings. For generation of XTS tweak values a validated RNG (Cert. #286) contained in \"Windows CE and Windows Mobile Enhanced Cryptographic Provider (RSAENH)\" , which is a FIPS 140-2 certified cryptographic software module contained in the platform.", "algorithms": [ "AES", "HMAC", "KDF", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2403", "Certificate Number": "2403", "Vendor Name": "Thales", "Module Name": "Thales Luna USB Hardware Security Module", "Module Type": "Hardware", "Validation Date": "08/11/201509/04/201510/26/201501/14/201601/22/201605/12/201601/10/201706/23/201706/23/201702/21/201810/04/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2403.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2403", "detail_available": true, "module_name": "Thales Luna USB Hardware Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Thales Luna USB Hardware Security Module delivers key management in a portable appliance. All key materials are maintained exclusively within the confines of the hardware. The small form-factor and on-board key storage sets the product apart, making it especially attractive to customers who need to physically remove and store the small appliance holding PKI root keys. The appliance directly connects the HSM to the application server via a USB interface.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2402", "Certificate Number": "2402", "Vendor Name": "BlackBerry Limited", "Module Name": "BlackBerry Cryptographic Tool Kit", "Module Type": "Software", "Validation Date": "07/01/201503/16/201606/03/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2402.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2402", "detail_available": true, "module_name": "BlackBerry Cryptographic Tool Kit", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The BlackBerry Cryptographic Tool Kit is a standards-based cryptographic toolkit that supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into both mobile and server-based applications. The BlackBerry Cryptographic Tool Kit, part of the suite of BlackBerry cryptographic modules, provides application developers with a means to expand the secure capabilities and features BlackBerry is known for, to devices running operating systems other than BlackBerry OS." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2401", "Certificate Number": "2401", "Vendor Name": "Kanguru Solutions", "Module Name": "Kanguru Defender 3000", "Module Type": "Hardware", "Validation Date": "06/30/201506/21/201604/06/202010/16/202001/03/202401/08/2025", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2401.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2401", "detail_available": true, "module_name": "Kanguru Defender 3000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Kanguru Defender 3000 is a 256-bit AES hardware encrypted USB flash drive used primarily to secure data at rest. The device can also be used as a secure platform for remote access and virtualized applications run directly from the drive. The Kanguru Defender line of secure USB solutions is remotely manageable through the Kanguru Remote Management Console (KRMC)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2400", "Certificate Number": "2400", "Vendor Name": "SonicWall, Inc.", "Module Name": "SonicWALL NSA Series SM 9600, SM 9400, SM 9200, NSA 6600", "Module Type": "Hardware", "Validation Date": "06/29/201503/22/201606/15/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2400.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2400", "detail_available": true, "module_name": "SonicWALL NSA Series SM 9600, SM 9400, SM 9200, NSA 6600", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SonicWALL™ SuperMassive™ 9000 Series Next-Generation Firewall (NGFW) is designed to deliver deep security to your enterprise at multi-gigbit speeds. Offering the ultimate in security with enterprise class performance, the SuperMassive 9000 Series detects and blocks the most sophisticated threats before they can enter your network with minimal latency for every connection on the network. Its multicore design can gracefully handle traffic spikes without impacting network performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2399", "Certificate Number": "2399", "Vendor Name": "Dell Software, Inc.", "Module Name": "Dell SonicWALL NSA Series 2600, 3600, 4600, 5600", "Module Type": "Hardware", "Validation Date": "06/29/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2399.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2399", "detail_available": true, "module_name": "Dell SonicWALL NSA Series 2600, 3600, 4600, 5600", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Enterprise-class security and performance made afordable for small- to medium-sized business. The NSA Series offers industry leading next-generation firewall protection, performance, and scalability. A suite of tools, including intrusion prevention, gateway anti-virus, and anti-spyware plus application intelligence and control, offer granular control through application blocking, bandwidth management and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2398", "Certificate Number": "2398", "Vendor Name": "OpenSSL Software Services Inc.", "Module Name": "OpenSSL FIPS Object Module SE", "Module Type": "Software", "Validation Date": "06/24/201512/17/201502/08/201608/15/201612/30/201601/10/201701/30/201703/13/201705/23/201706/01/201708/22/201711/20/201701/30/201802/21/201806/28/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2398.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2398", "detail_available": true, "module_name": "OpenSSL FIPS Object Module SE", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The OpenSSL FIPS Object Module SE is a general purpose cryptographic module delivered as open source code. It is designed for ease of use with the popular OpenSSL cryptographic library and toolkit and is available for use without charge for a wide variety of platforms. The basic validation can also be extended quickly and affordably to accommodate new platforms and many types of modifications.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2397", "Certificate Number": "2397", "Vendor Name": "WatchData Technologies Pte Ltd", "Module Name": "WatchKey ProX USB Token Cryptographic Module", "Module Type": "Hardware", "Validation Date": "06/23/201510/11/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2397.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2397", "detail_available": true, "module_name": "WatchKey ProX USB Token Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The WatchKey ProX USB Token is a USB-based PKI, two-factor authentication token device. It provides digital signature generation/verification for online authentications and data encryption/decryption for online transactions. The user’s private and public key pairs can be generated and stored on the embedded chip." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2396", "Certificate Number": "2396", "Vendor Name": "Apple Inc.", "Module Name": "Apple iOS CoreCrypto Module v5.0", "Module Type": "Software", "Validation Date": "06/23/201508/15/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2396.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2396", "detail_available": true, "module_name": "Apple iOS CoreCrypto Module v5.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Apple iOS CoreCrypto Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2395", "Certificate Number": "2395", "Vendor Name": "Syn-Tech Systems, Inc.", "Module Name": "ProFLEX01-R2", "Module Type": "Hardware", "Validation Date": "06/23/201502/17/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2395.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2395", "detail_available": true, "module_name": "ProFLEX01-R2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Syntech's custom designed ProFLEX01-R2 encryption module is embedded into the foundation of the FuelMaster line of AIM Titanium products. This technology propels FuelMaster to the forefront in secure, automated fleet and fuel management systems. Trusting in NIST-Validated encryption for data-in-transit and data-at-rest, Information Assurance Managers can depend on knowing their data is protected to the highest standards of the US Government.", "algorithms": [ "AES", "KTS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2394", "Certificate Number": "2394", "Vendor Name": "Hewlett-Packard TippingPoint", "Module Name": "HP TippingPoint Crypto Core NSS", "Module Type": "Software", "Validation Date": "06/15/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2394.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2394", "detail_available": true, "module_name": "HP TippingPoint Crypto Core NSS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and when obtained, installed, and initialized as specified in Section 5 of the provided Security Policy. For Red Hat Linux 6.2, Section 5 also specifies the precise RPM file containing this module. The integrity of the RPM is automatically verified during the installation and the Crypto officer shall not install the RPM file if the RPM tool indicates an integrity error. For CentOS 5.6 the module is compiled from source available from Mozilla. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The HP TippingPoint Crypto Core NSS is a software library which provides FIPS 140-2 approved cryptographic algorithms and services for HP TippingPoint security products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2393", "Certificate Number": "2393", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Integrated Services Router (ISR) 4451-X (with SM-ES3X-16-P, SM-ES3X-24-P, SM-D-ES3X-48-P, PVDM4-32, PVDM4-64, PVDM4-128 and PVDM4-256) and Integrated Services Router (ISR) 4431 (with PVDM4-32, PVDM4-64, PVDM4-128 and PVDM4-256)", "Module Type": "Hardware", "Validation Date": "06/15/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2393.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2393", "detail_available": true, "module_name": "Cisco Integrated Services Router (ISR) 4451-X (with SM-ES3X-16-P, SM-ES3X-24-P, SM-D-ES3X-48-P, PVDM4-32, PVDM4-64, PVDM4-128 and PVDM4-256) and Integrated Services Router (ISR) 4431 (with PVDM4-32, PVDM4-64, PVDM4-128 and PVDM4-256)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Integrated Services Router are a highly scalable WAN and Internet Edge router platform that delivers embedded hardware acceleration for multiple Cisco IOS XE Software services without the need for separate service blades. The Routers are designed for business-class resiliency, featuring redundant Route and Embedded Services Processors, as well as software-based redundancy.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2392", "Certificate Number": "2392", "Vendor Name": "Oberthur Technologies", "Module Name": "ID-One PIV on Cosmo V8", "Module Type": "Hardware", "Validation Date": "06/15/201503/15/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2392.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2392", "detail_available": true, "module_name": "ID-One PIV on Cosmo V8", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "ID-One PIV on Cosmo V8 is the next generation of FIPS 201-2 compliant Smart card. Performances have been optimized to allow a FICAM authentication in less than a second.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "KAS", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2391", "Certificate Number": "2391", "Vendor Name": "Trend Micro Inc.", "Module Name": "TippingPoint Crypto Core FIPS Object Module for OpenSSL", "Module Type": "Software", "Validation Date": "06/11/201512/24/201511/22/201712/01/201703/04/201911/14/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2391.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2391", "detail_available": true, "module_name": "TippingPoint Crypto Core FIPS Object Module for OpenSSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The TippingPoint Crypto Core OpenSSL is a software library which provides FIPS 140-2 approved cryptographic algorithms and services for TippingPoint security products.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2390", "Certificate Number": "2390", "Vendor Name": "SPYRUS, Inc.", "Module Name": "SPYCOS® 3.0 QFN", "Module Type": "Hardware", "Validation Date": "06/19/201512/09/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2390.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2390", "detail_available": true, "module_name": "SPYCOS® 3.0 QFN", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "SPYCOS® 3.0 is a hardware encryption engine in QFN form factor supporting Suite B functionality that is ideal for embedded and secure flash storage applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2389", "Certificate Number": "2389", "Vendor Name": "Rambus Global Inc., Finnish branch", "Module Name": "SafeZone FIPS Cryptographic Module", "Module Type": "Software", "Validation Date": "06/02/201505/26/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2389.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2389", "detail_available": true, "module_name": "SafeZone FIPS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SafeZone FIPS Cryptographic Module is a FIPS 140-2 Security Level 1 validated software cryptographic module from Rambus. The module is a toolkit which provides the most commonly needed cryptographic primitives for a large variety of applications, including but not limited to, primitives needed for DAR, DRM, TLS, and VPN on mobile devices.", "algorithms": [ "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2388", "Certificate Number": "2388", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "IOS Common Cryptographic Module (IC2M) Rel5", "Module Type": "Firmware", "Validation Date": "05/28/201511/20/201707/31/201807/01/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2388.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2388", "detail_available": true, "module_name": "IOS Common Cryptographic Module (IC2M) Rel5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The IC2M module provides the FIPS validated cryptographic algorithms for services requiring those algorithms. The module does not implement any protocols directly. Instead, it provides the cryptographic primitives and functions to allow IOS to implement those various protocols." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2387", "Certificate Number": "2387", "Vendor Name": "Hewlett Packard®, Enterprise", "Module Name": "HPE XP7 Encryption Ready Disk Adapter (eDKA) Level1", "Module Type": "Hardware", "Validation Date": "05/22/201501/28/201602/18/201602/23/201603/07/201608/04/201710/06/201702/06/201810/01/201906/19/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2387.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2387", "detail_available": true, "module_name": "HPE XP7 Encryption Ready Disk Adapter (eDKA) Level1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The HP XP7 Encryption Ready Disk Adapter (eDKA) Level1 provides high speed data at rest encryption for HP storage." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2386", "Certificate Number": "2386", "Vendor Name": "Hitachi, Ltd.", "Module Name": "Hitachi Virtual Storage Platform (VSP) Encryption Engine", "Module Type": "Hardware", "Validation Date": "05/22/201501/28/201602/18/201608/04/201710/06/201702/07/201803/21/201903/30/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2386.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2386", "detail_available": true, "module_name": "Hitachi Virtual Storage Platform (VSP) Encryption Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Hitachi Virtual Storage Platform (VSP) Encryption Engine provides high speed data at rest encryption for Hitachi storage." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2385", "Certificate Number": "2385", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "µMACE", "Module Type": "Hardware", "Validation Date": "05/22/201501/30/201704/25/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2385.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2385", "detail_available": true, "module_name": "µMACE", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The µMACE cryptographic processor is used in security modules embedded in Motorola Solutions security products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2384", "Certificate Number": "2384", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade® DCX, DCX 8510-8, DCX-4S and DCX 8510-4 Backbones, 6510 FC Switch, 6520 FC Switch and 7800 Extension Switch", "Module Type": "Hardware", "Validation Date": "05/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2384.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2384", "detail_available": true, "module_name": "Brocade® DCX, DCX 8510-8, DCX-4S and DCX 8510-4 Backbones, 6510 FC Switch, 6520 FC Switch and 7800 Extension Switch", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident labels installed and with the configurations in Tables 2, 3 and 5 as defined in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Brocade DCX, DCX 8510-8, DCX-4S and DCX 8510-4 Backbones and the 6510 and 6520 Switch provide a reliable, scalable Fibre Channel switching infrastructure with market-leading 16 Gbps technology and capabilities that support demanding, enterprise-class private cloud storage and highly virtualized environments. The Brocade 7800 Extension Switch provides fast, reliable WAN/MAN connectivity for remote data replication, backup, and migration with Fibre Channel and advanced Fibre Channel over IP (FCIP) technology." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2383", "Certificate Number": "2383", "Vendor Name": "Hewlett-Packard Company", "Module Name": "HP Virtual Connect 16Gb 24-Port FC Module", "Module Type": "Hardware", "Validation Date": "05/21/201507/06/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2383.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2383", "detail_available": true, "module_name": "HP Virtual Connect 16Gb 24-Port FC Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The HP Virtual Connect 16Gb 24-Port FC Module is an embedded blade that meets FIPS 140-2 Level 1 security requirements, and is designed to be embedded inside HP BladeSystem c-Class enclosures." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2382", "Certificate Number": "2382", "Vendor Name": "Western Digital Corporation", "Module Name": "Ultrastar® 7K6000 TCG Enterprise HDDs", "Module Type": "Hardware", "Validation Date": "05/21/201507/23/201510/14/201505/11/201608/30/201608/11/201709/22/201709/26/201703/07/201807/27/201810/12/201803/07/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2382.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2382", "detail_available": true, "module_name": "Ultrastar® 7K6000 TCG Enterprise HDDs", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "Self-Encrypting Ultrastar® 7K6000 TCG Enterprise HDDs, from Western Digital, implement TCG Storage specifications that meet or exceed the most demanding performance and security requirements. Ultrastar 7K6000 drives deliver up to 6TB of capacity in an industry standard, 3.5-inch hard drive, for capacity-optimized enterprise applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2381", "Certificate Number": "2381", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade® MLXe®, Brocade® NetIron® CER 2000 Ethernet Routers and Brocade CES 2000 Routers and Switches", "Module Type": "Hardware", "Validation Date": "05/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2381.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2381", "detail_available": true, "module_name": "Brocade® MLXe®, Brocade® NetIron® CER 2000 Ethernet Routers and Brocade CES 2000 Routers and Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident labels installed and with the configurations in Tables 8, 13 and 17 in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Brocade NetIron CER 2000 Series is a family of compact routers that are purpose-built for high-performance Ethernet edge routing and MPLS applications. The Brocade NetIron CES 2000 Series of switches provides IP routing and advanced Carrier Ethernet capabilities in a compact form factor. The Brocade MLXe Series routers feature industry-leading 100 Gigabit Ethernet (GbE), 10 GbE, and 1 GbE wire-speed density.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2380", "Certificate Number": "2380", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung UFS (Universal Flash Storage) Shark SED", "Module Type": "Hardware", "Validation Date": "05/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2380.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2380", "detail_available": true, "module_name": "Samsung UFS (Universal Flash Storage) Shark SED", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Samsung UFS Shark SED is a high-performance embedded storage that provides on-the-fly encryption/decryption of user data without performance loss and supports SSP (Secure Storage Protocol) v1.0. It implements AES256-XTS for user data encryption, ECDSA P-224 for FW authentication, and Hash_DRBG for key generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2379", "Certificate Number": "2379", "Vendor Name": "Ciena® Corporation", "Module Name": "Ciena 6500 Packet-Optical Platform 4x10G", "Module Type": "Hardware", "Validation Date": "05/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2379.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2379", "detail_available": true, "module_name": "Ciena 6500 Packet-Optical Platform 4x10G", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When installed, initialized and configured as specified in Section 3.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The 6500 Packet Optical Platform 4x10G OTR with encryption card offers an integrated and protocol agnostic transport encryption solution in a high density form factor. With 4 independent AES-256 10G encryption engines, this ultra-low latency wirespeed encryption solution is designed for deployments within enterprises of all sizes, government agencies and datacenters, whether as standalone encryption solution or as part of a service provider managed service offering.", "algorithms": [ "AES", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2378", "Certificate Number": "2378", "Vendor Name": "ChaseSun Information Security Technology Development (Beijing) Co., Ltd.", "Module Name": "ChaseSun CS100", "Module Type": "Hardware", "Validation Date": "06/19/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2378.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2378", "detail_available": true, "module_name": "ChaseSun CS100", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The ChaseSun CS100 Cryptographic Module is a multi-chip embedded cryptographic module designed to decrypt and decode audio/video data for a digital cinema projector." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2377", "Certificate Number": "2377", "Vendor Name": "Symantec Corporation", "Module Name": "Symantec PGP Cryptographic Engine", "Module Type": "Software", "Validation Date": "05/21/201507/06/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2377.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2377", "detail_available": true, "module_name": "Symantec PGP Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products. It includes a wide range of field-tested and standards-based encryption, digital signature, and encoding algorithms as well as a variety of secure network protocol implementations." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2376", "Certificate Number": "2376", "Vendor Name": "Apricorn, Inc.", "Module Name": "Aegis Secure Key 3.0 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "05/21/201502/02/201606/01/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2376.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2376", "detail_available": true, "module_name": "Aegis Secure Key 3.0 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Aegis Secure Key 3.0 is a USB 3.0 portable encrypted memory key. Completely contained within a small footprint/boundary, the module is designed to allow simple, software free integration into various secure storage systems requiring a FIPS 140-2 validated encryption boundary." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2375", "Certificate Number": "2375", "Vendor Name": "Hewlett Packard Enterprise Development LP", "Module Name": "HPE P-Class Smart Array RAID Controllers", "Module Type": "Hardware", "Validation Date": "05/20/201506/13/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2375.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2375", "detail_available": true, "module_name": "HPE P-Class Smart Array RAID Controllers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Policy Section Secure Operation", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The HPE P-Class Smart Array RAID Controllers are a family of serial-attached SCSI host bus adapters that provide intelligent storage array control. The controllers can be card-based or embedded within an HP server, and provide a high speed data path, on-board storage cache, remote management, and encryption of data at rest.", "algorithms": [ "AES", "DRBG", "HMAC", "KDF", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2374", "Certificate Number": "2374", "Vendor Name": "Avaya, Inc.", "Module Name": "Avaya WLAN 9100 Access Points", "Module Type": "Hardware", "Validation Date": "05/08/201508/07/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2374.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2374", "detail_available": true, "module_name": "Avaya WLAN 9100 Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Wireless LAN 9100 Access Points" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2373", "Certificate Number": "2373", "Vendor Name": "Neopost Technologies, S.A.", "Module Name": "Neopost Postal Security Device (PSD)", "Module Type": "Hardware", "Validation Date": "05/05/201506/21/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2373.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2373", "detail_available": true, "module_name": "Neopost Postal Security Device (PSD)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Neopost Postal Security Device (PSD) is a cryptographic module embedded within postal franking machines. The PSD performs all franking machine’s cryptographic and postal security functions and protects the Critical Security Parameters (CSPs) and Postal Relevant Data from unauthorized access." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2372", "Certificate Number": "2372", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-5140B Chassis with FortiGate/FortiSwitch 5000 Series Blades", "Module Type": "Hardware", "Validation Date": "05/05/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2372.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2372", "detail_available": true, "module_name": "FortiGate-5140B Chassis with FortiGate/FortiSwitch 5000 Series Blades", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FortiGate product family spans the full range of network environments, from SOHO to service provider, offering cost effective systems for any size of application. FortiGate appliances detect and eliminate the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2371", "Certificate Number": "2371", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-3600C and FortiGate-3950B", "Module Type": "Hardware", "Validation Date": "05/04/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2371.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2371", "detail_available": true, "module_name": "FortiGate-3600C and FortiGate-3950B", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FortiGate product family spans the full range of network environments, from SOHO to service provider, offering cost effective systems for any size of application. FortiGate appliances detect and eliminate the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2370", "Certificate Number": "2370", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiOS™ 5.0", "Module Type": "Firmware", "Validation Date": "05/04/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2370.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2370", "detail_available": true, "module_name": "FortiOS™ 5.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The FortiOS is a firmware based operating system that runs exclusively on Fortinet's FortiGate/FortiWiFi product family. The FortiOS provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering and traffic shaping and HA capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2369", "Certificate Number": "2369", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-1500D and 3700D", "Module Type": "Hardware", "Validation Date": "05/04/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2369.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2369", "detail_available": true, "module_name": "FortiGate-1500D and 3700D", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FortiGate product family spans the full range of network environments, from SOHO to service provider, offering cost effective systems for any size of application. FortiGate appliances detect and eliminate the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2368", "Certificate Number": "2368", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-1000C, FortiGate-1240B, FortiGate-3140B and FortiGate-3240C", "Module Type": "Hardware", "Validation Date": "05/04/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2368.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2368", "detail_available": true, "module_name": "FortiGate-1000C, FortiGate-1240B, FortiGate-3140B and FortiGate-3240C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FortiGate product family spans the full range of network environments, from SOHO to service provider, offering cost effective systems for any size of application. FortiGate appliances detect and eliminate the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2367", "Certificate Number": "2367", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-100D, FortiGate-200B, FortiGate-200D, FortiGate-300C, FortiGate-600C and FortiGate-800C", "Module Type": "Hardware", "Validation Date": "05/04/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2367.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2367", "detail_available": true, "module_name": "FortiGate-100D, FortiGate-200B, FortiGate-200D, FortiGate-300C, FortiGate-600C and FortiGate-800C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FortiGate product family spans the full range of network environments, from SOHO to service provider, offering cost effective systems for any size of application. FortiGate appliances detect and eliminate the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2366", "Certificate Number": "2366", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-60C/60D/80C and FortiWiFi-60C/60D", "Module Type": "Hardware", "Validation Date": "05/04/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2366.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2366", "detail_available": true, "module_name": "FortiGate-60C/60D/80C and FortiWiFi-60C/60D", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FortiGate product family spans the full range of network environments, from SOHO to service provider, offering cost effective systems for any size of application. FortiGate appliances detect and eliminate the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2365", "Certificate Number": "2365", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Systems 5508 Wireless LAN Controller", "Module Type": "Hardware", "Validation Date": "05/04/201509/04/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2365.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2365", "detail_available": true, "module_name": "Cisco Systems 5508 Wireless LAN Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 5500 Series Wireless Controller, is a highly scalable and flexible platform that enables system-wide services for mission-critical wireless networking in medium-sized to large enterprises and campus environments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2364", "Certificate Number": "2364", "Vendor Name": "Dell, Inc.", "Module Name": "Dell OpenSSL Cryptographic Library", "Module Type": "Software", "Validation Date": "04/28/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2364.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2364", "detail_available": true, "module_name": "Dell OpenSSL Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Dell OpenSSL Cryptographic Library v2.1 is used within various Dell Networking products, including the S and Z-Series. Dell Networking S and Z-Series are high performance 10/40GbE ToR and Core Fabric switching products designed for highly virtualized Data Centers. These switches are built on top of Dell’s Data Center hardened OS, Dell Networking OS.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2363", "Certificate Number": "2363", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Systems 5760 Wireless LAN Controller", "Module Type": "Hardware", "Validation Date": "04/27/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2363.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2363", "detail_available": true, "module_name": "Cisco Systems 5760 Wireless LAN Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 5760 Wireless Controller is an industry-leading platform designed for 802.11ac networks with maximum performance and services at scale, combined with high availability for mission-critical wireless networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2362", "Certificate Number": "2362", "Vendor Name": "Blue Coat® Systems, Inc.", "Module Name": "SSL Visibility Appliance", "Module Type": "Hardware", "Validation Date": "04/23/201509/04/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2362.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2362", "detail_available": true, "module_name": "SSL Visibility Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SSL Visibility Appliance is designed to detect SSL traffic and then under policy control to \"inspect\" the traffic. Inspection involves decrypting and re-encrypting the traffic to gain access to the clear text then passing this data to one or more associated security appliance(s) that need to see decrypted traffic." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2361", "Certificate Number": "2361", "Vendor Name": "Blue Coat® Systems, Inc.", "Module Name": "SSL Visibility Appliance", "Module Type": "Hardware", "Validation Date": "04/23/201509/04/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2361.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2361", "detail_available": true, "module_name": "SSL Visibility Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SSL Visibility Appliance is designed to detect SSL traffic and then under policy control to \"inspect\" the traffic. Inspection involves decrypting and re-encrypting the traffic to gain access to the clear text then passing this data to one or more associated security appliance(s) that need to see decrypted traffic." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2360", "Certificate Number": "2360", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "IPCryptR2", "Module Type": "Hardware", "Validation Date": "04/13/201501/30/201705/31/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2360.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2360", "detail_available": true, "module_name": "IPCryptR2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The IPCryptR2 provides secure key management and data encryption in Astro, Dimetra and Broadband Systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2359", "Certificate Number": "2359", "Vendor Name": "DataLocker Inc.", "Module Name": "IronKey H350", "Module Type": "Hardware", "Validation Date": "04/13/201510/20/201503/22/201603/22/201603/23/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2359.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2359", "detail_available": true, "module_name": "IronKey H350", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "Files distributed with the module mounted within the internal CD Drive are excluded from validation", "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone", "description": "IronKey H350 is a Secure USB 3.0 hard disk drive with 256-bit AES hardware encryption and PKI operations combined with strong, built-in password protection capabilities to help control user access to desktops, sensitive data and critical applications. IronKey H350 allows enterprise class device management features like policy updates, password recovery and remote kill features." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2358", "Certificate Number": "2358", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Astro Subscriber Motorola Advanced Crypto Engine (MACE)", "Module Type": "Hardware", "Validation Date": "04/13/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2358.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2358", "detail_available": true, "module_name": "Astro Subscriber Motorola Advanced Crypto Engine (MACE)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and configured to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The MACE cryptographic processor is used in security modules embedded in Motorola's Astro family of radio systems products. It provides secure voice and data capabilities as well as APCO Over-The-Air-Rekeying and advanced key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2357", "Certificate Number": "2357", "Vendor Name": "Microsoft Corporation", "Module Name": "Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series, Azure StorSimple Virtual Array Windows Server 2012 R2", "Module Type": "Software", "Validation Date": "04/30/201505/29/201505/02/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2357.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2357", "detail_available": true, "module_name": "Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series, Azure StorSimple Virtual Array Windows Server 2012 R2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series validated to FIPS 140-2 under Cert. #2356 operating in FIPS mode, and Code Integrity (ci.dll) in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series validated to FIPS 140-2 under Cert. #2355 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) provides cryptographic services to Windows components and applications. It includes cryptographic algorithms in an easy-to-use cryptographic module via the Cryptography Next Generation (CNG) API. It can be dynamically linked into applications for the use of general-purpose FIPS 140-2 validated cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2356", "Certificate Number": "2356", "Vendor Name": "Microsoft Corporation", "Module Name": "Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series, Azure StorSimple Virtual Array Windows Server 2012 R2", "Module Type": "Software", "Validation Date": "05/19/201505/29/201505/02/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2356.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2356", "detail_available": true, "module_name": "Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series, Azure StorSimple Virtual Array Windows Server 2012 R2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules Boot Manager in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series validated to FIPS 140-2 under Cert. #2351 operating in FIPS mode, and BitLocker(R) Windows OS Loader (winload) in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series validated to FIPS 140-2 under Cert. #2352 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Kernel Mode Cryptographic Primitives Library (cng.sys) runs as a kernel mode export driver, and provides cryptographic services, through their documented interfaces, to Windows kernel components. It supports several cryptographic algorithms accessible via a FIPS function table request IRP (I/O request packet)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2355", "Certificate Number": "2355", "Vendor Name": "Microsoft Corporation", "Module Name": "Code Integrity (ci.dll) in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series, Azure StorSimple Virtual Array Windows Server 2012 R2", "Module Type": "Software", "Validation Date": "04/17/201505/18/201505/02/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2355.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2355", "detail_available": true, "module_name": "Code Integrity (ci.dll) in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series, Azure StorSimple Virtual Array Windows Server 2012 R2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules Boot Manager in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series validated to FIPS 140-2 under Cert. #2351 operating in FIPS mode, and BitLocker(R) Windows OS Loader (winload) in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series validated to FIPS 140-2 under Cert. #2352 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Code Integrity (ci.dll) verifies the integrity of executable files, including kernel mode drivers, critical system components, and user mode cryptographic modules as they are loaded into memory from the disk." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2354", "Certificate Number": "2354", "Vendor Name": "Microsoft Corporation", "Module Name": "BitLocker® Dump Filter (dumpfve.sys) in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro,Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series", "Module Type": "Software", "Validation Date": "04/23/201505/29/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2354.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2354", "detail_available": true, "module_name": "BitLocker® Dump Filter (dumpfve.sys) in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro,Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 2 with modules Boot Manager in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series validated to FIPS 140-2 under Cert. #2351 operating in FIPS mode, BitLocker(R) Windows OS Loader (winload) in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series validated to FIPS 140-2 under Cert. #2352 operating in FIPS mode, and Code Integrity (ci.dll) in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry, Enterprise, StorSimple 8000 Series validated to FIPS 140-2 under Cert. #2355 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The BitLocker® Dump Filter (dumpfve.sys) is the full volume encryption filter that resides in the system dump stack. Whenever the dump stack is called (in the event of a system crash or for hibernation), this filter ensures that all data is encrypted before it gets written to the disk as a dump file or hibernation file." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2353", "Certificate Number": "2353", "Vendor Name": "Microsoft Corporation", "Module Name": "BitLocker® Windows Resume (winresume) in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series", "Module Type": "Software", "Validation Date": "04/23/201505/18/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2353.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2353", "detail_available": true, "module_name": "BitLocker® Windows Resume (winresume) in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Boot Manager in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series validated to FIPS 140-2 under Cert. #2351 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "BitLocker® Windows Resume is an operating system loader which loads the Windows OS kernel (ntoskrnl.exe) and other boot stage binary image files, as well as previous operating system state information, when Windows has been previously put into a sleep or hibernate power state." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2352", "Certificate Number": "2352", "Vendor Name": "Microsoft Corporation", "Module Name": "BitLocker® Windows OS Loader (winload) in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series, Azure StorSimple Virtual Array Windows Server 2012 R2", "Module Type": "Software", "Validation Date": "04/10/201505/18/201505/02/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2352.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2352", "detail_available": true, "module_name": "BitLocker® Windows OS Loader (winload) in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series, Azure StorSimple Virtual Array Windows Server 2012 R2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Boot Manager in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3; Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series validated to FIPS 140-2 under Cert. #2351 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The BitLocker® Windows OS Loader loads the boot-critical driver and OS kernel image files." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2351", "Certificate Number": "2351", "Vendor Name": "Microsoft Corporation", "Module Name": "Boot Manager in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series, Azure StorSimple Virtual Array Windows Server 2012 R2", "Module Type": "Software", "Validation Date": "03/12/201504/10/201505/02/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2351.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2351", "detail_available": true, "module_name": "Boot Manager in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series, Azure StorSimple Virtual Array Windows Server 2012 R2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Windows system boot manager is called by the bootstrapping code that resides in the boot sector. It checks its own integrity, checks the integrity of the Windows OS Loader, and then launches it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2350", "Certificate Number": "2350", "Vendor Name": "Canon Inc.", "Module Name": "Canon MFP Security Chip", "Module Type": "Hardware", "Validation Date": "04/20/201501/31/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2350.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2350", "detail_available": true, "module_name": "Canon MFP Security Chip", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Canon MFP Security Chip handles cryptography for the storage device of the Canon MFP/printer. The Canon MFP Security Chip realizes high-speed data encryption/decryption through a serial ATA interface, using AES CBC mode. This allows the Canon MFP/printer's storage device to be protected against the risk of information leakage, without compromising objectives such as extensibility, flexibility, usability, and high performance.", "algorithms": [ "AES", "DRBG", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2349", "Certificate Number": "2349", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "05/15/201504/14/201603/21/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2349.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2349", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Stand Alone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2348", "Certificate Number": "2348", "Vendor Name": "HGST, a Western Digital company", "Module Name": "HGST Ultrastar He8 TCG Enterprise HDDs", "Module Type": "Hardware", "Validation Date": "04/17/201505/08/201507/23/201504/28/201606/24/201605/02/201705/23/201708/04/201708/11/201709/22/201710/12/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2348.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2348", "detail_available": true, "module_name": "HGST Ultrastar He8 TCG Enterprise HDDs", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "HGST Self-Encrypting Drives implement TCG Storage specifications and meet or exceed the most demanding performance and security requirements. HGST Ultrastar He8 drives are 12 Gbs SAS, 7,200 RPM, 3.5 inch form factor, TCG Enterprise HDDs." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2347", "Certificate Number": "2347", "Vendor Name": "Dell, Inc.", "Module Name": "Dell W-3000 and W-6000/M3 Mobility Controllers with Dell AOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "04/15/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2347.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2347", "detail_available": true, "module_name": "Dell W-3000 and W-6000/M3 Mobility Controllers with Dell AOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy clause \"Installing the Controller\" and the 6000/M3 configured as specified in Security Policy clause \"Minimum Configuration for the Aruba 6000-400\"", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "see change letterDell W-Series family of Mobility Controllers are network infrastructure devices providing secure, scalable solutions for enterprise Wi-Fi, network security policy enforcement, VPN services, and wireless intrusion detection and prevention. Mobility controllers serve as central points of authentication, encryption, access control, and network coordination for all mobile network services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2346", "Certificate Number": "2346", "Vendor Name": "Dell, Inc.", "Module Name": "Dell W-IAP3WN, W-IAP3WNP, W-IAP108, W-IAP109, W-AP114, and W-AP115 Wireless Access Points with Dell AOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "04/08/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2346.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2346", "detail_available": true, "module_name": "Dell W-IAP3WN, W-IAP3WNP, W-IAP108, W-IAP109, W-AP114, and W-AP115 Wireless Access Points with Dell AOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Dell W-Series 802.11n wired and wireless access points offer the highest performance for mobile devices. In FIPS 140-2 mode, W-Series APs in conjunction with a Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. W-Series APs also support wireless intrusion detection/prevention services and wireless mesh topologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2345", "Certificate Number": "2345", "Vendor Name": "Dell, Inc.", "Module Name": "Dell W-AP134 and W-AP135 Wireless Access Points with Dell AOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "04/08/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2345.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2345", "detail_available": true, "module_name": "Dell W-AP134 and W-AP135 Wireless Access Points with Dell AOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Dell W-Series 802.11n wireless access points offer the highest performance for mobile devices. In FIPS 140-2 mode, W-Series APs in conjunction with a Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. W-Series APs also support wireless intrusion detection/prevention services and wireless mesh topologies" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2344", "Certificate Number": "2344", "Vendor Name": "Dell, Inc.", "Module Name": "Dell W-620 and W-650 Mobility Controllers with Dell AOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "04/08/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2344.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2344", "detail_available": true, "module_name": "Dell W-620 and W-650 Mobility Controllers with Dell AOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Dell W-Series family of Mobility Controllers are network infrastructure devices providing secure, scalable solutions for enterprise Wi-Fi, network security policy enforcement, VPN services, and wireless intrusion detection and prevention. Mobility controllers serve as central points of authentication, encryption, access control, and network coordination for all mobile network services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2343", "Certificate Number": "2343", "Vendor Name": "Vormetric, Inc.", "Module Name": "Vormetric Encryption Expert Cryptographic Module", "Module Type": "Software", "Validation Date": "03/24/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2343.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2343", "detail_available": true, "module_name": "Vormetric Encryption Expert Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When operating on Windows 8 R2, requires module Windows Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #1335 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Vormetric Encryption Expert Cryptographic Module is a loadable kernel module also known as \"SECFS\" (SECure File System). This module is a file system layer that enforces an access and encryption policy upon selected data on end-user systems. The policy specifies a key to be used when writing data to disk and while reading data from disk. This module contains the Vormetric Encryption Expert Cryptographic Library, which provides all cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2342", "Certificate Number": "2342", "Vendor Name": "Vormetric, Inc.", "Module Name": "Vormetric Encryption Expert Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "03/24/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2342.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2342", "detail_available": true, "module_name": "Vormetric Encryption Expert Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode.", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "The Vormetric Encryption Expert Cryptographic Module is a loadable kernel module also known as \"SECFS\" (SECure File System). This module is a file system layer that enforces an access and encryption policy upon selected data on end-user systems. The policy specifies a key to be used when writing data to disk and while reading data from disk. This module contains the Vormetric Encryption Expert Cryptographic Library, which provides all cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2341", "Certificate Number": "2341", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 3850 Series Switches and Cisco Catalyst 3650 Series Switches", "Module Type": "Hardware", "Validation Date": "03/20/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2341.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2341", "detail_available": true, "module_name": "Cisco Catalyst 3850 Series Switches and Cisco Catalyst 3650 Series Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Catalyst 3650 and 3850 Series family is the next generation of enterprise-class standalone and stackable access/aggregation layer switches that provide full convergence between wired and wireless on a single platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2339", "Certificate Number": "2339", "Vendor Name": "Dell, Inc.", "Module Name": "Dell W-AP224 and W-AP225 Wireless Access Points with Dell AOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "03/20/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2339.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2339", "detail_available": true, "module_name": "Dell W-AP224 and W-AP225 Wireless Access Points with Dell AOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Dell W-Series 802.11ac Wi-Fi access points operate at gigabit speeds, offering extreme performance for mobile devices. In FIPS 140-2 mode, W-Series APs in conjunction with a Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. W-Series APs also support wireless intrusion detection/prevention services and wireless mesh topologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2338", "Certificate Number": "2338", "Vendor Name": "Chunghwa Telecom Co., Ltd.", "Module Name": "HiCOS Combi PKI Native Smart Card", "Module Type": "Hardware", "Validation Date": "03/16/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2338.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2338", "detail_available": true, "module_name": "HiCOS Combi PKI Native Smart Card", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The HiCOS Combi PKI native smart card module is a single chip implementation of a cryptographic module that supports ISO-7816 contact interface and ISO-14443 contactless interface. The HiCOS Combi PKI native smart card module is mounted in an ID-1 class smart card body that adheres to ISO/IEC specifications for Integrated Circuit Chip (ICC) based identification cards. The module consists of the chip (ICC), the contact faceplate, the contactless faceplate, and the electronic connectors between the chip and contact pad/antenna, all contained within an epoxy substrate." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2337", "Certificate Number": "2337", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung Kernel Cryptographic Module", "Module Type": "Software", "Validation Date": "03/16/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2337.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2337", "detail_available": true, "module_name": "Samsung Kernel Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Provides general purpose cryptographic services to services in the Linux kernel and user-space applications, intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2336", "Certificate Number": "2336", "Vendor Name": "3e Technologies International, Inc.", "Module Name": "3e-636M-HSE CyberFence Cryptographic Module", "Module Type": "Hardware", "Validation Date": "03/11/201503/29/201605/27/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2336.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2336", "detail_available": true, "module_name": "3e-636M-HSE CyberFence Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 9 and operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "3e-636-HSE module provides high speed low latency dedicated Layer 2 data encryption for enhanced network security and performance. It supports multiple VLANs with bypass mode. Each VLAN uses its own data encryption key for data privacy and per data packet integrity." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2335", "Certificate Number": "2335", "Vendor Name": "Dell, Inc.", "Module Name": "Dell W-AP92, W-AP93, W-AP104, W-AP105, and W-AP175 Wireless Access Points with Dell AOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "03/11/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2335.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2335", "detail_available": true, "module_name": "Dell W-AP92, W-AP93, W-AP104, W-AP105, and W-AP175 Wireless Access Points with Dell AOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Dell W-Series 802.11n wireless access points offer the highest performance for mobile devices. In FIPS 140-2 mode, W-Series APs in conjunction with a Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. W-Series APs also support wireless intrusion detection/prevention services and wireless mesh topologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2334", "Certificate Number": "2334", "Vendor Name": "Dell, Inc.", "Module Name": "Dell W-IAP155 and W-IAP155P Wireless Access Points with Dell AOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "03/05/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2334.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2334", "detail_available": true, "module_name": "Dell W-IAP155 and W-IAP155P Wireless Access Points with Dell AOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Dell W-Series 802.11ac Wi-Fi access points operate at gigabit speeds, offering extreme performance for mobile devices. In FIPS 140-2 mode, W-Series APs in conjunction with a Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. W-Series APs also support wireless intrusion detection/prevention services and wireless mesh topologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2333", "Certificate Number": "2333", "Vendor Name": "Toshiba Corporation", "Module Name": "Toshiba TCG Enterprise SSC Self-Encrypting Hard Disk Drive", "Module Type": "Hardware", "Validation Date": "03/03/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2333.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2333", "detail_available": true, "module_name": "Toshiba TCG Enterprise SSC Self-Encrypting Hard Disk Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Toshiba TCG Enterprise SSC Self-Encrypting Hard Disk Drive is used for hard disk drive data security. This Cryptographic Module (CM) provides various cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, cryptographic erase, independently protected user data LBA bands, and FW download." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2332", "Certificate Number": "2332", "Vendor Name": "WatchGuard Technologies, Inc.", "Module Name": "XTM 850 [1], XTM 860 [2], XTM 870 [3], XTM 870-F [4], XTM 1520 [5], XTM 1520-RP [6], XTM 1525 [7], XTM 1525-RP [8], XTM 2520 [9]", "Module Type": "Hardware", "Validation Date": "03/03/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2332.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2332", "detail_available": true, "module_name": "XTM 850 [1], XTM 860 [2], XTM 870 [3], XTM 870-F [4], XTM 1520 [5], XTM 1520-RP [6], XTM 1525 [7], XTM 1525-RP [8], XTM 2520 [9]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "WatchGuard® XTM Extensible Threat Management appliances are built for enterprise-grade performance with blazing throughput and numerous connectivity options. Advanced networking features include clustering, high availability (active/active), VLAN support, multi-WAN load balancing and enhanced VoIP security, plus inbound and outbound HTTPS inspection, to give the strong security enterprises need." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2331", "Certificate Number": "2331", "Vendor Name": "Sony Corporation", "Module Name": "Aspen", "Module Type": "Hardware", "Validation Date": "03/03/201505/08/201512/15/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2331.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2331", "detail_available": true, "module_name": "Aspen", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The primary purpose of the Aspen is to provide decryption, decoding/encoding of audio/video data for the digital cinema projector system in which it is being employed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2330", "Certificate Number": "2330", "Vendor Name": "Protegrity USA Inc.", "Module Name": "Protegrity Cryptographic Module", "Module Type": "Software", "Validation Date": "03/03/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2330.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2330", "detail_available": true, "module_name": "Protegrity Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Protegrity Cryptographic Module is a software module that provides FIPS validated cryptographic services for Protegrity Data Security products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2329", "Certificate Number": "2329", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "02/12/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2329.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2329", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2328", "Certificate Number": "2328", "Vendor Name": "Zebra Technologies Corporation", "Module Name": "Fusion Wireless LAN Cryptographic Module for WM/CE", "Module Type": "Software-Hybrid", "Validation Date": "02/10/201502/19/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2328.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2328", "detail_available": true, "module_name": "Fusion Wireless LAN Cryptographic Module for WM/CE", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "The Fusion module secures the WLAN radio for numerous deviceson the Windows Mobile and CE operating systems. These devices are used for business process automation applications in a number of vertical markets like retail, manufacturing, transportation, health and government.", "algorithms": [ "AES", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2327", "Certificate Number": "2327", "Vendor Name": "Giesecke+Devrient Mobile Security GmbH", "Module Name": "Sm@rtCafé Expert 7.0", "Module Type": "Hardware", "Validation Date": "02/10/201507/03/201708/04/201703/07/201801/21/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2327.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2327", "detail_available": true, "module_name": "Sm@rtCafé Expert 7.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Sm@rtCafé Expert 7.0 is a Smart Card based on Java Card and GlobalPlatform Technology. Sm@rtCafé Expert 7.0 conforms to Java Card Classic Platform Specification 3.0.4 and GlobalPlatform Card Specification Version 2.2.1 supporting Secure Channel Protocol 03, Card Specification V2.2 Amendment D. The product is suitable for government and corporate identification, payment and banking, health care, and authentication", "algorithms": [ "DES", "DRBG" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2326", "Certificate Number": "2326", "Vendor Name": "HGST, a Western Digital company", "Module Name": "HGST Ultrastar C10K1800 TCG Enterprise HDDs", "Module Type": "Hardware", "Validation Date": "02/10/201503/13/201507/23/201511/19/201511/27/201501/28/201604/19/201612/19/201602/23/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2326.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2326", "detail_available": true, "module_name": "HGST Ultrastar C10K1800 TCG Enterprise HDDs", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "HGST Self-Encrypting Drives implement TCG Storage specifications, and meet or exceed the most demanding performance and security requirements. The Ultrastar C10K1800 series are 12Gbs SAS, TCG Enterprise HDDs." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2325", "Certificate Number": "2325", "Vendor Name": "Sony Corporation", "Module Name": "Aspen", "Module Type": "Hardware", "Validation Date": "02/06/201505/08/201512/15/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2325.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2325", "detail_available": true, "module_name": "Aspen", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Aspen is a hardware security module that provides decryption, decoding/encoding of audio/video data for the digital cinema projector system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2324", "Certificate Number": "2324", "Vendor Name": "Curtiss-Wright", "Module Name": "CCA-685 Secure Router", "Module Type": "Hardware", "Validation Date": "02/06/201512/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2324.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2324", "detail_available": true, "module_name": "CCA-685 Secure Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The CCA-685 Secure Router is used for strong security in the embedded defense and aerospace industries. It supports industry standard encryption algorithms used in IPSec/VPN/IKE/PKI and other networking standards. Including H/W accelerated AES bulk encryption.", "algorithms": [ "AES", "CVL", "DES", "DSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2323", "Certificate Number": "2323", "Vendor Name": "Palo Alto Networks", "Module Name": "PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series and PA-7050 Firewalls", "Module Type": "Hardware", "Validation Date": "02/05/201503/13/201512/07/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2323.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2323", "detail_available": true, "module_name": "PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series and PA-7050 Firewalls", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Palo Alto Networks PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series and PA-7050 firewalls are multi-chip standalone modules that provide network security by enabling enterprises to see and control applications, users, and content using three unique identification technologies: App-ID, User-ID, and Content-ID. These identification technologies enable enterprises to create business-relevant security polices - safely enabling organizations to adopt new applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2322", "Certificate Number": "2322", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "VDX 6710, VDX 6720, VDX 6730, VDX 6740, VDX 6740T and VDX 8770 Switches", "Module Type": "Hardware", "Validation Date": "02/02/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2322.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2322", "detail_available": true, "module_name": "VDX 6710, VDX 6720, VDX 6730, VDX 6740, VDX 6740T and VDX 8770 Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident labels installed and with the configurations in Tables 2, 3, 4, 5, 6 and 7 as defined in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Brocade VDX 8770 Switch is designed to scale out Brocade VCS fabrics and support complex environments with dense virtualization and dynamic automation requirements. The VDX 6710, VDX 6720, VDX 6730 are Gigabit Ethernet routing switches that provides secure network services and network management. The Brocade VDX 6740 and VDX 6740T are a next generation fixed form factor VCS enabled 10 Gb/40 Gb Ethernet fabric switch for ToR fabric deployments.", "algorithms": [ "AES", "DES", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2321", "Certificate Number": "2321", "Vendor Name": "Dell, Inc.", "Module Name": "Dell W-7200 Series Controllers with Dell AOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "01/28/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2321.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2321", "detail_available": true, "module_name": "Dell W-7200 Series Controllers with Dell AOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Dell W-Series family of Mobility Controllers are network infrastructure devices providing secure, scalable solutions for enterprise Wi-Fi, network security policy enforcement, VPN services, and wireless intrusion detection and prevention. Mobility controllers serve as central points of authentication, encryption, access control, and network coordination for all mobile network services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2320", "Certificate Number": "2320", "Vendor Name": "Kingston Technology Company, Inc.", "Module Name": "IronKey S1000", "Module Type": "Hardware", "Validation Date": "01/28/201502/13/201503/08/201605/26/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2320.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2320", "detail_available": true, "module_name": "IronKey S1000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "Files distributed with the module mounted within the internal CD Drive are excluded from validation", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "IronKey S1000 is a Secure USB 3.0 drive with 256-bit AES hardware encryption and PKI operations combined with strong, built-in password protection capabilities and a tamper-resistant metal housing to help you control user access to desktops, sensitive data and critical applications. IronKey S1000 allows enterprise class device management features like policy updates, password recovery and remote kill features." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2319", "Certificate Number": "2319", "Vendor Name": "Forcepoint", "Module Name": "Forcepoint NGFW Cryptographic Library", "Module Type": "Software", "Validation Date": "01/28/201510/17/201710/26/201711/06/201703/14/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2319.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2319", "detail_available": true, "module_name": "Forcepoint NGFW Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Forcepoint NGFW Cryptographic Library is a software module that provides cryptographic services required by the Forcepoint NGFW product." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2318", "Certificate Number": "2318", "Vendor Name": "Symantec Corporation", "Module Name": "Symantec DLP Cryptographic Module", "Module Type": "Software", "Validation Date": "01/28/201506/28/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2318.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2318", "detail_available": true, "module_name": "Symantec DLP Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The module, the Symantec DLP Cryptographic Module Version 1.0, is a software shared library that provides cryptographic services required by the Symantec Data Loss Prevention solution.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2317", "Certificate Number": "2317", "Vendor Name": "Seagate Technology LLC", "Module Name": "Seagate Secure® TCG Enterprise SSC Self-Encrypting Drives FIPS 140 Module", "Module Type": "Hardware", "Validation Date": "01/21/201502/13/201503/13/201505/08/201506/09/201507/23/201509/30/201512/22/201501/04/201604/19/201606/03/201607/27/201610/13/201612/02/201612/20/201603/13/201704/03/201706/22/201709/11/201712/01/201703/22/201809/17/201812/04/201803/25/201906/06/201909/30/201911/17/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2317.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2317", "detail_available": true, "module_name": "Seagate Secure® TCG Enterprise SSC Self-Encrypting Drives FIPS 140 Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Seagate Secure® TCG Enterprise SSC Self-Encrypting Drives FIPS 140 Module is embodied in Seagate Enterprise Capacity® HDD v4 Self-Encrypting Drives model disk drives. These products meet the performance requirements of the most demanding Enterprise applications. The cryptographic module (CM) provides a wide range of cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, instantaneous user data disposal with cryptographic erase, independently controlled and protected user data LBA bands and authenticated FW download.", "algorithms": [ "AES", "DRBG", "HMAC", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2316", "Certificate Number": "2316", "Vendor Name": "Cavium Networks", "Module Name": "NITROX XL 1600-NFBE HSM Family", "Module Type": "Hardware", "Validation Date": "01/21/201507/23/201512/04/201506/10/201606/24/201603/29/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2316.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2316", "detail_available": true, "module_name": "NITROX XL 1600-NFBE HSM Family", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The NITROX XL 1600-NFBE HSM adapter family delivers the world's fastest FIPS 140-2 Level 3 Hardware Security Module (HSM) with PCIe Gen 2.0. The NITROX XL family of adapters offers up to 9000 RSA 2k-bit operations per second and 5 Gbps of bulk crypto." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2315", "Certificate Number": "2315", "Vendor Name": "Software House, a brand of Tyco Security Products", "Module Name": "iSTAR Ultra Door Controller", "Module Type": "Hardware", "Validation Date": "01/15/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2315.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2315", "detail_available": true, "module_name": "iSTAR Ultra Door Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The iSTAR Ultra door controller is a powerful IP-edge access control device that provides a strong feature set for securing doors. The iSTAR Ultra controls up to 32 doors. The iSTAR Ultra records, encrypts, and stores all granted access events as well as alarm events of any unauthorized entry. The iSTAR Ultra can be deployed individually or in clusters. The iSTAR Ultra features strong 256-bit AES network encryption between the controller and host, and between controllers within a cluster." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2314", "Certificate Number": "2314", "Vendor Name": "Proofpoint Inc.", "Module Name": "Proofpoint Security Library", "Module Type": "Software", "Validation Date": "01/13/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2314.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2314", "detail_available": true, "module_name": "Proofpoint Security Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The module is a C++ language cryptographic component to be used by the various Proofpoint security products. The module is designed to meet Level 1 requirements of FIPS 140-2 standard. The module is a cryptographic library that provides a variety of cryptographic services (both approved as well as non-approved). The module can be executed on any general-purpose PC running Cent OS 5." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2313", "Certificate Number": "2313", "Vendor Name": "Oracle Corporation", "Module Name": "Acme Packet 4500", "Module Type": "Hardware", "Validation Date": "01/09/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2313.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2313", "detail_available": true, "module_name": "Acme Packet 4500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Acme Packet 4500 is a one rack unit (1U) platform that feature Oracle’s purpose-built hardware design tightly integrated with Acme Packet OS, to provide the critical controls for delivering trusted, real-time communications -- voice, video, and application data sessions -- across Internet Protocol (IP) network borders.", "algorithms": [ "AES", "DES", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2312", "Certificate Number": "2312", "Vendor Name": "Oracle Corporation", "Module Name": "Acme Packet 3820", "Module Type": "Hardware", "Validation Date": "01/09/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2312.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2312", "detail_available": true, "module_name": "Acme Packet 3820", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Acme Packet 3820 is a one rack unit (1U) platform that feature Oracle’s purpose-built hardware design tightly integrated with Acme Packet OS, to provide the critical controls for delivering trusted, real-time communications -- voice, video, and application data sessions -- across Internet Protocol (IP) network borders.", "algorithms": [ "AES", "DES", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2311", "Certificate Number": "2311", "Vendor Name": "SecuTech Solutions PTY LTD", "Module Name": "UniMate USB/TRRS PKI Token", "Module Type": "Hardware", "Validation Date": "01/09/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2311.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2311", "detail_available": true, "module_name": "UniMate USB/TRRS PKI Token", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The UniMate USB/TRRS (Audio Port) PKI token is a hardware cryptographic module. It provides digital signature generation/verification for online authentications and data encryption/decryption for online transactions. The user's private and public key pairs can be generated and stored on the embedded chip within the UniMate cryptographic module. The private key can never be exported. UniMate provides the USB interface and audio port (TRRS) that can connect the module to a computer and smart mobile device. The UniMate implements type A USB 1.1 specifications and USB CCID protocol." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2310", "Certificate Number": "2310", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade® FCX 624/648, ICX ™ 6610, ICX 6450, ICX 6650, ICX 7750 and SX 800/1600 Series", "Module Type": "Hardware", "Validation Date": "01/08/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2310.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2310", "detail_available": true, "module_name": "Brocade® FCX 624/648, ICX ™ 6610, ICX 6450, ICX 6650, ICX 7750 and SX 800/1600 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed and with the configurations in Tables 4, 12 and 13 as defined in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FastIron SX series chassis devices are modular switches that provide the enterprise network with a complete end-to-end Enterprise LAN solution. The ICX 6610 series is an access layer Gigabit Ethernet switch designed from the ground up for the enterprise data center environment. Brocade ICX 6450 switches provide enterprise-class stackable LAN switching solutions to meet the growing demands of campus networks. The Brocade ICX 6650 Switch is a compact Ethernet switch that delivers industry-leading 10/40 GbE density, and the Brocade ICX 7750 is a 10/40 GbE Ethernet switch.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2309", "Certificate Number": "2309", "Vendor Name": "Software House, a brand of Tyco Security Products", "Module Name": "iSTAR Edge Door Controller", "Module Type": "Hardware", "Validation Date": "01/13/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2309.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2309", "detail_available": true, "module_name": "iSTAR Edge Door Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The iSTAR Edge door controller is a powerful IP-edge access control device that provides a strong feature set for securing doors. The iSTAR Edge controls up to four doors. The iSTAR Edge records, encrypts, and stores all granted access events as well as alarm events of any unauthorized entry. The iSTAR Edge can be deployed individually or in clusters. The iSTAR Edge features strong 256-bit AES network encryption between the controller and host, and between controllers within a cluster." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2308", "Certificate Number": "2308", "Vendor Name": "SAP AG", "Module Name": "SAP NW SSO 2.0 Secure Login Library Crypto Kernel", "Module Type": "Software", "Validation Date": "01/06/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2308.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2308", "detail_available": true, "module_name": "SAP NW SSO 2.0 Secure Login Library Crypto Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SAP NW SSO 2.0 Secure Login Library Crypto Kernel v2.0.0.1.32 is a shared library, i.e. it consists of software only. SAP NW SSO 2.0 Secure Login Library Crypto Kernel provides an API in terms of C++ methods for key management and operation of cryptographic functions.", "algorithms": [ "DES", "DSA", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2307", "Certificate Number": "2307", "Vendor Name": "Kingston Technology Company, Inc.", "Module Name": "DataTraveler DT4000 G2 Series USB Flash Drive", "Module Type": "Hardware", "Validation Date": "01/06/201511/20/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2307.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2307", "detail_available": true, "module_name": "DataTraveler DT4000 G2 Series USB Flash Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Kingston's DataTraveler DT4000 G2 Series USB Flash Drive is assembled in the US for organizations that require a secure way to store and transfer portable data. The stored data is secured by hardware-based AES-256 encryption to guard sensitive information in case the drive is lost or stolen." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2306", "Certificate Number": "2306", "Vendor Name": "3e Technologies International, Inc.", "Module Name": "3e-945 AirGuard iMesh Wireless Gateway Cryptographic Module", "Module Type": "Hardware", "Validation Date": "01/06/201506/03/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2306.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2306", "detail_available": true, "module_name": "3e-945 AirGuard iMesh Wireless Gateway Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "3e-945 AirGuard iMesh Wireless Gateway Cryptographic Module provides secured ISA 100.11a wireless communication services. Acting as industrial access point, it enables connectivity between remote field devices to securely relay process monitoring, automation, and network data securely back to the network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2305", "Certificate Number": "2305", "Vendor Name": "Barco n.v.", "Module Name": "Barco ICMP", "Module Type": "Hardware", "Validation Date": "12/24/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2305.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2305", "detail_available": true, "module_name": "Barco ICMP", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Barco digital cinema image and DCI media processing module.", "algorithms": [ "AES", "CVL", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2304", "Certificate Number": "2304", "Vendor Name": "Accellion, Inc.", "Module Name": "Accellion kiteworks Cryptographic Module", "Module Type": "Software", "Validation Date": "12/24/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2304.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2304", "detail_available": true, "module_name": "Accellion kiteworks Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Accellion kiteworks Cryptographic Module is a key component of Accellion's kiteworks product that enables enterprises to securely share and transfer files. Extensive tracking and reporting tools allow compliance with SOX, HIPAA, FDA and GLB regulations while providing enterprise grade security and ease of use." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2303", "Certificate Number": "2303", "Vendor Name": "Oberthur Technologies", "Module Name": "ID-One PIV-C on Cosmo V8", "Module Type": "Hardware", "Validation Date": "12/24/201403/15/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2303.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2303", "detail_available": true, "module_name": "ID-One PIV-C on Cosmo V8", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "ID-One Cosmo V8 is a dual interface (ISO 7816 & ISO 14443) smartcard hardware platform compliant with Javacard 3.0.1 and GlobalPlatform 2.2.1 chip with Built-in PIV application, Opacity Secure messaging and fingerprint On-Card-Comparison (OCC).", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "KAS", "KDF", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2302", "Certificate Number": "2302", "Vendor Name": "SecureMetric Technology Sdn. Bhd.", "Module Name": "ST3 ACE Token", "Module Type": "Hardware", "Validation Date": "01/09/201505/08/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2302.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2302", "detail_available": true, "module_name": "ST3 ACE Token", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "ST3 ACE Token is a USB token containing SECUREMETRIC¦s own SECUREMETRIC-FIPS-COS cryptographic operating system. The SECUREMETRIC -FIPS-COS is embedded in an ST23YT66 Integrated Circuit (IC) chip and has been developed to support SECUREMETRIC¦s USB token. ST3 ACE Token is a secure microprocessor smart chip based USB token that work as a miniature cryptography computer designed for strong 2-Factor Authentication (2FA) and identification to support network login, secure online transaction, digital signatures and sensitive data protection.", "algorithms": [ "AES", "DES", "DRBG", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2301", "Certificate Number": "2301", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "IOS Common Cryptographic Module (IC2M)", "Module Type": "Firmware", "Validation Date": "12/18/201406/12/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2301.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2301", "detail_available": true, "module_name": "IOS Common Cryptographic Module (IC2M)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The IC2M module provides the FIPS validated cryptographic algorithms for services requiring those algorithms. The module does not implement any protocols directly. Instead, it provides the cryptographic primitives and functions to allow IOS to implement those various protocols." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2300", "Certificate Number": "2300", "Vendor Name": "RSA", "Module Name": "RSA BSAFE® Crypto-C Micro Edition", "Module Type": "Software", "Validation Date": "12/16/201412/21/201501/19/201601/22/201602/12/201601/18/201708/11/201701/29/201807/29/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2300.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2300", "detail_available": true, "module_name": "RSA BSAFE® Crypto-C Micro Edition", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When entropy is externally loaded, no assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Crypto-C Micro Edition (ME) Module is RSA, The Security Division of EMC's cryptographic library designed for securing mobile devices like wireless phones and personal digital assistants. It contains assembly-level optimizations on key wireless processors. Its functionality includes a wide range of data encryption and signing algorithms, including Triple-DES, the Advanced Encryption Standard (AES) algorithm, the RSA Public Key Cryptosystem, the DSA government signature algorithm, MD5 and SHA1 message digest routines, and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2299", "Certificate Number": "2299", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "12/15/201403/20/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2299.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2299", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2298", "Certificate Number": "2298", "Vendor Name": "Ultra Electronics AEP", "Module Name": "Advanced Configurable Cryptographic Environment (ACCE) v3 HSM Crypto Module", "Module Type": "Hardware", "Validation Date": "01/08/201505/29/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2298.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2298", "detail_available": true, "module_name": "Advanced Configurable Cryptographic Environment (ACCE) v3 HSM Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 4, "caveat": "When operated in FIPS mode and when installed, initialized and configured as specified in the Security Policy in Appendix A", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Advanced Configurable Cryptographic Environment (ACCE) v3 crypto module offers the next-generation security platform for managing cryptographic keys and protecting sensitive applications. It is used in the Keyper Plus hardware security module (HSM), which is designed for mission-critical applications that demand maximum security. It is ideally suited for companies that need secure key management for PKI certification authorities, registration authorities, OCSP responders, smart card issuers, web servers, DNSSEC and other applications.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2297", "Certificate Number": "2297", "Vendor Name": "Dell Software, Inc.", "Module Name": "SRA EX9000", "Module Type": "Hardware", "Validation Date": "12/12/201404/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2297.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2297", "detail_available": true, "module_name": "SRA EX9000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Mobile enterprises with hundreds or even thousands of mobile users can enjoy secure, easy-to-manage remote access with the Dell SonicWALL Aventail® E-Class Secure Remote Access (SRA) EX9000 appliance. This clientless SSL VPN solution increases user productivity and maximizes IT control by providing authorized access to any application from a broad range of cross-platform devices." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2296", "Certificate Number": "2296", "Vendor Name": "Dell Software, Inc.", "Module Name": "SRA EX6000 and SRA EX7000", "Module Type": "Hardware", "Validation Date": "12/12/201404/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2296.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2296", "detail_available": true, "module_name": "SRA EX6000 and SRA EX7000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Built on Aventail's powerful, proven SSL VPN platform, the Dell SonicWALL Aventail SRA EX6000 and SRA EX7000 appliances provide granular access control for any type of remote access by first detecting the identity and the security of the end point, protecting applications with granular policy based on who the user is and the trust established for the end point used for access, and then connecting authorized employees and business partners effortlessly from a broad range of cross-platform devices only to authorized resources." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2295", "Certificate Number": "2295", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade® DCX, DCX 8510-8, DCX-4S and DCX 8510-4 Backbones, 6510 FC Switch, 6520 FC Switch and 7800 Extension Switch", "Module Type": "Hardware", "Validation Date": "12/12/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2295.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2295", "detail_available": true, "module_name": "Brocade® DCX, DCX 8510-8, DCX-4S and DCX 8510-4 Backbones, 6510 FC Switch, 6520 FC Switch and 7800 Extension Switch", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and when tamper evident labels are installed on the initially built configuration as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Brocade DCX, DCX 8510-8, DCX-4S and DCX 8510-4 Backbones and the 6510 and 6520 Switch provide a reliable, scalable Fibre Channel switching infrastructure with market-leading 16 Gbps technology and capabilities that support demanding, enterprise-class private cloud storage and highly virtualized environments. The Brocade 7800 Extension Switch provides fast, reliable WAN/MAN connectivity for remote data replication, backup, and migration with Fibre Channel and advanced Fibre Channel over IP (FCIP) technology.", "algorithms": [ "AES", "DES", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2294", "Certificate Number": "2294", "Vendor Name": "RSA", "Module Name": "RSA BSAFE® Crypto-C Micro Edition", "Module Type": "Software", "Validation Date": "12/12/201412/21/201501/19/201601/22/201602/12/201601/18/201708/11/201701/29/201807/19/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2294.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2294", "detail_available": true, "module_name": "RSA BSAFE® Crypto-C Micro Edition", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When entropy is externally loaded, no assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Crypto-C Micro Edition (ME) Module is RSA, The Security Division of EMC's cryptographic library designed for securing mobile devices like wireless phones and personal digital assistants. It contains assembly-level optimizations on key wireless processors. Its functionality includes a wide range of data encryption and signing algorithms, including Triple-DES, the Advanced Encryption Standard (AES) algorithm, the RSA Public Key Cryptosystem, the DSA government signature algorithm, MD5 and SHA1 message digest routines, and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2293", "Certificate Number": "2293", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "01/08/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2293.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2293", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2292", "Certificate Number": "2292", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "RFS7000 Series Wireless Controller", "Module Type": "Hardware", "Validation Date": "12/10/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2292.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2292", "detail_available": true, "module_name": "RFS7000 Series Wireless Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The RFS-7000 wireless switch is a highly scalable management platform for managing large multi-site distributed and campus wireless networks. The RFS-7000 can manage networks of AP-7131N, AP-7161 and AP-7181 access points. Additionally, it provides functionality like centralized captive portal, centralized security (firewall, VPN) and high availability.", "algorithms": [ "AES", "DES", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2291", "Certificate Number": "2291", "Vendor Name": "Seagate Technology LLC", "Module Name": "Seagate Secure® TCG Opal SSC Self-Encrypting Drive FIPS 140-2 Module", "Module Type": "Hardware", "Validation Date": "12/10/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2291.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2291", "detail_available": true, "module_name": "Seagate Secure® TCG Opal SSC Self-Encrypting Drive FIPS 140-2 Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Seagate Secure® TCG Opal SSC Self-Encrypting Drive FIPS 140-2 Module is embedded in Seagate Momentus® Thin Self-Encrypting Drives (SEDs). The cryptographic module (CM) provides a wide range of cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, instantaneous user data disposal with cryptographic erase, independently controlled and protected user data LBA ranges, and authenticated FW download. The services are provided through an industry-standard TCG Opal SSC interface.", "algorithms": [ "AES", "DRBG", "HMAC", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2290", "Certificate Number": "2290", "Vendor Name": "Green Hills Software", "Module Name": "INTEGRITY Security Services High Assurance Embedded Cryptographic Toolkit", "Module Type": "Software", "Validation Date": "12/08/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2290.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2290", "detail_available": true, "module_name": "INTEGRITY Security Services High Assurance Embedded Cryptographic Toolkit", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Green Hills Software ISS ECT is a standards-based crypto toolkit providing a flexible framework to integrate encryption, digital signatures and other security mechanisms into a wide range of applications. ISS ECT is designed to support multiple cryptographic providers with a single common API, easily targeted to a variety of Operating Systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2289", "Certificate Number": "2289", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Wireless Access Point AP-7131N-GR", "Module Type": "Hardware", "Validation Date": "12/08/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2289.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2289", "detail_available": true, "module_name": "Wireless Access Point AP-7131N-GR", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The AP-7131-GR 802.11n Wireless Access Point delivers the high throughput, coverage, and resiliency required to build an all-wireless enterprise. The dual radio design provides simultaneous support for high-speed wireless voice and data services, self-healing mesh networking and non-data applications such as Motorola's Wireless IPS.", "algorithms": [ "AES", "DES", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2288", "Certificate Number": "2288", "Vendor Name": "IBM® Corporation", "Module Name": "IBM Security QRadar FIPS Appliance", "Module Type": "Hardware", "Validation Date": "12/03/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2288.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2288", "detail_available": true, "module_name": "IBM Security QRadar FIPS Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "IBM(R) Security QRadar(R) FIPS Appliance consolidates log source event data from thousands of devices endpoints and applications distributed throughout a network. The IBM Security QRadar FIPS Appliance provides a secure platform that meets FIPS 140-2 Level 2 requirements while allowing organizations to meet current and emerging compliance mandates." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2287", "Certificate Number": "2287", "Vendor Name": "McAfee, Inc.", "Module Name": "Network Security Platform Sensor M-1250, M-1450, M-2750, M-2850, M-2950, M-3050, M-4050 and M-6050", "Module Type": "Hardware", "Validation Date": "12/03/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2287.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2287", "detail_available": true, "module_name": "Network Security Platform Sensor M-1250, M-1450, M-2750, M-2850, M-2950, M-3050, M-4050 and M-6050", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2286", "Certificate Number": "2286", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade® MLXe®, Brocade® NetIron® CER 2000 Ethernet Routers and Brocade CES 2000 Routers and Switches", "Module Type": "Hardware", "Validation Date": "12/03/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2286.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2286", "detail_available": true, "module_name": "Brocade® MLXe®, Brocade® NetIron® CER 2000 Ethernet Routers and Brocade CES 2000 Routers and Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident labels installed and with the configurations in Tables 8, 13 and 17 as defined in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Brocade NetIron CER 2000 Series is a family of compact routers that are purpose-built for high-performance Ethernet edge routing and MPLS applications. The Brocade NetIron CES 2000 Series of switches provides IP routing and advanced Carrier Ethernet capabilities in a compact form factor. The Brocade MLXe Series routers feature industry-leading 100 Gigabit Ethernet (GbE), 10 GbE, and 1 GbE wire-speed density.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2285", "Certificate Number": "2285", "Vendor Name": "Ultra Electronics DNE Technologies", "Module Name": "PacketAssure iQ1000", "Module Type": "Hardware", "Validation Date": "12/03/201412/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2285.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2285", "detail_available": true, "module_name": "PacketAssure iQ1000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Ultra Electronics DNE Technologies PacketAssure iQ1000 is a rugged, one 19\" rack unit Service Delivery Management (SDM) network appliance. It integrates IP adaptation for legacy circuit based traffic with high-performance layer-2 IP switching and intelligent IP quality of service, allowing the user to precisely classify/manage their voice, video and data services.", "algorithms": [ "AES", "DSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2284", "Certificate Number": "2284", "Vendor Name": "whiteCryption Corporation", "Module Name": "whiteCryption Secure Key Box 4.6.0 Crypto Module", "Module Type": "Software", "Validation Date": "12/03/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2284.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2284", "detail_available": true, "module_name": "whiteCryption Secure Key Box 4.6.0 Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "whiteCryption Secure Key Box (SKB) is a C/C++ library that provides cryptographic algorithms. SKB's unique white-box implementation is specifically designed to hide and protect cryptographic keys at all times. It allows safe deployment in insecure environments.", "algorithms": [ "AES", "CVL", "DRBG", "ECDH", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2283", "Certificate Number": "2283", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "VDX 6710, VDX 6720, VDX 6730, VDX 6740, VDX 6740T and VDX 8770 Switches", "Module Type": "Hardware", "Validation Date": "12/08/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2283.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2283", "detail_available": true, "module_name": "VDX 6710, VDX 6720, VDX 6730, VDX 6740, VDX 6740T and VDX 8770 Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident labels installed and with the configurations in Tables 2, 3, 4, 5, 6, and 7 as defined in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Brocade VDX 8770 Switch is designed to scale out Brocade VCS fabrics and support complex environments with dense virtualization and dynamic automation requirements. The VDX 6710, VDX 6720, VDX 6730 are Gigabit Ethernet routing switches that provides secure network services and network management. The Brocade VDX 6740 and VDX 6740T are a next generation fixed form factor VCS enabled 10 Gb/40 Gb Ethernet fabric switch for ToR fabric deployments.", "algorithms": [ "AES", "CVL", "DES", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2282", "Certificate Number": "2282", "Vendor Name": "Infotecs", "Module Name": "ViPNet Common Crypto Core", "Module Type": "Software", "Validation Date": "11/14/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2282.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2282", "detail_available": true, "module_name": "ViPNet Common Crypto Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 9", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The ViPNet Common Crypto Core Library is a software library that provides cryptographic services to a number of ViPNet applications such as ViPNet Network Manager, ViPNet Client for Windows, ViPNet Client for Android, ViPNet Coordinator for Windows, ViPNet Coordinator for Linux, ViPNet Coordinator HW/VA. It is available in user space and kernel driver implementations on a wide range of operational systems. User space library and kernel library use the same base source code." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2281", "Certificate Number": "2281", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade® MLXe® and Brocade NetIron® CER 2000 Series Ethernet Routers, Brocade NetIron CES 2000 Series Ethernet Switches", "Module Type": "Hardware", "Validation Date": "11/14/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2281.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2281", "detail_available": true, "module_name": "Brocade® MLXe® and Brocade NetIron® CER 2000 Series Ethernet Routers, Brocade NetIron CES 2000 Series Ethernet Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident labels installed and with the configurations in Tables 8, 13 and 17 as defined in the Security Policy. No assurance of module integrity when operating in non-FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Brocade NetIron CER 2000 Series is a family of compact routers that are purpose-built for high-performance Ethernet edge routing and MPLS applications. These fixed-form routers can store a complete Internet table and are ideal for supporting a wide range of applications in Metro Ethernet, data center, and campus networks. The Brocade NetIron CES 2000 Series of switches provides IP routing and advanced Carrier Ethernet capabilities in a compact form factor. These fixed-form 10 GbE-capable 1U switches offer deep buffers and are ideal for Carrier Ethernet service delivery at the network ed", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "KDF", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2280", "Certificate Number": "2280", "Vendor Name": "Kanguru Solutions", "Module Name": "KDH3000-CM", "Module Type": "Hardware", "Validation Date": "11/14/201407/24/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2280.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2280", "detail_available": true, "module_name": "KDH3000-CM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The module is a ruggedized, opaque, tamper-resistant USB disk encryption/file encryption device that connects to an external general purpose computer (GPC) outside of its cryptographic boundary to service as a secure peripheral storage device for the GPC. The module is a self-contained device that automatically encrypts and decrypts data copied to and from the drive from the externally connected GPC." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2279", "Certificate Number": "2279", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade® FCX 624/648, ICX™ 6610, ICX 6450, ICX 6650 and SX 800/1600 Series", "Module Type": "Hardware", "Validation Date": "11/14/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2279.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2279", "detail_available": true, "module_name": "Brocade® FCX 624/648, ICX™ 6610, ICX 6450, ICX 6650 and SX 800/1600 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident labels installed and with the configurations in Tables 4, 10 and 11 as defined in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FastIron SX series chassis devices are modular switches that provide the enterprise network with a complete end-to-end Enterprise LAN solution. The ICX 6610 series is an access layer Gigabit Ethernet switch designed from the ground up for the enterprise data center environment. Brocade ICX 6450 switches provide enterprise-class stackable LAN switching solutions to meet the growing demands of campus networks. The Brocade ICX 6650 Switch is a compact Ethernet switch that delivers industry-leading 10/40 GbE density.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "KDF", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2278", "Certificate Number": "2278", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 4451-X Integrated Services Router (ISR) (with PVDM4-32, PVDM4-64, PVDM4-128 and PVDM4-256)", "Module Type": "Hardware", "Validation Date": "11/14/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2278.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2278", "detail_available": true, "module_name": "Cisco 4451-X Integrated Services Router (ISR) (with PVDM4-32, PVDM4-64, PVDM4-128 and PVDM4-256)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Integrated Services Routers (ISRs) are routing platforms that provide comprehensive security services including VPN for small businesses, enterprise small branch and teleworkers. The platforms are architected to enable the next phase of branch-office evolution, providing rich media collaboration and virtualization to the branch while offering a wide-range of connectivity options.", "algorithms": [ "AES", "DES", "DRBG", "ECDSA", "HMAC", "KAS", "KDF", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2277", "Certificate Number": "2277", "Vendor Name": "ND SatCom Products GmbH", "Module Name": "SKYWAN Cryptographic Module", "Module Type": "Hardware", "Validation Date": "11/07/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2277.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2277", "detail_available": true, "module_name": "SKYWAN Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "ND SatCom FIPS Module, a multichip embedded hardware engine providing AES256 encryption services for Ethernet & Frame-Relay/Serial data traffic and MF-TDMA control signaling for the ND SatCom SkyWAN 7000 Series Satellite modems. This module provides FIPS 140-2 Level 3 TRANSEC services adding no satellite bandwidth overhead." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2276", "Certificate Number": "2276", "Vendor Name": "Forcepoint", "Module Name": "Forcepoint NGFW Cryptographic Kernel Module", "Module Type": "Software", "Validation Date": "11/07/201410/18/201710/26/201711/06/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2276.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2276", "detail_available": true, "module_name": "Forcepoint NGFW Cryptographic Kernel Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Forcepoint NGFW Cryptographic Kernel Module is a software module that provides cryptographic services required by the Forcepoint NGFW product." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2275", "Certificate Number": "2275", "Vendor Name": "Xirrus, Inc.", "Module Name": "Xirrus XR Series Wi-Fi Products", "Module Type": "Hardware", "Validation Date": "11/04/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2275.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2275", "detail_available": true, "module_name": "Xirrus XR Series Wi-Fi Products", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Wireless networking equipment." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2274", "Certificate Number": "2274", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "VDX 6710, VDX 6720, VDX 6730, VDX 6740, VDX 6740T and VDX 8770 Switches", "Module Type": "Hardware", "Validation Date": "11/10/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2274.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2274", "detail_available": true, "module_name": "VDX 6710, VDX 6720, VDX 6730, VDX 6740, VDX 6740T and VDX 8770 Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in Appendix A of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Brocade VDX 8770 Switch is designed to scale out Brocade VCS fabrics and support complex environments with dense virtualization and dynamic automation requirements. The VDX 6710, VDX 6720, VDX 6730 are Gigabit Ethernet routing switches that provides secure network services and network management. The Brocade VDX 6740 and VDX 6740T are a next generation fixed form factor VCS enabled 10 Gb/40 Gb Ethernet fabric switch for ToR fabric deployments.", "algorithms": [ "AES", "CVL", "DES", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2273", "Certificate Number": "2273", "Vendor Name": "Qualcomm Technologies, Inc.", "Module Name": "QTI Cryptographic Module on Crypto 5 Core", "Module Type": "Software-Hybrid", "Validation Date": "11/04/201402/12/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2273.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2273", "detail_available": true, "module_name": "QTI Cryptographic Module on Crypto 5 Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "This cryptographic module implements block ciphers including AES, Triple-DES, hash functions SHA-1 and SHA-256, Message Authentication Code functions HMAC and CMAC and DRBG 800-90A." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2272", "Certificate Number": "2272", "Vendor Name": "Rambus Inc.", "Module Name": "VaultIP", "Module Type": "Hardware", "Validation Date": "10/24/201405/14/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2272.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2272", "detail_available": true, "module_name": "VaultIP", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "VaultIP is a Silicon IP Security Module which includes a complete set of high- and low-level cryptographic functions. It offers key management and crypto functions needed for platform and application security such as Content Protection and Mobile Payment, and can be used stand-alone or as a 'Root of Trust' to support a TEE-based platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2271", "Certificate Number": "2271", "Vendor Name": "Digicine Oristar Technology Development (Beijing) Co., Ltd.", "Module Name": "AQ42-M", "Module Type": "Hardware", "Validation Date": "10/24/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2271.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2271", "detail_available": true, "module_name": "AQ42-M", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "AQ42-M is a hardware security module that provides decryption, decoding/encoding of audio/video data for the digital cinema projector system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2270", "Certificate Number": "2270", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Optical Networking Solution (ONS) 15454 Multiservice Transport Platforms (MSTPs)", "Module Type": "Hardware", "Validation Date": "10/22/201406/09/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2270.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2270", "detail_available": true, "module_name": "Cisco Optical Networking Solution (ONS) 15454 Multiservice Transport Platforms (MSTPs)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and when tamper evident labels are installed on the initially built configuration as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco ONS 15454 Multiservice Transport Platform (MSTP) is the most deployed metropolitan-area (metro) and regional dense wavelength division multiplexing (DWDM) solution in the world featuring two- through eight-degree reconfigurable optical add/drop multiplexer (ROADM) technology that enables wavelength provisioning across entire networks and eliminates the need for optical-to-electrical-to-optical (OEO) transponder conversions.", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "KDF", "RSA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2269", "Certificate Number": "2269", "Vendor Name": "Globo Plc", "Module Name": "Globo Plc Server Cryptographic Module", "Module Type": "Software", "Validation Date": "10/16/201412/31/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2269.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2269", "detail_available": true, "module_name": "Globo Plc Server Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Globo Plc Server Cryptographic Module provides cryptographic functions for server-side component of enterprise mobility products from Globo Plc.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2268", "Certificate Number": "2268", "Vendor Name": "Globo Plc", "Module Name": "Globo Plc Mobile Cryptographic Module", "Module Type": "Software", "Validation Date": "10/16/201412/31/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2268.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2268", "detail_available": true, "module_name": "Globo Plc Mobile Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Globo Plc Mobile Cryptographic Module provides cryptographic functions for mobile components of enterprise mobility products from Globo Plc.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2267", "Certificate Number": "2267", "Vendor Name": "Yubico Inc.", "Module Name": "Yubico YubiKey Standard and YubiKey Nano", "Module Type": "Hardware", "Validation Date": "10/14/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2267.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2267", "detail_available": true, "module_name": "Yubico YubiKey Standard and YubiKey Nano", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The YubiKey and YubiKey Nano are two-factor authentication devices supporting OATH-HOTP as well as the Yubico OTP algorithm. The devices are connected via the USB ports and emulate a generic USB keyboard to allow a true driver-less installation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2266", "Certificate Number": "2266", "Vendor Name": "Digicine Oristar Technology Development (Beijing) Co., Ltd.", "Module Name": "CHN-II", "Module Type": "Hardware", "Validation Date": "10/10/201404/17/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2266.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2266", "detail_available": true, "module_name": "CHN-II", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Oristar's Integrated Media Block (IMB) product with its model number CHN-II supports 2K/4K JPEG-2000 image decoding for theatrical playback in Digital Cinemas." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2265", "Certificate Number": "2265", "Vendor Name": "HealthStackIO Inc.", "Module Name": "HealthStackIO Platform Cryptographic Module", "Module Type": "Software", "Validation Date": "10/10/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2265.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2265", "detail_available": true, "module_name": "HealthStackIO Platform Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Cryptographic layer for HealthStackIO platform", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2264", "Certificate Number": "2264", "Vendor Name": "HGST, a Western Digital company", "Module Name": "HGST Ultrastar C15K600 TCG Enterprise HDDs", "Module Type": "Hardware", "Validation Date": "10/10/201402/20/201508/07/201504/04/201612/19/201602/23/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2264.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2264", "detail_available": true, "module_name": "HGST Ultrastar C15K600 TCG Enterprise HDDs", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "HGST Self-Encrypting Drives implement TCG Storage specifications, and meet or exceed the most demanding performance and security requirements. The Ultrastar C15K600 series are 12Gbs SAS, TCG Enterprise HDDs." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2263", "Certificate Number": "2263", "Vendor Name": "Utimaco IS GmbH", "Module Name": "SafeGuard® CryptoServer Se", "Module Type": "Hardware", "Validation Date": "10/07/201405/04/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2263.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2263", "detail_available": true, "module_name": "SafeGuard® CryptoServer Se", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "SafeGuard® CryptoServer Se is an encapsulated, tamper-protected hardware security module which provides secure cryptographic services like encryption or decryption, hashing, signing and verification of data, random number generation, on-board secure key generation, key storage and further key management functions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2262", "Certificate Number": "2262", "Vendor Name": "Toshiba Corporation", "Module Name": "Toshiba TCG Enterprise SSC Self-Encrypting Solid State Drive (PX model)", "Module Type": "Hardware", "Validation Date": "10/01/201401/09/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2262.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2262", "detail_available": true, "module_name": "Toshiba TCG Enterprise SSC Self-Encrypting Solid State Drive (PX model)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Toshiba TCG Enterprise SSC Self-Encrypting Solid State Drive is used for solid state drive data security. This Cryptographic Module (CM) provides various cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, cryptographic erase, independently protected user data LBA bands, and FW download." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2261", "Certificate Number": "2261", "Vendor Name": "CipherCloud, Inc.", "Module Name": "Cryptographic Module for CipherCloud Gateway", "Module Type": "Software", "Validation Date": "10/01/201405/03/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2261.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2261", "detail_available": true, "module_name": "Cryptographic Module for CipherCloud Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Cryptographic Module enables all cryptographic operations performed by the CipherCloud Gateway. The CipherCloud Gateway is a software solution that organizations deploy within their network boundaries or delegate operation to a trusted third party. CipherCloud interfaces with clients (e.g., web browsers, mobile applications, APIs, etc.), and leverages format and operations preserving encryption technology to secure sensitive information in real time, before it's sent to cloud applications (e.g. web servers, API services, databases, etc.), without impacting usability or performance.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2260", "Certificate Number": "2260", "Vendor Name": "Zebra Technologies Corporation", "Module Name": "Fusion Wireless LAN Cryptographic Module for Android", "Module Type": "Software-Hybrid", "Validation Date": "09/30/201408/14/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2260.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2260", "detail_available": true, "module_name": "Fusion Wireless LAN Cryptographic Module for Android", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "The Fusion WLAN cryptomodule secures the WLAN radio for Android Jelly Bean based devices (e.g., MC40, MC67, MC32, and ET1) and Android KitKat based devices (e.g., MC40 and MC92). These devices are used for business process automation applications in a number of vertical markets like retail, manufacturing, transportation, health and government.", "algorithms": [ "AES", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2259", "Certificate Number": "2259", "Vendor Name": "Cavium Networks", "Module Name": "NITROX XL 1600-NFBE HSM Family", "Module Type": "Hardware", "Validation Date": "09/26/201401/11/201703/29/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2259.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2259", "detail_available": true, "module_name": "NITROX XL 1600-NFBE HSM Family", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The FN1620-NFBE2-G HSM adapter delivers the world's fastest FIPS 140-2 Level 3 Hardware Security Module (HSM) with PCIe Gen 2.0 via an SFF-8639 connector. The adapter offers up to 30,000 RSA operations per second and 5 Gbps of bulk crypto performance and is certified to the stringent US Government security standards. This FIPS family delivers an unmatched solution to the increasing performance, cryptographic and time to market requirements of the financial, government and healthcare vertical markets." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2258", "Certificate Number": "2258", "Vendor Name": "Senetas Corporation Ltd. and SafeNet Inc.", "Module Name": "CS Series Encryptors", "Module Type": "Hardware", "Validation Date": "09/23/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2258.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2258", "detail_available": true, "module_name": "CS Series Encryptors", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The CS Series is a high performance encryption platform designed to secure data transmitted over 10 and 100Mbps Ethernet networks. The CS10 is a cost-effective, small form factor, encryptor for branch or remote office applications. The CS100 is a 19' rack mounted device suitable for point to point or multipoint connections and is ideally suited for central office operations. SafeNet, Inc. makes Senetas products available globally under a master distribution agreement and are co-branded as such." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2257", "Certificate Number": "2257", "Vendor Name": "Blue Coat® Systems, Inc.", "Module Name": "ProxySG S500-10 [1] and S500-20 [2]", "Module Type": "Hardware", "Validation Date": "09/22/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2257.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2257", "detail_available": true, "module_name": "ProxySG S500-10 [1] and S500-20 [2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and the opacity baffle installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Blue Coat ProxySG physical and virtual appliances are the core of the Blue Coat’s Unified Security and Optimization solutions for business assurance. The appliances offer complete security and control of web traffic, providing rich policy constructs for threat protection, SSL traffic, authentication, filtering, data loss prevention and logging capabilities. The appliances also optimize web and internal application traffic through caching, bandwidth management, stream splitting, and protocol optimization for data, video, cloud and web applications.", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2256", "Certificate Number": "2256", "Vendor Name": "Blue Coat® Systems, Inc.", "Module Name": "ProxySG S400-20 [1], S400-30 [2] and S400-40 [3]", "Module Type": "Hardware", "Validation Date": "09/22/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2256.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2256", "detail_available": true, "module_name": "ProxySG S400-20 [1], S400-30 [2] and S400-40 [3]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and the opacity baffle installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Blue Coat ProxySG physical and virtual appliances are the core of the Blue Coat’s Unified Security and Optimization solutions for business assurance. The appliances offer complete security and control of web traffic, providing rich policy constructs for threat protection, SSL traffic, authentication, filtering, data loss prevention and logging capabilities. The appliances also optimize web and internal application traffic through caching, bandwidth management, stream splitting, and protocol optimization for data, video, cloud and web applications.", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2255", "Certificate Number": "2255", "Vendor Name": "Blue Coat® Systems, Inc.", "Module Name": "Secure Web Gateway Virtual Appliance-V100", "Module Type": "Software", "Validation Date": "09/22/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2255.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2255", "detail_available": true, "module_name": "Secure Web Gateway Virtual Appliance-V100", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Blue Coat ProxySG physical and virtual appliances are the core of the Blue Coat’s Unified Security and Optimization solutions for business assurance. The appliances offer complete security and control of web traffic, providing rich policy constructs for threat protection, SSL traffic, authentication, filtering, data loss prevention and logging capabilities. The appliances also optimize web and internal application traffic through caching, bandwidth management, stream splitting, and protocol optimization for data, video, cloud and web applications.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2254", "Certificate Number": "2254", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle StorageTek T10000D Tape Drive", "Module Type": "Hardware", "Validation Date": "09/22/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2254.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2254", "detail_available": true, "module_name": "Oracle StorageTek T10000D Tape Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The protocol SSH shall not be used when operated in the FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Oracle StorageTek T10000D Tape Drive blends the highest capacity, performance, reliability, and data security to support demanding, 24/7 data center operations. The StorageTek T10000D Tape Drive delivers the world's fastest write speeds up to 8.5 TB of magnetic tape storage; making it ideal for data center operations with growing volumes. Designed for maximum performance, the drive allows the use of multiple keys per tape with a cache memory to minimize the overhead of key transmission. Works seamlessly with the Oracle Key Manager to provide a secure end-to-end management solution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2253", "Certificate Number": "2253", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Nexus 7000 Series Switches", "Module Type": "Hardware", "Validation Date": "09/22/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2253.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2253", "detail_available": true, "module_name": "Nexus 7000 Series Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Nexus 7000 is a highly scalable in the Data Center end-to-end 10 Gigabit Ethernet switch for mission-critical data center operations. The fabric architecture scales beyond 15 terabits per second (Tbps), with support for 40-Gbps and 100-Gbps Ethernet. Powered by Cisco NX-OS, a state of the art modular operating system, the platform is designed for exceptional scalability, continuous system operation, serviceability, and transport flexibility." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2252", "Certificate Number": "2252", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Nexus 7700 Series Switches", "Module Type": "Hardware", "Validation Date": "09/22/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2252.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2252", "detail_available": true, "module_name": "Nexus 7700 Series Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Nexus 7700 Switches are the latest extension to the Cisco Nexus 7700 Series modular switches. With more than 83 terabits per second (Tbps) of overall switching capacity, the Cisco Nexus 7700 Switches delivers the highest-capacity 10, 40, and 100 Gigabit Ethernet ports in the industry, with up to 768 native 10-Gbps ports, 384 40-Gbps ports, or 192 100-Gbps ports. This high system capacity is designed to meet the scalability requirements of the largest cloud environments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2251", "Certificate Number": "2251", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Key Variable Loader (KVL) 4000 PIKE2", "Module Type": "Hardware", "Validation Date": "09/22/201401/26/201601/30/201706/29/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2251.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2251", "detail_available": true, "module_name": "Key Variable Loader (KVL) 4000 PIKE2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The KVL 4000 PIKE2 provides security services for the KVL 4000. The KVL 4000 is a portable key distribution device that consists of a Personal Digital Assistant (PDA) and Security Adapter that connects to the PDA." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2250", "Certificate Number": "2250", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Key Variable Loader (KVL) 4000 PIKE2", "Module Type": "Hardware", "Validation Date": "09/22/201401/25/201601/30/201706/29/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2250.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2250", "detail_available": true, "module_name": "Key Variable Loader (KVL) 4000 PIKE2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The KVL 4000 PIKE2 provides security services for the KVL 4000. The KVL 4000 is a portable key distribution device that consists of a Personal Digital Assistant (PDA) and Security Adapter that connects to the PDA." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2249", "Certificate Number": "2249", "Vendor Name": "Comtech Mobile Datacom Corporation", "Module Name": "Comtech Mobile Datacom Corporation Cryptographic Library (libcmscrypto)", "Module Type": "Software", "Validation Date": "09/22/201410/11/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2249.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2249", "detail_available": true, "module_name": "Comtech Mobile Datacom Corporation Cryptographic Library (libcmscrypto)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "libcmscrypto is a library implemented in the Comtech Mobile Datacom Corp. products and provides the basic cryptographic functionality that includes Advanced Encryption Standard (AES) algorithm, SHA1 message digest, HMAC SHA-1 Keyed-Hash message authentication code, and Triple-DES.", "algorithms": [ "AES", "DES", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2248", "Certificate Number": "2248", "Vendor Name": "Accellion, Inc.", "Module Name": "Accellion Cryptographic Module", "Module Type": "Software", "Validation Date": "09/19/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2248.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2248", "detail_available": true, "module_name": "Accellion Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Accellion Cryptographic Module is a key component of Accellion's secure collaboration solution that enables enterprises to securely share and transfer files. Extensive tracking and reporting tools allow compliance with SOX, HIPAA, FDA and GLB regulations while providing enterprise grade security and ease of use." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2247", "Certificate Number": "2247", "Vendor Name": "NXP Semiconductors", "Module Name": "NXP JCOP 2.4.2 R3", "Module Type": "Hardware", "Validation Date": "09/15/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2247.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2247", "detail_available": true, "module_name": "NXP JCOP 2.4.2 R3", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Single Chip Module with NXP Secure Smart Card Controller of P5CD081 Family. P5CD081 Family comprises: P5CD145 V0A, P5CC145 V0A, P5CN145 V0A, P5CD128 V0A, P5CC128 V0A, P5CD081 V1A, P5CC081 V1A, P5CN081 V1A, P5CD051 V1A, P5CD041 V1A, P5CD021 V1A, P5CD016 V1A, P5CD145 V0B, P5CC145 V0B, and P5CD081 V1D.", "algorithms": [ "AES", "CVL", "DES", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2246", "Certificate Number": "2246", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ASA Service Module (SM)", "Module Type": "Hardware", "Validation Date": "09/12/201410/23/201401/15/201606/29/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2246.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2246", "detail_available": true, "module_name": "Cisco ASA Service Module (SM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA Service Module (SM) Adaptive Security Appliance provides comprehensive security, performance, and reliability for network environments of all sizes.", "algorithms": [ "AES", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2245", "Certificate Number": "2245", "Vendor Name": "EF Johnson Technologies", "Module Name": "Subscriber Encryption Module", "Module Type": "Hardware", "Validation Date": "09/10/201404/24/201804/30/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2245.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2245", "detail_available": true, "module_name": "Subscriber Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The EFJohnson Subscriber Encryption Module (SEM) is a cryptographic module meeting FIPS 140-2, Level 1 requirements. The SEM provides Subscriber Equipment, such as the EFJohnson Technology VP600 series radio with secure encrypted voice communication. The SEM supports AES, RSA, HMAC, DRBG and SHA-256 FIPS Approved algorithms for voice communication and protection of its firmware. The SEM can be implemented into any Subscriber Equipment requiring FIPS 140-2, Level 1 security.", "algorithms": [ "AES", "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2244", "Certificate Number": "2244", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 5921 Embedded Services Router (ESR)", "Module Type": "Software", "Validation Date": "09/10/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2244.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2244", "detail_available": true, "module_name": "Cisco 5921 Embedded Services Router (ESR)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Cisco ESR 5921 Embedded Services Router is a software product that runs IOS 15.2(4)GC in an x86-based Linux host environment. The binary is a Router application which allows Linux software connections with virtual and physical Linux interfaces on the host hardware. The Cisco 5921 Embedded Services Router provides a secure, manageable device which meets FIPS 140-2 Level 1 requirements.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2243", "Certificate Number": "2243", "Vendor Name": "CybrSecurity Corporation", "Module Name": "GoldKey Security Token Cryptographic Module", "Module Type": "Hardware", "Validation Date": "09/10/201406/03/201906/06/201906/13/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2243.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2243", "detail_available": true, "module_name": "GoldKey Security Token Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Provides cryptographic algorithm implementation for GoldKey Products" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2242", "Certificate Number": "2242", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "X-ES XPedite5205 with Cisco IOS", "Module Type": "Hardware", "Validation Date": "09/10/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2242.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2242", "detail_available": true, "module_name": "X-ES XPedite5205 with Cisco IOS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The X-ES XPedite5205 is a high-performance, ruggedized router. With onboard hardware encryption, the XPedite5205 offloads encryption processing from the router to provide highly secure yet scalable video, voice, and data services for mobile and embedded outdoor networks. The XPedite5205 provide a scalable, secure, manageable remote access server that meets FIPS 140-2 Level 1 requirements. The XPedite5205 Router Card uses industrial-grade components and is optimized for harsh environments that require Cisco IOS Software routing technology.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2241", "Certificate Number": "2241", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 5915 and 5940 Embedded Services Routers", "Module Type": "Hardware", "Validation Date": "09/10/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2241.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2241", "detail_available": true, "module_name": "Cisco 5915 and 5940 Embedded Services Routers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Cisco 5915, 5940 are high-performance, ruggedized routers. With onboard hardware encryption, the Cisco 5915, 5940 offloads encryption processing from the router to provide highly secure yet scalable video, voice, and data services for mobile and embedded outdoor networks. The Cisco 5915, 5940 Embedded Services Routers provide a scalable, secure, manageable remote access server that meets FIPS 140-2 Level 1 requirements. The Cisco 5915, 5940 Router Cards use industrial-grade components and is optimized for harsh environments that require Cisco IOS Software routing technology.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2240", "Certificate Number": "2240", "Vendor Name": "Palo Alto Networks", "Module Name": "PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series and PA-5000 Series Firewalls", "Module Type": "Hardware", "Validation Date": "09/08/201405/18/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2240.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2240", "detail_available": true, "module_name": "PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series and PA-5000 Series Firewalls", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Palo Alto Networks PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, and PA-5000 Series next-generation firewalls are multi-chip standalone modules that provide network security by enabling enterprises to see and control applications, users, and content using three unique identification technologies: App-ID, User-ID, and Content-ID. This unique ability empowers customers to safely enable applications, make informed decisions on network access, and strengthen network security." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2239", "Certificate Number": "2239", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Core Cryptographic Module (user)", "Module Type": "Software", "Validation Date": "10/16/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2239.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2239", "detail_available": true, "module_name": "McAfee Core Cryptographic Module (user)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The McAfee Core Cryptographic Module provides cryptographic functionality for McAfee's Endpoint Encryption product range." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2238", "Certificate Number": "2238", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise Virtual Appliance for VMware", "Module Type": "Software", "Validation Date": "09/08/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2238.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2238", "detail_available": true, "module_name": "McAfee Firewall Enterprise Virtual Appliance for VMware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and when installed, initialized and configured as specified in the Security Policy Section Secure Operation. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee's Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2237", "Certificate Number": "2237", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise S1104, S2008, S3008, S4016, S5032 and S6032", "Module Type": "Hardware", "Validation Date": "09/08/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2237.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2237", "detail_available": true, "module_name": "McAfee Firewall Enterprise S1104, S2008, S3008, S4016, S5032 and S6032", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and when installed, initialized and configured as specified in the Security Policy Section Secure Operation. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2236", "Certificate Number": "2236", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise 1100F, 2150F and 4150F", "Module Type": "Hardware", "Validation Date": "09/08/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2236.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2236", "detail_available": true, "module_name": "McAfee Firewall Enterprise 1100F, 2150F and 4150F", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and when installed, initialized and configured as specified in the Security Policy Section Secure Operation. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2235", "Certificate Number": "2235", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Email Gateway for Virtual Environments", "Module Type": "Software", "Validation Date": "11/04/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2235.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2235", "detail_available": true, "module_name": "McAfee Email Gateway for Virtual Environments", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "McAfee Email Gateway integrates comprehensive inbound threat protection with outbound data loss prevention, advanced compliance, performance reporting, and simplified administration. By combining local network information with global reputation intelligence from McAfee Global Threat Intelligence, it provides the most complete protection available against inbound threats, spam and malware. Its sophisticated content scanning technologies, multiple encryption techniques, and granular, policy-based message handling prevent outbound data loss and simplify compliance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2234", "Certificate Number": "2234", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Email Gateway L2", "Module Type": "Hardware", "Validation Date": "09/05/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2234.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2234", "detail_available": true, "module_name": "McAfee Email Gateway L2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "McAfee Email Gateway integrates comprehensive inbound threat protection with outbound data loss prevention, advanced compliance, performance reporting, and simplified administration. By combining local network information with global reputation intelligence from McAfee Global Threat Intelligence, it provides the most complete protection available against inbound threats, spam and malware. Its sophisticated content scanning technologies, multiple encryption techniques, and granular, policy-based message handling prevent outbound data loss and simplify compliance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2233", "Certificate Number": "2233", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Email Gateway L1", "Module Type": "Hardware", "Validation Date": "09/05/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2233.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2233", "detail_available": true, "module_name": "McAfee Email Gateway L1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "McAfee Email Gateway integrates comprehensive inbound threat protection with outbound data loss prevention, advanced compliance, performance reporting, and simplified administration. By combining local network information with global reputation intelligence from McAfee Global Threat Intelligence, it provides the most complete protection available against inbound threats, spam and malware. Its sophisticated content scanning technologies, multiple encryption techniques, and granular, policy-based message handling prevent outbound data loss and simplify compliance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2232", "Certificate Number": "2232", "Vendor Name": "Hitachi, Ltd.", "Module Name": "Hitachi Unified Storage Encryption Module", "Module Type": "Hardware", "Validation Date": "09/05/201403/10/201602/07/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2232.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2232", "detail_available": true, "module_name": "Hitachi Unified Storage Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Hitachi Unified Storage Encryption Module provides high speed data at rest encryption for Hitachi storage." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2231", "Certificate Number": "2231", "Vendor Name": "Senetas Corporation Ltd. and SafeNet Inc.", "Module Name": "CN6000 Series Encryptors", "Module Type": "Hardware", "Validation Date": "08/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2231.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2231", "detail_available": true, "module_name": "CN6000 Series Encryptors", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The CN6000 Series is a high-speed hardware encryption platform that secures data over optical and twisted-pair Ethernet and Fibre Channel networks. Models validated are the CN6100 10G Ethernet operating at a line rate of 10Gb/s and the CN6040, Ethernet and FC selectable model operating at data rates up to 4Gb/s. Data privacy is provided by FIPS approved AES CFB and CTR algorithms. GCM is available on the CN6040 for applications that also demand authentication. Additionally TRANSEC transmission security capability can be used to remove patterns from network traffic to prevent traffic analysis." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2230", "Certificate Number": "2230", "Vendor Name": "Aruba a Hewlett Packard Enterprise Company", "Module Name": "Aruba RAP-155 and RAP-155P Wireless Access Points", "Module Type": "Hardware", "Validation Date": "08/28/201403/20/201501/27/201607/06/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2230.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2230", "detail_available": true, "module_name": "Aruba RAP-155 and RAP-155P Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba's 802.11ac Wi-Fi access points operate at gigabit speeds, offering extreme performance for mobile devices. In FIPS 140-2 mode, Aruba APs in conjunction with a Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also support wireless intrusion detection/prevention services and wireless mesh topologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2229", "Certificate Number": "2229", "Vendor Name": "Francotyp-Postalia GmbH", "Module Name": "Postal mRevenector GB 2013", "Module Type": "Hardware", "Validation Date": "08/28/201409/19/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2229.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2229", "detail_available": true, "module_name": "Postal mRevenector GB 2013", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Francotyp-Postalia (FP) is one of the leading global suppliers of mail center solutions. A major component of the business of FP is the development, manufacture and support of postal franking machines (postage meters). These postal franking machines incorporate a postal security device (PSD) that performs all postage meter cryptographic and postal security functions and which protects both Critical Security Parameters (CSPs) and Postal Relevant Data Items (PRDIs) from unauthorized access. The Postal mRevenector GB 2013 is FP’s latest generation of PSD" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2228", "Certificate Number": "2228", "Vendor Name": "Aruba a Hewlett Packard Enterprise Company", "Module Name": "Aruba RAP-5WN Remote Access Point", "Module Type": "Hardware", "Validation Date": "08/28/201403/20/201501/27/201607/06/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2228.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2228", "detail_available": true, "module_name": "Aruba RAP-5WN Remote Access Point", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba's RAP-5WN access point aggregates wired and wireless user traffic and forwards it to an Aruba Mobility Controller through a secure IPsec tunnel, using the public Internet or an optional 3G/4G WWAN service for backhaul. In the FIPS 140-2 mode of operation, Aruba APs in conjunction with the Mobility Controller support the IEEE 802.11i/WPA2 standard along with optional Suite B cryptography for high-assurance applications. Aruba APs also provide wireless intrusion detection/prevention services, support wireless mesh topologies, and have Wi-Fi Alliance certification for IEEE 802.11a/b/g/n." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2227", "Certificate Number": "2227", "Vendor Name": "Aruba a Hewlett Packard Enterprise Company", "Module Name": "Aruba AP-92, AP-93, AP-104, AP-105 and AP-175 Wireless Access Points", "Module Type": "Hardware", "Validation Date": "08/26/201403/20/201501/28/201607/06/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2227.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2227", "detail_available": true, "module_name": "Aruba AP-92, AP-93, AP-104, AP-105 and AP-175 Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba's Wi-Fi access points serve as secure network on-ramps, aggregating wireless user traffic and forwarding it to Aruba's highly secure Mobility Controllers, where per-user role based access controls are applied through an integrated firewall. In FIPS 140-2 Mode, Aruba APs in conjunction with the Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also provide wireless intrusion detection/prevention services, support wireless mesh topologies, and have Wi-Fi Alliance certification for IEEE 802.11a/b/g/n." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2226", "Certificate Number": "2226", "Vendor Name": "Aruba a Hewlett Packard Enterprise Company", "Module Name": "Aruba AP-134 and AP-135 Wireless Access Points", "Module Type": "Hardware", "Validation Date": "08/26/201403/20/201501/29/201607/06/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2226.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2226", "detail_available": true, "module_name": "Aruba AP-134 and AP-135 Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba's Wi-Fi access points serve as secure network on-ramps, aggregating wireless user traffic and forwarding it to Aruba's highly secure Mobility Controllers, where per-user role based access controls are applied through an integrated firewall. In FIPS 140-2 Mode, Aruba APs in conjunction with the Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also provide wireless intrusion detection/prevention services, support wireless mesh topologies, and have Wi-Fi Alliance certification for IEEE 802.11a/b/g/n." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2225", "Certificate Number": "2225", "Vendor Name": "Axway Inc.", "Module Name": "Axway Security Kernel", "Module Type": "Software", "Validation Date": "08/14/201409/12/201404/10/201506/27/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2225.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2225", "detail_available": true, "module_name": "Axway Security Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Axway Security Kernel is a software module that provides all security functionalities for several Axway products including the Axway Validation Authority Suite which is a collection of products that provide flexible and robust OCSP/SCVP certificate validation solution for standard and custom desktop and server applications. The suite supports established security standards and technologies and can be used together or integrated with existing solutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2224", "Certificate Number": "2224", "Vendor Name": "Hewlett Packard®, Enterprise", "Module Name": "Aruba 3000 and 6000/M3 Mobility Controllers with ArubaOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "08/12/201403/20/201501/20/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2224.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2224", "detail_available": true, "module_name": "Aruba 3000 and 6000/M3 Mobility Controllers with ArubaOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy clause \"Installing the Controller\" and the 6000/M3 configured as specified in Security Policy clause \"Minimum Configuration for the Aruba 6000-400\"", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba's family of Mobility Controllers are network infrastructure devices providing secure, scalable solutions for enterprise Wi-Fi, network security policy enforcement, VPN services, and wireless intrusion detection and prevention. Mobility controllers serve as central points of authentication, encryption, access control, and network coordination for all mobile network services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2223", "Certificate Number": "2223", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Core Cryptographic Module (kernel)", "Module Type": "Software", "Validation Date": "08/12/201403/17/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2223.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2223", "detail_available": true, "module_name": "McAfee Core Cryptographic Module (kernel)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The McAfee Core Cryptographic Module provides cryptographic functionality for McAfee's Endpoint Encryption product range." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2222", "Certificate Number": "2222", "Vendor Name": "Senetas Corporation Ltd. and SafeNet Inc.", "Module Name": "CN1000/CN3000 Series Encryptors", "Module Type": "Hardware", "Validation Date": "08/12/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2222.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2222", "detail_available": true, "module_name": "CN1000/CN3000 Series Encryptors", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The CN1000/CN3000 Series is a high-speed hardware encryption platform designed to secure data transmitted over Ethernet, Fibre Channel or SONET/SDH networks. The CN1000 Series supports line rates up to 4.25Gbps while the CN3000 extends the CN Series line rate capability to 10Gbps. SafeNet, Inc. makes Senetas products available globally under a master distribution agreement and are co-branded as such." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2221", "Certificate Number": "2221", "Vendor Name": "Hewlett Packard®, Enterprise", "Module Name": "Aruba 620 and 650 Mobility Controllers with ArubaOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "08/07/201402/20/201501/20/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2221.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2221", "detail_available": true, "module_name": "Aruba 620 and 650 Mobility Controllers with ArubaOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba's family of Mobility Controllers are network infrastructure devices providing secure, scalable solutions for enterprise Wi-Fi, network security policy enforcement, VPN services, and wireless intrusion detection and prevention. Mobility controllers serve as central points of authentication, encryption, access control, and network coordination for all mobile network services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2220", "Certificate Number": "2220", "Vendor Name": "Guidance Software, Inc.", "Module Name": "Guidance Software EnCase Cryptographic Engine", "Module Type": "Software", "Validation Date": "08/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2220.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2220", "detail_available": true, "module_name": "Guidance Software EnCase Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated with module Windows Server 2008 R2 Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #1337 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The module is the Guidance Software EnCase Cryptographic Engine, version 1.0, which is a software shared library that provides cryptographic services required by Guidance Software host applications.", "algorithms": [ "AES", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2219", "Certificate Number": "2219", "Vendor Name": "Symantec Corporation", "Module Name": "Symantec Cryptographic Module", "Module Type": "Software", "Validation Date": "08/07/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2219.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2219", "detail_available": true, "module_name": "Symantec Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Symantec Cryptographic Module is a software module with a multi-chip standalone embodiment. The overall security level of the module is 1. SymCrypt is implemented in the C programming language and consists of a shared library that is linked with SSIM application components. It is designed to execute on a host system with a General Purpose Computer (GPC) hardware platform.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2218", "Certificate Number": "2218", "Vendor Name": "Tripwire, Inc.", "Module Name": "Tripwire Cryptographic Module", "Module Type": "Software", "Validation Date": "08/07/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2218.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2218", "detail_available": true, "module_name": "Tripwire Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Tripwire Cryptographic Module supports many FIPS approved cryptographic operations, providing other Tripwire products and Java-based applications access to these algorithms via the standard Java Cryptographic Extension (JCE) framework." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2217", "Certificate Number": "2217", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE(R) Crypto-C Micro Edition", "Module Type": "Software-Hybrid", "Validation Date": "09/08/201402/03/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2217.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2217", "detail_available": true, "module_name": "RSA BSAFE(R) Crypto-C Micro Edition", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "The Crypto-C Micro Edition (ME) Module is RSA, The Security Division of EMC's cryptographic library designed for securing mobile devices like wireless phones and personal digital assistants. It contains assembly-level optimizations on key wireless processors. Its functionality includes a wide range of data encryption and signing algorithms, including Triple-DES, the Advanced Encryption Standard (AES) algorithm, the RSA Public Key Cryptosystem, the DSA government signature algorithm, MD5 and SHA1 message digest routines, and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2216", "Certificate Number": "2216", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Motorola Network Router (MNR) S6000", "Module Type": "Hardware", "Validation Date": "07/31/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2216.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2216", "detail_available": true, "module_name": "Motorola Network Router (MNR) S6000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "MNR S6000 routers are versatile, secure-capable devices that can ensure timely delivery of delay-sensitive traffic. Supporting secure integrated voice and data applications as well as high-speed site-to-site WAN connections, S6000 routers perform simultaneous functions - including compression and data prioritization - without compromising their ability to accomplish additional packet-handling functions as needed. In addition to the normal routing functions, the MNR S6000 supports data encryption and authentication over Ethernet and Frame Relay links using the IPSec and FRF.17 protocols." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2215", "Certificate Number": "2215", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Motorola GGM 8000 Gateway", "Module Type": "Hardware", "Validation Date": "07/31/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2215.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2215", "detail_available": true, "module_name": "Motorola GGM 8000 Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "GGM 8000 devices are versatile, secure-capable devices that can ensure timely delivery of delay-sensitive traffic. Supporting secure integrated voice and data applications as well as high-speed site-to-site WAN connections, GGM 8000 perform simultaneous functions - including compression and data prioritization - without compromising their ability to accomplish additional packet-handling functions as needed. In addition to the normal packet forwarding functions, the GGM 8000 supports data encryption and authentication over Ethernet and Frame Relay links using the IPSec and FRF.17 protocols." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2214", "Certificate Number": "2214", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung Kernel Cryptographic Module", "Module Type": "Software", "Validation Date": "07/31/201408/29/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2214.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2214", "detail_available": true, "module_name": "Samsung Kernel Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Provides general purpose cryptographic services to services in the Linux kernel and user-space applications, intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2213", "Certificate Number": "2213", "Vendor Name": "Sony Corporation", "Module Name": "Aspen", "Module Type": "Hardware", "Validation Date": "07/23/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2213.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2213", "detail_available": true, "module_name": "Aspen", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Aspen is a hardware security module that provides decryption, decoding/encoding of audio/video data for the digital cinema projector system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2212", "Certificate Number": "2212", "Vendor Name": "United States Special Operations Command (USSOCOM)", "Module Name": "Suite B Cryptographic Module", "Module Type": "Software", "Validation Date": "07/23/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2212.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2212", "detail_available": true, "module_name": "Suite B Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Microsoft Windows Server 2008 R2 Kernel Mode Cryptographic Primitives Library (cng.sys) validated to FIPS 140-2 under Cert. #1335 operating in FIPS mode or BlackBerry Cryptographic Kernel validated to FIPS 140-2 under Cert. #1669 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "KEYW, in coordination with the United States Special Operations Command (USSOCOM), has developed a Suite B-compliant, standards based, AES/GCM-256 layer of encrypted communications between a BlackBerry Enterprise Server (BES) and a BlackBerry Mobile Set (MS) with Elliptic Curve (EC) key exchange used to negotiate symmetric keys." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2211", "Certificate Number": "2211", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "07/11/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2211.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2211", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2210", "Certificate Number": "2210", "Vendor Name": "3e Technologies International, Inc.", "Module Name": "3e-636M CyberFence Cryptographic Module", "Module Type": "Hardware", "Validation Date": "07/11/201403/29/201604/14/201603/20/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2210.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2210", "detail_available": true, "module_name": "3e-636M CyberFence Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "3e-636M CyberFence module is a high speed information assurance device that combines together a number of different capabilities to create a tailored cyber defense. Acting as an IPsec client or gateway, the module authenticates the IPsec peer using IKEv2 negotiation. It provides further data integrity and confidentiality using the ESP mode of the IPsec. AES with 128/192/256 bits key is used for network data encryption while SHS, CCM or GCM is used for data integrity. The module also implements access control, 802.1X port authentication and deep data packet inspection functions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2209", "Certificate Number": "2209", "Vendor Name": "Western Digital Corporation", "Module Name": "Verdi Self Encrypting Drive (SED)", "Module Type": "Hardware", "Validation Date": "07/11/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2209.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2209", "detail_available": true, "module_name": "Verdi Self Encrypting Drive (SED)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "A WDC Verdi product is a storage device that supports the Trusted Computing Group security protocol as defined by the TCG Enterprise SSC ( a set of security features that manage self encrypting drive functionality).", "algorithms": [ "DRBG" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2208", "Certificate Number": "2208", "Vendor Name": "Senetas Corporation Ltd. and SafeNet Inc.", "Module Name": "CN Series Ethernet Encryptors", "Module Type": "Hardware", "Validation Date": "07/11/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2208.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2208", "detail_available": true, "module_name": "CN Series Ethernet Encryptors", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The CN4010 and CN6010 are high-speed hardware encryption modules that secure data over twisted-pair Ethernet and optical networks. The modules support data rates to 1Gb/s and 100Mb/s and 10Mb/s modes. The CN6010 is additionally equipped with pluggable SFPs to support a variety of optical network interfaces. Data privacy is provided by FIPS approved AES CFB and CTR algorithms as well as GCM for applications that demand authentication. Additional transmission security is provided via TRANSEC capability which can be used to remove patterns in network traffic and prevent traffic analysis." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2207", "Certificate Number": "2207", "Vendor Name": "Gemalto", "Module Name": "MultiApp V3 Platform", "Module Type": "Hardware", "Validation Date": "07/09/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2207.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2207", "detail_available": true, "module_name": "MultiApp V3 Platform", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "MultiApp V3.0 is a highly secured smartcard platform from Gemalto complying with Javacard 2.2.2 and GP 2.1.1 standards and operated on the SLE78 chip from Infineon. This field-proven OS has the largest number of references in national ID programs. Its cryptographic library implements TDES, AES, SHA, RSA, RSA CRT, ECDSA, ECC CDH and RNG ANSX9.31 algorithms. This modular and flexible platform serves various needs, enabling ePassport, secure data storage, identification, authentication and digital signature with biometry control.", "algorithms": [ "AES", "CVL", "DES", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2206", "Certificate Number": "2206", "Vendor Name": "Aviat Networks, Inc.", "Module Name": "Aviat Networks Eclipse Cryptographic Module", "Module Type": "Hardware", "Validation Date": "07/09/201407/24/201408/29/201407/06/201511/18/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2206.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2206", "detail_available": true, "module_name": "Aviat Networks Eclipse Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. Installation of components shall be configured per Section 2.2.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "This cryptographic module performs encryption of data carried over a microwave radio link." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2205", "Certificate Number": "2205", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade® MLXe® and Brocade NetIron® CER 2000 Series Ethernet Routers", "Module Type": "Hardware", "Validation Date": "07/09/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2205.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2205", "detail_available": true, "module_name": "Brocade® MLXe® and Brocade NetIron® CER 2000 Series Ethernet Routers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident labels installed and with the configurations in Tables 8 and 12 as defined in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Brocade MLXe series of core routers support IPv4, IPv6, MPLS and advanced Layer 2 switching. Ideally suited for service provider backbones, Metro Ethernet networks, ISPs, CDNs, IXPs, data centers, and distributed enterprises. The NetIron CER 2000 series 1 Gigabit Ethernet (GbE) routers support copper and hybrid fiber configurations with two optional 10 GbE uplink ports. All the ports support forwarding IP and MPLS packets at wire speed without oversubscription. The routers support standard IPv4, IPv6 routing protocols, RIP/RIPng, OSPF/OSPFv3, IS-IS/IS-IS for IPv6, and BGP/BGP-MP for IPv6.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2204", "Certificate Number": "2204", "Vendor Name": "Feitian Technologies Co., Ltd.", "Module Name": "ePass Token", "Module Type": "Hardware", "Validation Date": "07/07/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2204.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2204", "detail_available": true, "module_name": "ePass Token", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The ePass Token, is a USB token containing FEITIAN's own FEITIAN-FIPS-COS cryptographic operating system. The FEITIAN-FIPS-COS is embedded in an ST23YT66 Integrated Circuit (IC) chip and has been developed to support FEITIAN's ePass USB token. The ePass token is designed to provide strong authentication and identification and to support network login, secure online transactions, digital signatures, and sensitive data protection. FEITIAN's ePass token guarantees safety of its cryptographic IC chip and other components with its hard, semi-transparent, polycarbonate shell.", "algorithms": [ "AES", "DES", "DRBG", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2203", "Certificate Number": "2203", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Pitney Bowes iButton Postal Security Device (PSD)", "Module Type": "Hardware", "Validation Date": "07/09/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2203.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2203", "detail_available": true, "module_name": "Pitney Bowes iButton Postal Security Device (PSD)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Pitney Bowes iButton Postal Security Device (PSD) has been designed in compliance with the United States Postal Service (USPS), Information-Based Indicia Program (IBIP), Royal Mail Mailmark and other international postal authorities' specification. It employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes global digital metering products. The PSD has been designed to support international postal markets and their rapidly evolving requirements for digital indicia." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2202", "Certificate Number": "2202", "Vendor Name": "Gemalto", "Module Name": "IDPrime MD 830 with OATH & MPCOS applets", "Module Type": "Hardware", "Validation Date": "07/07/201408/04/201604/03/201805/31/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2202.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2202", "detail_available": true, "module_name": "IDPrime MD 830 with OATH & MPCOS applets", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "IDPrime MD 830 is a Minidriver enabled PKI smartcard, offering all the necessary services (with either RSA or Elliptic curves algorithms) to secure an IT Security and ID access infrastructure. In addition, OATH applet offers One Time Password based strong authentication while MPCOS offers e-purse and data management services.", "algorithms": [ "AES", "DES", "ECDH", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2201", "Certificate Number": "2201", "Vendor Name": "IBM® Corporation", "Module Name": "IBM System Storage TS1140 and TS1150 Tapes Drives – Machine Type 3592, Models E07 and E08", "Module Type": "Hardware", "Validation Date": "07/07/201405/29/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2201.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2201", "detail_available": true, "module_name": "IBM System Storage TS1140 and TS1150 Tapes Drives – Machine Type 3592, Models E07 and E08", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The TS1140 / 3592 E07 and TS1150/3592 E08 Tape Drives provides full line speed, fully validated, hardware implemented, AES 256-bit encryption and compression of customer data recorded to tape. It ensures data confidentiality in the event of a lost tape while also supporting additional cryptographic functions for authentication and secure transfer of key material." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2200", "Certificate Number": "2200", "Vendor Name": "JVCKENWOOD Corporation", "Module Name": "Secure Cryptographic Module (SCM)", "Module Type": "Hardware", "Validation Date": "06/27/201409/12/201405/08/201511/23/201512/18/201506/21/201707/24/201702/06/201810/16/202007/29/2024", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2200.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2200", "detail_available": true, "module_name": "Secure Cryptographic Module (SCM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Secure Cryptographic Module (SCM) meets overall FIPS 140-2 Level 1 requirements providing KENWOOD radios secure and encrypted digital communication. The SCM supports 256 bit key AES encryption as well as DES encryption.", "algorithms": [ "AES", "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2199", "Certificate Number": "2199", "Vendor Name": "Aruba a Hewlett Packard Enterprise Company", "Module Name": "Aruba AP-224 and AP-225 Wireless Access Points", "Module Type": "Hardware", "Validation Date": "06/27/201403/20/201501/20/201607/06/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2199.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2199", "detail_available": true, "module_name": "Aruba AP-224 and AP-225 Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba's 802.11ac Wi-Fi access points operate at gigabit speeds, offering extreme performance for mobile devices. In FIPS 140-2 mode, Aruba APs in conjunction with a Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also support wireless intrusion detection/prevention services and wireless mesh topologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2198", "Certificate Number": "2198", "Vendor Name": "Seagate Technology LLC", "Module Name": "Seagate Secure® TCG Enterprise SSC 1200 SSD Self-Encrypting Drive FIPS 140 Module", "Module Type": "Hardware", "Validation Date": "06/27/201410/16/201402/13/201507/23/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2198.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2198", "detail_available": true, "module_name": "Seagate Secure® TCG Enterprise SSC 1200 SSD Self-Encrypting Drive FIPS 140 Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Seagate Secure® TCG Enterprise SSC Self-Encrypting Drive FIPS 140 Module is embodied in Seagate 1200 SSD SED model disk drives. These products meet the performance requirements of the most demanding Enterprise applications. The cryptographic module (CM) provides a wide range of cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, instantaneous user data disposal with cryptographic erase, independently controlled and protected user data LBA bands and authenticated FW download.", "algorithms": [ "AES", "DRBG", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2197", "Certificate Number": "2197", "Vendor Name": "Blue Coat® Systems, Inc.", "Module Name": "ProxySG SG9000-20 [1], SG9000-20B [2], SG9000-30 [3] and SG9000-40 [4]", "Module Type": "Hardware", "Validation Date": "06/27/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2197.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2197", "detail_available": true, "module_name": "ProxySG SG9000-20 [1], SG9000-20B [2], SG9000-30 [3] and SG9000-40 [4]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and the opacity baffle installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Blue Coat ProxySG appliances are the core of the Blue Coat’s Unified Security and Optimization solutions for business assurance. The appliances offer complete security and control of web traffic, providing rich policy constructs for threat protection, SSL traffic, authentication, filtering, data loss prevention and logging capabilities. The appliances also optimize web and internal application traffic through caching, bandwidth management, stream splitting, and protocol optimization for data, video, cloud and web applications.", "algorithms": [ "AES", "DRBG", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2196", "Certificate Number": "2196", "Vendor Name": "Blue Coat® Systems, Inc.", "Module Name": "ProxySG SG600-10 [1], SG600-20 [2] and SG600-35 [3]", "Module Type": "Hardware", "Validation Date": "06/27/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2196.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2196", "detail_available": true, "module_name": "ProxySG SG600-10 [1], SG600-20 [2] and SG600-35 [3]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and opacity baffles installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Blue Coat ProxySG appliances are the core of the Blue Coat’s Unified Security and Optimization solutions for business assurance. The appliances offer complete security and control of web traffic, providing rich policy constructs for threat protection, SSL traffic, authentication, filtering, data loss prevention and logging capabilities. The appliances also optimize web and internal application traffic through caching, bandwidth management, stream splitting, and protocol optimization for data, video, cloud and web applications.", "algorithms": [ "AES", "DRBG", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2195", "Certificate Number": "2195", "Vendor Name": "Blue Coat® Systems, Inc.", "Module Name": "ProxySG SG900-10B [1], SG900-20 [2], SG900-30 [3], SG900-45 [4] and SG900-55 [5]", "Module Type": "Hardware", "Validation Date": "06/27/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2195.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2195", "detail_available": true, "module_name": "ProxySG SG900-10B [1], SG900-20 [2], SG900-30 [3], SG900-45 [4] and SG900-55 [5]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and the opacity baffle installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Blue Coat ProxySG appliances are the core of the Blue Coat’s Unified Security and Optimization solutions for business assurance. The appliances offer complete security and control of web traffic, providing rich policy constructs for threat protection, SSL traffic, authentication, filtering, data loss prevention and logging capabilities. The appliances also optimize web and internal application traffic through caching, bandwidth management, stream splitting, and protocol optimization for data, video, cloud and web applications.", "algorithms": [ "AES", "DRBG", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2194", "Certificate Number": "2194", "Vendor Name": "Blue Coat® Systems, Inc.", "Module Name": "Blue Coat® Systems SSL Visibility Appliance", "Module Type": "Hardware", "Validation Date": "06/27/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2194.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2194", "detail_available": true, "module_name": "Blue Coat® Systems SSL Visibility Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SSL Visibility Appliance is designed to detect SSL traffic and then under policy control to \"inspect\" the traffic. Inspection involves decrypting and re-encrypting the traffic to gain access to the clear text then passing this data to one or more associated security appliance(s) that need to see decrypted traffic." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2193", "Certificate Number": "2193", "Vendor Name": "Dell Software, Inc.", "Module Name": "NSA 250M and NSA 250MW", "Module Type": "Hardware", "Validation Date": "06/25/201404/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2193.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2193", "detail_available": true, "module_name": "NSA 250M and NSA 250MW", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "NSA Series: The Dell SonicWALL Network Security Appliance (NSA) Series is a high performance platform utilizing a unique multi-core architecture to provide high speed anti-virus, anti-spyware, intrusion prevention, content filtering, application inspection and protection and for the SMBs and large businesses." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2192", "Certificate Number": "2192", "Vendor Name": "Dell Software, Inc.", "Module Name": "NSA E10000 Series", "Module Type": "Hardware", "Validation Date": "06/25/201404/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2192.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2192", "detail_available": true, "module_name": "NSA E10000 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "NSA E-Class: The Dell SonicWALL E-Class Network Security Appliance (NSA) Series is engineered to provide high performance Unified Threat Management (UTM) threat prevention and application inspection to meet the needs of expanding enterprise networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2191", "Certificate Number": "2191", "Vendor Name": "Dell Software, Inc.", "Module Name": "NSA E8500 and NSA E8510", "Module Type": "Hardware", "Validation Date": "06/25/201404/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2191.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2191", "detail_available": true, "module_name": "NSA E8500 and NSA E8510", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "NSA E-Class: The Dell SonicWALL E-Class Network Security Appliance (NSA) Series is engineered to provide high performance Unified Threat Management (UTM) threat prevention and application inspection to meet the needs of expanding enterprise networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2190", "Certificate Number": "2190", "Vendor Name": "SonicWall, Inc.", "Module Name": "TZ 105, TZ 105W, TZ 205, TZ 205W, TZ 210, TZ 210W, TZ 215 and TZ 215W", "Module Type": "Hardware", "Validation Date": "06/25/201404/21/201503/22/201606/14/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2190.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2190", "detail_available": true, "module_name": "TZ 105, TZ 105W, TZ 205, TZ 205W, TZ 210, TZ 210W, TZ 215 and TZ 215W", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "SonicWALL's TZ Series is a high performance security platform that combines anti-virus, anti-spyware, intrusion prevention, content filtering, 3G connectivity and redundancy with 802.11 b/g/n wireless for an ultimate SMB security package. These solutions allow remote and branch offices to easily implement network protection from a wide spectrum of emerging threats." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2189", "Certificate Number": "2189", "Vendor Name": "Dell Software, Inc.", "Module Name": "NSA 4500 and NSA E5500", "Module Type": "Hardware", "Validation Date": "06/25/201404/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2189.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2189", "detail_available": true, "module_name": "NSA 4500 and NSA E5500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "NSA Series: The Dell SonicWALL Network Security Appliance (NSA) Series is a high performance platform utilizing a unique multi-core architecture to provide high speed anti-virus, anti-spyware, intrusion prevention, content filtering, application inspection and protection and for the SMBs and large businesses." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2188", "Certificate Number": "2188", "Vendor Name": "Dell Software, Inc.", "Module Name": "NSA 3500", "Module Type": "Hardware", "Validation Date": "06/25/201404/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2188.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2188", "detail_available": true, "module_name": "NSA 3500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "NSA Series: The Dell SonicWALL Network Security Appliance (NSA) Series is a high performance platform utilizing a unique multi-core architecture to provide high speed anti-virus, anti-spyware, intrusion prevention, content filtering, application inspection and protection and for the SMBs and large businesses." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2187", "Certificate Number": "2187", "Vendor Name": "Dell Software, Inc.", "Module Name": "NSA 220, NSA 220W and NSA 240", "Module Type": "Hardware", "Validation Date": "06/25/201404/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2187.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2187", "detail_available": true, "module_name": "NSA 220, NSA 220W and NSA 240", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Dell SonicWALL Network Security Appliance (NSA) Series is a high performance platform utilizing a unique multi-core architecture to provide high speed anti-virus, anti-spyware, intrusion prevention, content filtering, application inspection and protection and for the SMBs and large businesses." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2186", "Certificate Number": "2186", "Vendor Name": "Dell Software, Inc.", "Module Name": "NSA 2400 and NSA 2400MX", "Module Type": "Hardware", "Validation Date": "06/25/201404/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2186.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2186", "detail_available": true, "module_name": "NSA 2400 and NSA 2400MX", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Dell SonicWALL Network Security Appliance (NSA) Series is a high performance platform utilizing a unique multi-core architecture to provide high speed anti-virus, anti-spyware, intrusion prevention, content filtering, application inspection and protection and for the SMBs and large businesses." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2185", "Certificate Number": "2185", "Vendor Name": "Dell Software, Inc.", "Module Name": "NSA E6500", "Module Type": "Hardware", "Validation Date": "06/25/201404/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2185.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2185", "detail_available": true, "module_name": "NSA E6500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "NSA E-Class: The Dell SonicWALL E-Class Network Security Appliance (NSA) Series is engineered to provide high performance Unified Threat Managment (UTM) threat prevention and application inspection to meet the needs of expanding enterprise networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2184", "Certificate Number": "2184", "Vendor Name": "Sonus Networks, Inc.", "Module Name": "SBC 5110 and 5210 Session Border Controllers", "Module Type": "Hardware", "Validation Date": "06/25/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2184.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2184", "detail_available": true, "module_name": "SBC 5110 and 5210 Session Border Controllers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SBC 5110 and 5210 Session Border Controllers are high-performance air-cooled, 2U, IP encryption appliances that provide secure SIP-based communications with robust security, reduced latency, real-time encryption (VOIP signaling and media traffic), media transcoding, flexible SIP session routing & policy management.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2183", "Certificate Number": "2183", "Vendor Name": "Kingston Technology Company, Inc.", "Module Name": "IronKey Workspace W700", "Module Type": "Hardware", "Validation Date": "06/25/201409/26/201401/16/201507/23/201503/08/201605/26/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2183.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2183", "detail_available": true, "module_name": "IronKey Workspace W700", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "Files distributed with the module mounted within the internal CD Drive are excluded from validation", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "IronKey Workspace W700 is a Secure USB 3.0 drive with 256-bit AES hardware encryption and PKI operations combined with strong, built-in password protection capabilities and a tamper-resistant metal housing to help you control user access to desktops, sensitive data and critical applications. IronKey Workspace W700 allows enterprise class device management features like policy updates, password recovery and remote kill features." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2182", "Certificate Number": "2182", "Vendor Name": "Aruba a Hewlett Packard Enterprise Company", "Module Name": "Aruba RAP-3WN, RAP-3WNP, RAP-108, RAP-109, AP-114 and AP-115 Wireless Access Points", "Module Type": "Hardware", "Validation Date": "06/20/201403/20/201501/27/201607/06/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2182.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2182", "detail_available": true, "module_name": "Aruba RAP-3WN, RAP-3WNP, RAP-108, RAP-109, AP-114 and AP-115 Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba's 802.11n wired and wireless access points offer the highest performance for mobile devices. In FIPS 140-2 mode, Aruba APs in conjunction with a Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also support wireless intrusion detection/prevention services and wireless mesh topologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2181", "Certificate Number": "2181", "Vendor Name": "VMware, Inc.", "Module Name": "VMware Java JCE (Java Cryptographic Extension) Module", "Module Type": "Software", "Validation Date": "06/20/201405/18/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2181.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2181", "detail_available": true, "module_name": "VMware Java JCE (Java Cryptographic Extension) Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The VMware Java JCE (Java Cryptographic Extension) module is a versatile software library that implements FIPS-140-2 approved cryptographic services for VMware products and platforms.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2180", "Certificate Number": "2180", "Vendor Name": "VMware, Inc.", "Module Name": "VMware Kernel Cryptographic Module", "Module Type": "Software", "Validation Date": "06/20/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2180.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2180", "detail_available": true, "module_name": "VMware Kernel Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode with VMware NSS Cryptographic Module validated to FIPS 140-2 under Cert. #2155 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The VMware Kernel Cryptographic Module is a flexible software library providing FIPS-140-2 approved cryptographic operations for VMware products and platforms.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2179", "Certificate Number": "2179", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiOS 4.0 MR3", "Module Type": "Firmware", "Validation Date": "06/20/201407/24/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2179.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2179", "detail_available": true, "module_name": "FortiOS 4.0 MR3", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The FortiOS is a firmware based operating system that runs exclusively on Fortinet's FortiGate/FortiWiFi product family. The FortiOS provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering and traffic shaping and HA capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2178", "Certificate Number": "2178", "Vendor Name": "SafeNet, Inc.", "Module Name": "Model 650 SafeNet Encryptor", "Module Type": "Hardware", "Validation Date": "06/18/201401/10/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2178.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2178", "detail_available": true, "module_name": "Model 650 SafeNet Encryptor", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeNet Encryptor provides data privacy and access control for connections between vulnerable public and private SONET/SDH networks or 10G Ethernet networks. It employs federally endorsed AES and Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in a SONET OC-192 network or 10G Ethernet network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2177", "Certificate Number": "2177", "Vendor Name": "SafeNet, Inc.", "Module Name": "Model 600 SafeNet Encryptor", "Module Type": "Hardware", "Validation Date": "06/18/201401/10/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2177.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2177", "detail_available": true, "module_name": "Model 600 SafeNet Encryptor", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeNet Encryptor provides data privacy and access control for connections between vulnerable public and private SONET/SDH or Ethernet networks. It employs FIPS approved AES and Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in SONET 155 MB (OC-3), 622 MB (OC-12), 1.0 GB, and 2.4 GB (OC-48) networks or 200MB and 1GB Ethernet networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2176", "Certificate Number": "2176", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "ASA 5512-X, ASA 5515-X, ASA 5525-X, ASA 5545-X, ASA 5555-X, ASA 5580-20, ASA 5580-40, ASA 5585-X SSP-10, 5585-X SSP-20, 5585-X SSP-40 and 5585-X SSP-60 Security Appliances", "Module Type": "Hardware", "Validation Date": "06/18/201408/29/201401/12/201603/02/201606/29/201608/15/201608/31/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2176.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2176", "detail_available": true, "module_name": "ASA 5512-X, ASA 5515-X, ASA 5525-X, ASA 5545-X, ASA 5555-X, ASA 5580-20, ASA 5580-40, ASA 5585-X SSP-10, 5585-X SSP-20, 5585-X SSP-40 and 5585-X SSP-60 Security Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes.", "algorithms": [ "AES", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2175", "Certificate Number": "2175", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "06/17/201402/27/201507/05/201612/01/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2175.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2175", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2174", "Certificate Number": "2174", "Vendor Name": "Hewlett-Packard Development Company, L.P.", "Module Name": "HP BladeSystem Onboard Administrator Firmware", "Module Type": "Firmware", "Validation Date": "06/17/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2174.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2174", "detail_available": true, "module_name": "HP BladeSystem Onboard Administrator Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as indicated in the Security Policy in Section 3 and operated in FIPS mode.", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The module provides administrative control of HP BladeSystem c-Class enclosures. The cryptographic functions of the module provide security for administrative access via HTTPS and SSH, and to administrative commands for the BladeSystem enclosure.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2173", "Certificate Number": "2173", "Vendor Name": "Hewlett-Packard Development Company, L.P.", "Module Name": "iLO 3 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "06/17/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2173.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2173", "detail_available": true, "module_name": "iLO 3 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "HP Integrated Lights-Out (iLO) management built into BladeSystem blade servers and storage blades is an autonomous management subsystem embedded directly on the server. iLO monitors each server’s overall \"health\", reports issues, and provides a means for setup and managing of power and thermal settings.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2172", "Certificate Number": "2172", "Vendor Name": "McAfee, Inc.", "Module Name": "NSM Application Cryptographic Module", "Module Type": "Software", "Validation Date": "06/17/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2172.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2172", "detail_available": true, "module_name": "NSM Application Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "McAfee Network Security Manager (NSM) is a simple, centralized management software for distributed McAfee Network Security Platform intrusion prevention system (IPS) sensors. The NSM console with its intuitive graphical interface gives administrators complete control and real-time data, so that they can manage, configure, administer, and monitor all IPS appliances across widely distributed, mission-critical deployments. The NSM Application Crypto Module provides cryptographic services for the Network Security Manager application." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2171", "Certificate Number": "2171", "Vendor Name": "HGST, Inc.", "Module Name": "HGST Ultrastar C15K600 TCG Enterprise HDDs", "Module Type": "Hardware", "Validation Date": "06/17/201407/17/201405/08/201502/23/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2171.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2171", "detail_available": true, "module_name": "HGST Ultrastar C15K600 TCG Enterprise HDDs", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "HGST Self-Encrypting Drives implement TCG Storage specifications, and meet or exceed the most demanding performance and security requirements. The Ultrastar C15K600 series are 12Gbs SAS, TCG Enterprise HDDs." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2170", "Certificate Number": "2170", "Vendor Name": "DragonWave Inc.", "Module Name": "DragonWave® Secure Cryptographic Module", "Module Type": "Firmware-Hybrid", "Validation Date": "06/12/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2170.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2170", "detail_available": true, "module_name": "DragonWave® Secure Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Firmware-Hybrid", "embodiment": "Multi-chip standalone", "description": "The DragonWave® Secure Cryptographic Module is a hybrid cryptographic module consisting of firmware and hardware. The hardware portion of the module provides AES for bulk data encryption between two Horizon Compact+ or Horizon Quantum peer devices in a radio link, while the firmware provides cryptographic state management as well as secure peer-to-peer management communications over a protected TLS tunnel.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "KDF", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2169", "Certificate Number": "2169", "Vendor Name": "IBM® Corporation", "Module Name": "IBM LTO Generation 6 Encrypting Tape Drive", "Module Type": "Hardware", "Validation Date": "06/11/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2169.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2169", "detail_available": true, "module_name": "IBM LTO Generation 6 Encrypting Tape Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The IBM LTO Generation 6 Encrypting Tape Drive provides AES-GCM encryption of customer data recorded to tape. Both encryption and compression are implemented in the hardware for optimum performance. Four different host interface types of the LTO Generation 6 \"brick\" unit are FIPS certified as a multi-chip, standalone cryptographic module. In customer operation the \"brick\" unit may be embedded in bridge box or in a canister package for operation in a library." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2168", "Certificate Number": "2168", "Vendor Name": "Tendyron Corporation", "Module Name": "OnKey193 USB Token", "Module Type": "Hardware", "Validation Date": "06/11/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2168.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2168", "detail_available": true, "module_name": "OnKey193 USB Token", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The OnKey193 USB Token provides RSA, TDES, AES, RNG cryptographic service for government and corporate identification, payment, banking and Web applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2167", "Certificate Number": "2167", "Vendor Name": "Neopost Technologies, S.A.", "Module Name": "Neopost Postal Security Device (PSD)", "Module Type": "Hardware", "Validation Date": "06/11/201408/29/201409/18/201501/04/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2167.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2167", "detail_available": true, "module_name": "Neopost Postal Security Device (PSD)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Neopost Postal Security Device (PSD) is a cryptographic module embedded within postal franking machines. The PSD performs all franking machine’s cryptographic and postal security functions and protects the Critical Security Parameters (CSPs) and Postal Relevant Data from unauthorized access." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2166", "Certificate Number": "2166", "Vendor Name": "Marvell Semiconductor, Inc.", "Module Name": "Armada Mobile Processor", "Module Type": "Hardware", "Validation Date": "06/09/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2166.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2166", "detail_available": true, "module_name": "Armada Mobile Processor", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Marvell’s ARMADA PXA2128 and ARMADA PXA610 are application processors (PXA2128 is multicore) ideally suited for smartphones and tablets that enable a seamless connected lifestyle. Designed in low-power 40-nanometer (nm) process and featuring the Marvell Hybrid Symmetric Multi-Processing (hSMP) technology, they provide new levels of secure internet and multimedia performance, while achieving industry-leading battery life. Featuring Marvell optimized ARMv7 dual high-performance mobile processors with hSMP running at up to 1.2GHz, the ARMADA PXA2128 and PXA610 provide robust 3D graphics, video," }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2165", "Certificate Number": "2165", "Vendor Name": "Ultra Electronics 3eTI", "Module Name": "3e-543 AirGuard iField Wireless Sensor Cryptographic Module", "Module Type": "Hardware", "Validation Date": "06/09/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2165.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2165", "detail_available": true, "module_name": "3e-543 AirGuard iField Wireless Sensor Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "3eTI 543 Wireless Sensor Cryptographic Module provides network authentication and data encryption for IEEE 15.4 radio. This module enables the secured transportation of sensor data using AES_CCM over ISA 100.11a or WirelessHard wireless links." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2164", "Certificate Number": "2164", "Vendor Name": "Nokia of America Corporation (NoAC)", "Module Name": "Nokia Secure Sockets Cryptographic Module", "Module Type": "Software", "Validation Date": "06/05/201412/31/201405/29/201509/30/201502/05/201612/15/201601/18/201707/03/201708/22/201706/12/201806/27/201812/13/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2164.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2164", "detail_available": true, "module_name": "Nokia Secure Sockets Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Nokia Secure Sockets Cryptographic Module is an OpenSSL cryptographic library that provides cryptographic services to its calling applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2163", "Certificate Number": "2163", "Vendor Name": "MikroM GmbH", "Module Name": "MVC201", "Module Type": "Hardware", "Validation Date": "06/05/201407/24/201405/08/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2163.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2163", "detail_available": true, "module_name": "MVC201", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "MVC201 - Digital Cinema Image Media Block for integration into a TI Series 2 DLP Cinema projector" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2162", "Certificate Number": "2162", "Vendor Name": "Encryptics", "Module Name": "Encryptics® Cryptographic Library", "Module Type": "Software", "Validation Date": "05/28/201407/03/201406/16/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2162.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2162", "detail_available": true, "module_name": "Encryptics® Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated with module Windows Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Certs. #1002, #1330, and #1337 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Encryptics Cryptographic Library underpins Encryptics technology and offers protection by industry-standard, government approved algorithms to ensure that only authorized users and authorized devices are allowed to access private information stored within the .SAFE package. Encryptics for Email and Encryptics Data Protection API both leverage the Encryptics .SAFE Library to ensure use of FIPS 140-2 validated cryptography.", "algorithms": [ "AES", "DRBG", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2161", "Certificate Number": "2161", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise 1100F, 2150F and 4150F", "Module Type": "Hardware", "Validation Date": "05/27/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2161.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2161", "detail_available": true, "module_name": "McAfee Firewall Enterprise 1100F, 2150F and 4150F", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and when installed, initialized and configured as specified in the Security Policy Section 3.1. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2160", "Certificate Number": "2160", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 819G-4G-A-K9, 819G-4G-V-K9, 819H-K9, 819G-S-K9, 819HG-4G-G-K9, 891, 881, 1905, 1921 and 1941 Integrated Services Routers (ISRs)", "Module Type": "Hardware", "Validation Date": "05/27/201408/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2160.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2160", "detail_available": true, "module_name": "Cisco 819G-4G-A-K9, 819G-4G-V-K9, 819H-K9, 819G-S-K9, 819HG-4G-G-K9, 891, 881, 1905, 1921 and 1941 Integrated Services Routers (ISRs)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 800 and 1900 Series Integrated Services Routers are routers that provide collaborative business solutions for data communication to small businesses and enterprise teleworkers. They offer Metro Ethernet and multiple DSL technologies to provide business continuity. The routers provide the performance required for concurrent services, including firewall, intrusion prevention, content filtering, and encryption for VPNs for optimizing voice and video applications.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2159", "Certificate Number": "2159", "Vendor Name": "Comtech EF Data Corporation", "Module Name": "Unified Crypto Module", "Module Type": "Hardware", "Validation Date": "05/27/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2159.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2159", "detail_available": true, "module_name": "Unified Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Comtech Unified Crypto Module features an FPGA to perform bulk encryption/decryption for Ethernet data traffic via Comtech Satellite Modems, as well as firmware to provide the cryptographic functions needed to act as a endpoint for secure TLS- and SSH-based management and control traffic." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2158", "Certificate Number": "2158", "Vendor Name": "INSIDE Secure", "Module Name": "VaultIC405™, VaultIC421™, VaultIC441™", "Module Type": "Hardware", "Validation Date": "05/20/201405/08/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2158.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2158", "detail_available": true, "module_name": "VaultIC405™, VaultIC421™, VaultIC441™", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The VaultIC405™, VaultIC421™ and VaultIC441™ is an Application Specific Standard Product (ASSP) designed to secure various systems against counterfeiting, cloning or identity theft. It is a hardware security module that can be used in many applications such as IP protection, access control or hardware protection." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2157", "Certificate Number": "2157", "Vendor Name": "Mocana Corporation", "Module Name": "Mocana Cryptographic Suite B Hybrid Module", "Module Type": "Software-Hybrid", "Validation Date": "05/20/201404/05/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2157.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2157", "detail_available": true, "module_name": "Mocana Cryptographic Suite B Hybrid Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "The Mocana Cryptographic Suite B Hybrid Module (Software Version 5.5fi) is a hybrid, multi-chip standalone cryptographic module that runs on a general purpose computer. The primary purpose of this module is to provide FIPS Approved cryptographic routines to consuming applications via an Application Programming Interface." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2156", "Certificate Number": "2156", "Vendor Name": "Dell, Inc.", "Module Name": "Dell-CREDANT Cryptographic Kernel (Windows Kernel Mode) [1] and Dell-CREDANT Cryptographic Kernel (Windows User Mode) [2]", "Module Type": "Software", "Validation Date": "05/15/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2156.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2156", "detail_available": true, "module_name": "Dell-CREDANT Cryptographic Kernel (Windows Kernel Mode) [1] and Dell-CREDANT Cryptographic Kernel (Windows User Mode) [2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "CREDANT CmgCryptoLib (also known as CREDANT Cryptographic Kernel) is a FIPS 140-2 validated, software based cryptography library implementing AES, DRBG SP 800-90A [CTR], SHA-2 [256, 384, 512], HMAC [SHA-1 & SHA-2], and Triple-DES. CmgCryptoLib is used by commercial products including CREDANT Mobile Guardian (CMG) and Dell Data Protection Encryption (DDPE). CREDANT provides a centrally managed data protection platform for authentication, encryption, access controls and data recovery for laptops, desktops, removable media, smart phones, servers, network shares, cloud storage and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2155", "Certificate Number": "2155", "Vendor Name": "VMware, Inc.", "Module Name": "VMware NSS Cryptographic Module", "Module Type": "Software", "Validation Date": "05/14/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2155.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2155", "detail_available": true, "module_name": "VMware NSS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The VMware NSS Cryptographic Module is a software cryptographic library that provides FIPS 140-2 validated network security services to VMware products.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2154", "Certificate Number": "2154", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise 1100E, 2150E and 4150E", "Module Type": "Hardware", "Validation Date": "05/14/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2154.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2154", "detail_available": true, "module_name": "McAfee Firewall Enterprise 1100E, 2150E and 4150E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and when installed, initialized and configured as specified in the Security Policy Section 3.1. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2153", "Certificate Number": "2153", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise Virtual Appliance for Crossbeam", "Module Type": "Software", "Validation Date": "05/13/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2153.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2153", "detail_available": true, "module_name": "McAfee Firewall Enterprise Virtual Appliance for Crossbeam", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and when installed, initialized and configured as specified in the Security Policy Section 3.1. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee's Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2152", "Certificate Number": "2152", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 2901, 2911, 2921, 2951, 3925, 3925E, 3945, 3945E and VG350 Integrated Services Routers (ISRs)", "Module Type": "Hardware", "Validation Date": "05/13/201408/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2152.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2152", "detail_available": true, "module_name": "Cisco 2901, 2911, 2921, 2951, 3925, 3925E, 3945, 3945E and VG350 Integrated Services Routers (ISRs)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Integrated Services Routers (ISRs) are routing platforms that provide comprehensive security services including VPN for small businesses, enterprise small branch and teleworkers. The platforms are architected to enable the next phase of branch-office evolution, providing rich media collaboration and virtualization to the branch while offering a wide-range of connectivity options.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2151", "Certificate Number": "2151", "Vendor Name": "SafeNet, Inc.", "Module Name": "ProtectV StartGuard", "Module Type": "Software", "Validation Date": "05/13/201401/10/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2151.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2151", "detail_available": true, "module_name": "ProtectV StartGuard", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "ProtectV StartGuard authorizes whether or not a virtual machine instance secured by SafeNet ProtectV can be launched. StartGuard enables a challenge response authentication mechanism to be inserted in the boot transition process when ProtectV is being started up, during the transition between the first to second phase of the boot process. StartGuard is configurable to suit customers’ security and privacy requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2150", "Certificate Number": "2150", "Vendor Name": "Dell, Inc.", "Module Name": "Dell-CREDANT Cryptographic Kernel (Mac Kernel Mode) [1], Dell-CREDANT Cryptographic Kernel (Mac User Mode) [2] and Dell-CREDANT Cryptographic Kernel (Linux User Mode) [3]", "Module Type": "Software", "Validation Date": "05/13/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2150.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2150", "detail_available": true, "module_name": "Dell-CREDANT Cryptographic Kernel (Mac Kernel Mode) [1], Dell-CREDANT Cryptographic Kernel (Mac User Mode) [2] and Dell-CREDANT Cryptographic Kernel (Linux User Mode) [3]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "CREDANT CmgCryptoLib (also known as CREDANT Cryptographic Kernel) is a FIPS 140-2 validated, software based cryptography library implementing AES, DRBG SP 800-90A [CTR], SHA-2 [256, 384, 512], HMAC [SHA-1 & SHA-2], and Triple-DES. CmgCryptoLib is used by commercial products including CREDANT Mobile Guardian (CMG) and Dell Data Protection Encryption (DDPE). CREDANT provides a centrally managed data protection platform for authentication, encryption, access controls and data recovery for laptops, desktops, removable media, smart phones, servers, network shares, cloud storage and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2149", "Certificate Number": "2149", "Vendor Name": "nCipher Security Limited", "Module Name": "nShield F3 10+ [1], nShield F3 500+ [2], nShield F3 6000+ [3], nShield F3 500+ for nShield Connect+ [4], nShield F3 1500+ for nShield Connect+ [5] and nShield F3 6000+ for nShield Connect+ [6]", "Module Type": "Hardware", "Validation Date": "05/13/201411/24/201508/07/201808/28/201801/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2149.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2149", "detail_available": true, "module_name": "nShield F3 10+ [1], nShield F3 500+ [2], nShield F3 6000+ [3], nShield F3 500+ for nShield Connect+ [4], nShield F3 1500+ for nShield Connect+ [5] and nShield F3 6000+ for nShield Connect+ [6]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nShield modules: nShield F3 10+, nShield F3 500+, nShield F3 6000+, nShield F3 500+ for nShield Connect+, nShield F3 1500+ for nShield Connect+ and nShield F3 6000+ for nShield Connect+ family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2148", "Certificate Number": "2148", "Vendor Name": "nCipher Security Limited", "Module Name": "nShield F3 10+ [1], nShield F3 500+ [2], nShield F3 6000+ [3], nShield F3 500+ for nShield Connect+ [4], nShield F3 1500+ for nShield Connect+ [5] and nShield F3 6000+ for nShield Connect+ [6]", "Module Type": "Hardware", "Validation Date": "05/13/201411/24/201501/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2148.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2148", "detail_available": true, "module_name": "nShield F3 10+ [1], nShield F3 500+ [2], nShield F3 6000+ [3], nShield F3 500+ for nShield Connect+ [4], nShield F3 1500+ for nShield Connect+ [5] and nShield F3 6000+ for nShield Connect+ [6]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nShield modules: nShield F3 10+, nShield F3 500+, nShield F3 6000+, nShield F3 500+ for nShield Connect+, nShield F3 1500+ for nShield Connect+ and nShield F3 6000+ for nShield Connect+ family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2147", "Certificate Number": "2147", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet LUNA® EFT", "Module Type": "Hardware", "Validation Date": "05/13/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2147.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2147", "detail_available": true, "module_name": "SafeNet LUNA® EFT", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "SafeNet LUNA® EFT is designed for Electronic Funds Transfer (EFT) and payment system processing environments, providing powerful end-to-end security for online banking transactions and applications for credit, debit, and chip cards." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2146", "Certificate Number": "2146", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 881W, 881GW, 1941W, 891W, C819HGW+7-A-A-K9, C819HGW-V-A-K9, C819HGW-S-A-K9, and C819HWD-A-K9 Integrated Services Routers (ISRs)", "Module Type": "Hardware", "Validation Date": "05/13/201408/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2146.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2146", "detail_available": true, "module_name": "Cisco 881W, 881GW, 1941W, 891W, C819HGW+7-A-A-K9, C819HGW-V-A-K9, C819HGW-S-A-K9, and C819HWD-A-K9 Integrated Services Routers (ISRs)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 800 Series Integrated Services Routers are fixed-configuration routers that provide collaborative business solutions for data communication to small businesses and enterprise teleworkers. They offer wireless, Metro Ethernet, and multiple DSL technologies to provide business continuity. The routers provide the performance required for concurrent services, including firewall, intrusion prevention, content filtering, and encryption for VPNs for optimizing voice and video applications.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2145", "Certificate Number": "2145", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 1941, 2901, 2911, 2921, 2951, 3925, 3945 Integrated Services Routers (ISRs) and ISM", "Module Type": "Hardware", "Validation Date": "05/13/201408/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2145.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2145", "detail_available": true, "module_name": "Cisco 1941, 2901, 2911, 2921, 2951, 3925, 3945 Integrated Services Routers (ISRs) and ISM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Integrated Services Routers (ISRs) are routing platforms that provide comprehensive security services including VPN for small businesses, enterprise small branch and teleworkers. The platforms are architected to enable the next phase of branch-office evolution, providing rich media collaboration and virtualization to the branch while offering a wide-range of connectivity options. The VPN ISM is a module for the ISRs that provides the capability to considerably increase performance for VPN encrypted traffic,", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2144", "Certificate Number": "2144", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-3950B/3951B", "Module Type": "Hardware", "Validation Date": "05/06/201407/24/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2144.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2144", "detail_available": true, "module_name": "FortiGate-3950B/3951B", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "FortiGate Multi-Threat Security Solutions are dedicated, hardware-based devices that deliver complete content protection against blended threats at the network perimeter or within the internal network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2143", "Certificate Number": "2143", "Vendor Name": "Dell, Inc.", "Module Name": "Dell AppAssure Crypto Library", "Module Type": "Software", "Validation Date": "05/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2143.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2143", "detail_available": true, "module_name": "Dell AppAssure Crypto Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Dell AppAssure Crypto Module provides data encryption functionality. The Module is a software component used by other software products to encrypt and decrypt data. The Module implements AES (Rijndael) CBC mode functions. Physically, the Module is a DLL file delivered with a file containing the DLL's digital signature." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2142", "Certificate Number": "2142", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-C Micro Edition", "Module Type": "Software", "Validation Date": "05/06/201402/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2142.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2142", "detail_available": true, "module_name": "RSA BSAFE® Crypto-C Micro Edition", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Crypto-C Micro Edition (ME) Module is RSA Security, Inc.'s cryptographic library designed for securing mobile devices like wireless phones and personal digital assistants. It contains assembly-level optimizations on key wireless processors. Its functionality includes a wide range of data encryption and signing algorithms, including Triple-DES, the Advanced Encryption Standard (AES) algorithm, the RSA Public Key Cryptosystem, the DSA government signature algorithm, MD5 and SHA1 message digest routines, and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2141", "Certificate Number": "2141", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade® FCX L2/L3 Switch and Brocade FastIron® SX Series L2/L3 Switch", "Module Type": "Hardware", "Validation Date": "05/06/201406/05/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2141.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2141", "detail_available": true, "module_name": "Brocade® FCX L2/L3 Switch and Brocade FastIron® SX Series L2/L3 Switch", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The 24-port and 48-port models of the Brocade FCX Series of switches support Power over Ethernet (PoE) and non-PoE applications. They are designed to meet today's enterprise campus and data center network wire-speed and non-blocking performance requirement. The FastIron SX Series extends control from the network edge to the core with intelligent network services, such as Quality of Service (QoS). The FastIron SX Series provides a scalable, secure, low-latency, and fault-tolerant IP services solution for 1 and 10 Gigabit Ethernet (GbE) enterprise deployments.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2140", "Certificate Number": "2140", "Vendor Name": "Uplogix, Inc.", "Module Name": "Uplogix 430 [1, a], 3200 [2, a], 500 [3, a, b] and 5000 [4, a b]", "Module Type": "Hardware", "Validation Date": "04/30/201405/20/201405/16/201705/16/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2140.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2140", "detail_available": true, "module_name": "Uplogix 430 [1, a], 3200 [2, a], 500 [3, a, b] and 5000 [4, a b]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Uplogix is a network independent management platform that locates with - and directly connects to - managed devices. Standing alone or augmenting existing centralized management tools, Uplogix provides configuration, performance and security management actions that are best performed locally. Local Management reduces operational costs, speeds problem resolution, and improves security and compliance versus centralized-only management. Our local focus on network device automation enables the transition to more network sensitive cloud and virtual infrastructure technologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2139", "Certificate Number": "2139", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® z/VM® Version 6 Release 3 System SSL Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "04/30/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2139.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2139", "detail_available": true, "module_name": "IBM® z/VM® Version 6 Release 3 System SSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "Module Description: z/VM System SSL provides cryptographic functions which allows z/VM to protect data using the SSL/TLS protocols. z/VM System SSL also enables administrators to create and manage X.509 V3 certificates and keys within key database files." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2138", "Certificate Number": "2138", "Vendor Name": "Symantec Corporation", "Module Name": "Symantec Java Cryptographic Module", "Module Type": "Software", "Validation Date": "04/29/201407/11/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2138.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2138", "detail_available": true, "module_name": "Symantec Java Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "This module contains the embedded module RSA BSAFE® Crypto-J Software Module validated to FIPS 140-2 under Cert. #1786 operating in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Symantec Java Cryptographic Module provides a comprehensive set of cryptographic services for Symantec products including, but not limited to, the Symantec Data Loss Prevention Suite.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2137", "Certificate Number": "2137", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Vulnerability Manager Cryptographic Module", "Module Type": "Software", "Validation Date": "04/29/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2137.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2137", "detail_available": true, "module_name": "McAfee Vulnerability Manager Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The McAfee Vulnerability Manager Cryptographic Module scans specified targets for vulnerabilities and misconfiguration. It provides a management interface to configure the system and generate reports regarding the results of the scans.", "algorithms": [ "AES", "DES", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2136", "Certificate Number": "2136", "Vendor Name": "Aruba a Hewlett Packard Enterprise Company", "Module Name": "Aruba 7200 Series Controllers with ArubaOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "06/09/201403/20/201501/13/201607/06/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2136.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2136", "detail_available": true, "module_name": "Aruba 7200 Series Controllers with ArubaOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba's family of Mobility Controllers are network infrastructure devices providing secure, scalable solutions for enterprise Wi-Fi, network security policy enforcement, VPN services, and wireless intrusion detection and prevention. Mobility controllers serve as central points of authentication, encryption, access control, and network coordination for all mobile network services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2135", "Certificate Number": "2135", "Vendor Name": "AFORE Solutions Inc.", "Module Name": "CloudLink Crypto Module", "Module Type": "Software", "Validation Date": "04/24/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2135.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2135", "detail_available": true, "module_name": "CloudLink Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 9 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The CloudLink Crypto Module is a general purpose cryptographic library which provides cryptographic services for all CloudLink application modules.", "algorithms": [ "DSA", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2134", "Certificate Number": "2134", "Vendor Name": "Harris Corporation", "Module Name": "RF-7800W Broadband Ethernet Radio", "Module Type": "Hardware", "Validation Date": "04/24/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2134.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2134", "detail_available": true, "module_name": "RF-7800W Broadband Ethernet Radio", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The RF-7800W(-OU47x,-OU49x,-OU50x) Broadband Ethernet Radio(BER) is designed for High Capacity Line of Sight (HCLOS) networks with broadband Ethernet requirements. The radio can be mounted on a mast for quick deployment or on a tower system and is designed for long haul backbone systems. The BER operates in the 4.4 - 5.8 GHz frequency band. The BER is an ideal wireless networking solution for public safety, first responders, training and simulation networks and long haul/short haul battlefield communications. The RF-7800W operates in Point-to-Point and Point to Multipoint in the same platform.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2133", "Certificate Number": "2133", "Vendor Name": "SecureAgent® Software Inc.", "Module Name": "SecureAgent® Software Cryptographic Module", "Module Type": "Software", "Validation Date": "04/25/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2133.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2133", "detail_available": true, "module_name": "SecureAgent® Software Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of module integrity when operating in non-FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The SecureAgent® Software Cryptographic Module provides the core cryptographic services for several secure communications and controller systems designed and manufactured by SecureAgent® Software." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2132", "Certificate Number": "2132", "Vendor Name": "McAfee, Inc.", "Module Name": "Network Security Platform Sensor M-8000 S", "Module Type": "Hardware", "Validation Date": "05/30/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2132.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2132", "detail_available": true, "module_name": "Network Security Platform Sensor M-8000 S", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2131", "Certificate Number": "2131", "Vendor Name": "McAfee, Inc.", "Module Name": "Network Security Platform Sensor M-8000 P", "Module Type": "Hardware", "Validation Date": "05/30/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2131.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2131", "detail_available": true, "module_name": "Network Security Platform Sensor M-8000 P", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2130", "Certificate Number": "2130", "Vendor Name": "Northrop Grumman M5 Network Security", "Module Name": "SCS Linux Kernel Cryptographic Services module", "Module Type": "Software", "Validation Date": "05/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2130.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2130", "detail_available": true, "module_name": "SCS Linux Kernel Cryptographic Services module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module OpenSSL FIPS Object Module V2 validated to FIPS 140-2 under Cert. #1747 operating in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "A FIPS module that provides a C-language application program interface (API) for use by other processes that require cryptographic functionality within the SCS 100 and 200 hardware platforms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2129", "Certificate Number": "2129", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "RFS7000 SERIES Wireless Controller", "Module Type": "Hardware", "Validation Date": "04/25/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2129.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2129", "detail_available": true, "module_name": "RFS7000 SERIES Wireless Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The RFS-7000 wireless switch is a highly scalable management platform for managing large multi-site distributed and campus wireless networks. The RFS-7000 can manage networks of AP-7131N, AP-7161 and AP-7181 access points. Additionally, it provides functionality like centralized captive portal, centralized security (firewall, VPN) and high availability.", "algorithms": [ "AES", "DES", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2128", "Certificate Number": "2128", "Vendor Name": "Gigamon Inc.", "Module Name": "Gigamon Linux-Based Cryptographic Module", "Module Type": "Software", "Validation Date": "05/20/201410/23/201402/10/201601/18/202203/03/202210/14/202201/26/202310/02/202311/03/2023", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2128.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2128", "detail_available": true, "module_name": "Gigamon Linux-Based Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Gigamon Linux-Based Cryptographic Module provides cryptographic functions for Gigamon products and solutions.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2127", "Certificate Number": "2127", "Vendor Name": "Athena Smartcard Inc.", "Module Name": "IDProtect Duo with LASER PKI", "Module Type": "Hardware", "Validation Date": "04/09/201405/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2127.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2127", "detail_available": true, "module_name": "IDProtect Duo with LASER PKI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. No assurance of Secure Channel Protocol (SCP) message integrity", "module_type": "Hardware", "embodiment": "Single-chip", "description": "IDProtect is a Cryptographic Module based on the Athena OS755 Java Card smart card operating system with 80KB of EEPROM. IDProtect is compliant with the latest Java Card 2.2.2 and GlobalPlatform 2.1.1 specifications and is validated to FIPS 140-2 Level 3. IDProtect supports FIPS approved DRBG, SHA-1 and all SHA-2, TDES, AES, RSA, ECDSA and ECC CDC, and RSA and ECC key generation. IDProtect exposes PKI and Biometric APIs and is designed for high-performance government and enterprise smart card applications.", "algorithms": [ "AES", "CVL", "DRBG", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2126", "Certificate Number": "2126", "Vendor Name": "Integral Memory PLC.", "Module Name": "Integral AES 256 Bit Crypto SSD Underlying PCB", "Module Type": "Hardware", "Validation Date": "04/09/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2126.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2126", "detail_available": true, "module_name": "Integral AES 256 Bit Crypto SSD Underlying PCB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Integral Crypto SSD is the Full Disk Encryption solution for Windows desktops and laptops. Featuring AES 256-bit Hardware Encryption so you can encrypt and protect your sensitive data and get the speed, reliability and power benefits of SSD. It comes in, 32 GB 64 GB 128 GB, 256 GB, 512 GB and 1TB SATA II & III versions. The devices feature an epoxy resin coating around both the circuit components and the printed circuit board (PCB)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2125", "Certificate Number": "2125", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "ACT2Lite Module", "Module Type": "Hardware", "Validation Date": "04/09/201409/18/201509/30/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2125.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2125", "detail_available": true, "module_name": "ACT2Lite Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "ACT2-Lite (Anti-Counterfeit Technology 2 Lite) is the ACT family (ACT 1T, Quack 1 and 2) next generation. It is an ancillary security device containing product identity information and assertion functionality to support product identity for various usages including anti-counterfeit functionality as well as other security functionality to be used across many different hardware platforms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2124", "Certificate Number": "2124", "Vendor Name": "Vidyo, Inc.", "Module Name": "Cryptographic Security Kernel", "Module Type": "Software", "Validation Date": "04/09/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2124.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2124", "detail_available": true, "module_name": "Cryptographic Security Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Vidyo Cryptographic Security Kernel (CSK) is a subset of the Vidyo Technology Software Development Kit, which consists of a set of libraries providing video conferencing capabilities. The SDK allows licensed end-users to implement video conferencing capabilities within their own software applications; the Vidyo CSK library provides the cryptographic functions required to secure the communications.", "algorithms": [ "AES", "DRBG", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2123", "Certificate Number": "2123", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise Virtual Appliance for VMware", "Module Type": "Software", "Validation Date": "04/09/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2123.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2123", "detail_available": true, "module_name": "McAfee Firewall Enterprise Virtual Appliance for VMware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and when installed, initialized and configured as specified in the Security Policy Section 3.1. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee's Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2122", "Certificate Number": "2122", "Vendor Name": "VMware, Inc.", "Module Name": "VMware Cryptographic Module", "Module Type": "Software", "Validation Date": "04/04/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2122.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2122", "detail_available": true, "module_name": "VMware Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The VMware Cryptographic Module is a software library providing FIPS 140-2 -approved cryptographic algorithms and services for protecting data-in-transit and data-at-rest on VMware products and platforms.", "algorithms": [ "AES", "DES", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2121", "Certificate Number": "2121", "Vendor Name": "nCipher Security Limited", "Module Name": "nShield F2 500+ [1], nShield F2 1500+ [2] and nShield F2 6000+ [3]", "Module Type": "Hardware", "Validation Date": "04/03/201406/05/201411/24/201508/07/201808/28/201801/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2121.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2121", "detail_available": true, "module_name": "nShield F2 500+ [1], nShield F2 1500+ [2] and nShield F2 6000+ [3]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nShield modules: nShield F2 500+, nShield F2 1500+ and nShield F2 6000+ family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2120", "Certificate Number": "2120", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "03/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2120.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2120", "detail_available": true, "module_name": "Samsung OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Provides general purpose cryptographic services to user-space applications on the mobile platform for the protection of data in transit." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2119", "Certificate Number": "2119", "Vendor Name": "Seagate Technology LLC", "Module Name": "Seagate Secure® TCG Opal SSC Self-Encrypting Drive FIPS 140-2 Module", "Module Type": "Hardware", "Validation Date": "03/28/201405/21/201406/27/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2119.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2119", "detail_available": true, "module_name": "Seagate Secure® TCG Opal SSC Self-Encrypting Drive FIPS 140-2 Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The cryptographic module (CM) in the Seagate Secure® TCG Opal SSC Self-Encrypting Drive provides a wide range of cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, instantaneous user data disposal with cryptographic erase, independently controlled and protected user data LBA ranges, and authenticated FW download. The services are provided through an industry-standard TCG Opal SSC interface.", "algorithms": [ "AES", "DRBG", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2118", "Certificate Number": "2118", "Vendor Name": "Hewlett Packard®, Enterprise", "Module Name": "NonStop Volume Level Encryption (NSVLE)", "Module Type": "Software", "Validation Date": "04/03/201403/17/201703/20/201702/20/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2118.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2118", "detail_available": true, "module_name": "NonStop Volume Level Encryption (NSVLE)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "HPE NonStop Volume Level Encryption, or NSVLE, is a fully integrated encryption solution using FIPS Approved algorithms to protect data from threats such as theft and unauthorized disclosure." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2117", "Certificate Number": "2117", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks EX3300, EX4200, EX4500 Ethernet Switches", "Module Type": "Hardware", "Validation Date": "03/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2117.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2117", "detail_available": true, "module_name": "Juniper Networks EX3300, EX4200, EX4500 Ethernet Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode and with the tamper evidence seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "EX Series Ethernet switches deliver access, aggregation, and core layer switching services in branch, campus, and data center networks to ensure fast, secure, reliable delivery of data and applications. All EX Series Ethernet Switches run the same Junos operating system as other Juniper switches, routers, and security solutions, ensuring consistent, predictable behavior across the entire network infrastructure." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2116", "Certificate Number": "2116", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 4503-E, Catalyst 4506-E, Catalyst 4507R-E, Catalyst 4507R+E, Catalyst 4510R-E, Catalyst 4510R+E, Catalyst C4500X-16SFP+, Catalyst C4500X-F-16SFP+, Catalyst C4500X-32SFP+, Catalyst C4500X-F-32SFP+, Catalyst C4500X-24X-ES, Catalyst C4500X-40X-ES, Catalyst C4500X-24X-IPB with Supervisor Cards (WS-X45-SUP7-E, WS-X45-Sup7L-E) and Line Cards (WS-X4640-CSFP-E, WS-X4712-SFP+E, WS-X4748-NGPOE+E, WS-X4748-RJ45-E and WS-X4748-RJ45V+E)", "Module Type": "Hardware", "Validation Date": "03/26/201404/16/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2116.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2116", "detail_available": true, "module_name": "Cisco Catalyst 4503-E, Catalyst 4506-E, Catalyst 4507R-E, Catalyst 4507R+E, Catalyst 4510R-E, Catalyst 4510R+E, Catalyst C4500X-16SFP+, Catalyst C4500X-F-16SFP+, Catalyst C4500X-32SFP+, Catalyst C4500X-F-32SFP+, Catalyst C4500X-24X-ES, Catalyst C4500X-40X-ES, Catalyst C4500X-24X-IPB with Supervisor Cards (WS-X45-SUP7-E, WS-X45-Sup7L-E) and Line Cards (WS-X4640-CSFP-E, WS-X4712-SFP+E, WS-X4748-NGPOE+E, WS-X4748-RJ45-E and WS-X4748-RJ45V+E)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels and security devices installed on the initially built configuration as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Catalyst 4500 Series switches are Cisco`s leading modular switches for borderless access and price/performance distribution deployments. They offer best-in-class investment protection with forward and backward compatibility and deep application visibility with Flexible NetFlow. The Catalyst 4500 Series Switches meet FIPS 140-2 overall Level 2 requirements as multi-chip standalone modules. The switches include cryptographic algorithms implemented in IOS software as well as hardware ASICs. The module provides 802.1X-rev." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2115", "Certificate Number": "2115", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiAnalyzer-4000B", "Module Type": "Hardware", "Validation Date": "03/26/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2115.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2115", "detail_available": true, "module_name": "FortiAnalyzer-4000B", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FortiAnalyzer family of logging, analyzing, and reporting appliances securely aggregate log data from Fortinet devices and other syslog-compatible devices. Using a comprehensive suite of customizable reports, users can filter and review records, including traffic, event, virus, attack, Web content, and email data." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2114", "Certificate Number": "2114", "Vendor Name": "Proofpoint Inc.", "Module Name": "Proofpoint Security Library", "Module Type": "Software", "Validation Date": "03/26/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2114.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2114", "detail_available": true, "module_name": "Proofpoint Security Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The module is a Java language cryptographic component to be used by the various Proofpoint security products. The module is designed to meet Level 1 requirements of FIPS 140-2 standard. The module is a cryptographic library that provides variety of cryptographic services (both approved as well as non-approved). The module can be executed on any general-purpose PC and operating system capable of running JRE 1.6 or later." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2113", "Certificate Number": "2113", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-VM Virtual Appliances", "Module Type": "Software", "Validation Date": "03/25/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2113.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2113", "detail_available": true, "module_name": "FortiGate-VM Virtual Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and when installed, initialized and configured as specified in Section FIPS 140-2 Compliant Operation of the provided Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "FortiGate virtual appliances allow you to mitigate blind spots by implementing critical security controls within your virtual infrastructure. They also allow you to rapidly provision security infrastructure whenever and wherever it is needed. FortiGate virtual appliances feature all of the security and networking services common to traditional hardware-based FortiGate appliances. With the addition of virtual appliances from Fortinet, you can deploy a mix of hardware and virtual appliances, operating together and managed from a common centralized management platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2112", "Certificate Number": "2112", "Vendor Name": "AT&T Services, Inc.", "Module Name": "AT&T Toggle Cryptographic Security Module", "Module Type": "Software", "Validation Date": "03/25/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2112.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2112", "detail_available": true, "module_name": "AT&T Toggle Cryptographic Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3.1.1 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The AT&T Toggle Cryptographic Security Module (TCSM) 1.0 provides cryptographic services for the Toggle. The TCSM modules provide low level Encryption and MAC Hashing routines, for protecting and securing mobile devices. The TCSM provides a highly secure encrypted container for enterprise-managed mobile applications, content and data to enable a highly secure mobile workspace that separates corporate information from personal information on the same mobile device. Toggle provides application level security, an automated application wrapping process and dynamic app-based security policy cont", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2111", "Certificate Number": "2111", "Vendor Name": "Christie Digital Systems Canada Inc.", "Module Name": "Christie IMB-S2 4K Integrated Media Block (IMB)", "Module Type": "Hardware", "Validation Date": "03/21/201406/05/201410/16/201405/29/201506/27/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2111.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2111", "detail_available": true, "module_name": "Christie IMB-S2 4K Integrated Media Block (IMB)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Christie IMB-S2 is a DCI-compliant solution to enable the playback of the video, audio and timed text essence on a 2K or 4K DLP Series-II digital cinema projector. The IMB-S2 utilizes an integrated SMS and permits the playback of alternative content and High Frame Rate (HFR) material." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2110", "Certificate Number": "2110", "Vendor Name": "BlackBerry Limited", "Module Name": "BlackBerry Cryptographic Library for Secure Work Space", "Module Type": "Software", "Validation Date": "03/21/201401/24/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2110.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2110", "detail_available": true, "module_name": "BlackBerry Cryptographic Library for Secure Work Space", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section A.1.1 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "BlackBerry® provides a suite of hardware, software, and services, which allow customers to utilize a single end-to-end Mobile Device Management (MDM) solution. The BlackBerry Cryptographic Library for Secure Work Space is a software module that provides cryptographic services required for secure operation of non-BlackBerry® devices running supported operating systems, when used in conjunction with BlackBerry® MDM solutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2109", "Certificate Number": "2109", "Vendor Name": "Pulse Secure, LLC.", "Module Name": "Odyssey Security Component Kernel Mode", "Module Type": "Software", "Validation Date": "03/21/201402/13/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2109.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2109", "detail_available": true, "module_name": "Odyssey Security Component Kernel Mode", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Odyssey Security Component (OSC) is a general purpose cryptographic library. OSC Kernel Mode is a kernel-mode binary module for the Windows operating system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2108", "Certificate Number": "2108", "Vendor Name": "OpenPeak, Inc.", "Module Name": "OpenPeak Cryptographic Security Module", "Module Type": "Software", "Validation Date": "03/19/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2108.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2108", "detail_available": true, "module_name": "OpenPeak Cryptographic Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3.1.1 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The OpenPeak Cryptographic Security Module (OCSM) 1.0 provides underlying cryptography primitives for OpenPeak’s ADAM platform, an advanced device and application management suite that provides comprehensive Mobile Enterprise Management as a cloud-hosted service. The OCSM provides a secure encrypted container for enterprise-managed applications, content and data to enable a highly secure mobile workspace that separates corporate information from personal information on the same mobile device.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2107", "Certificate Number": "2107", "Vendor Name": "Vocera Communications, Inc.", "Module Name": "Vocera Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "03/19/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2107.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2107", "detail_available": true, "module_name": "Vocera Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "Vocera B3000 Badge is a wearable hands-free voice-controlled device that provides easy-to-use and instantaneous communication on a wireless LAN network. The Vocera Cryptographic Module, embedded in the B3000 Badge, ensures protected communications using industry-standard secure wireless communication protocols.", "algorithms": [ "AES", "DRBG", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2106", "Certificate Number": "2106", "Vendor Name": "DTECH LABS, Inc.", "Module Name": "M3-SE-RTR2 and TXC3", "Module Type": "Hardware", "Validation Date": "03/19/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2106.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2106", "detail_available": true, "module_name": "M3-SE-RTR2 and TXC3", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The M3-SE-RTR2 and TXC3 are high-performance, ruggedized routers utilizing the Cisco 5915 ESR. With onboard hardware encryption, the Cisco 5915 offloads encryption processing from the router to provide highly secure yet scalable video, voice, and data services for mobile and embedded outdoor networks. The M3-SE-RTR2 and TXC3 provide a scalable, secure, manageable remote access server that meets FIPS 140-2 Level 2 requirements.", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2105", "Certificate Number": "2105", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiAnalyzer 4.0 MR3", "Module Type": "Firmware", "Validation Date": "03/19/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2105.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2105", "detail_available": true, "module_name": "FortiAnalyzer 4.0 MR3", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The FortiAnalyzer family of logging, analyzing, and reporting appliances securely aggregate log data from Fortinet devices and other syslog-compatible devices. Using a comprehensive suite of customizable reports, users can filter and review records, including traffic, event, virus, attack, Web content, and email data." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2104", "Certificate Number": "2104", "Vendor Name": "Dell Software, Inc.", "Module Name": "NSA E7500", "Module Type": "Hardware", "Validation Date": "03/18/201404/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2104.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2104", "detail_available": true, "module_name": "NSA E7500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "NSA E-Class: The Dell SonicWALL E-Class Network Security Appliance (NSA) Series is engineered to provide high performance Unified Threat Management (UTM) threat prevention and application inspection to meet the needs of expanding enterprise networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2103", "Certificate Number": "2103", "Vendor Name": "SafeNet, Inc.", "Module Name": "ProtectServer Gold (PSG)", "Module Type": "Hardware", "Validation Date": "03/14/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2103.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2103", "detail_available": true, "module_name": "ProtectServer Gold (PSG)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The SafeNet PSG Adapter is a high-end intelligent PCI adapter card that provides a wide range of cryptographic functions using firmware and dedicated hardware processors. Access to the PSG is provided via a comprehensive PKCS#11 API, allowing extremely flexible use of the module in a multitude of applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2102", "Certificate Number": "2102", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks EX6200 and EX8200 Ethernet Switches Routing Engines", "Module Type": "Hardware", "Validation Date": "03/11/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2102.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2102", "detail_available": true, "module_name": "Juniper Networks EX6200 and EX8200 Ethernet Switches Routing Engines", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode and with the tamper evidence seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "EX Series Ethernet switches deliver access, aggregation, and core layer switching services in branch, campus, and data center networks to ensure fast, secure, reliable delivery of data and applications. All EX Series Ethernet Switches run the same Junos operating system as other Juniper switches, routers, and security solutions, ensuring consistent, predictable behavior across the entire network infrastructure." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2101", "Certificate Number": "2101", "Vendor Name": "Symantec Corporation", "Module Name": "Symantec Mobility: Suite Cryptographic Module", "Module Type": "Software", "Validation Date": "03/14/201404/03/201407/23/201502/12/201602/25/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2101.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2101", "detail_available": true, "module_name": "Symantec Mobility: Suite Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #1938.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Symantec Mobility: Suite Cryptographic Module Version 1.0 provides cryptographic functions for Symantec Mobility: Suite, a scalable solution for deploying and managing native and web apps on corporate-liable and employee-owned mobile devices.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2100", "Certificate Number": "2100", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco FIPS Object Module", "Module Type": "Software", "Validation Date": "03/07/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2100.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2100", "detail_available": true, "module_name": "Cisco FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3.2 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Cisco FIPS Object Module (FOM) is a software library that provides cryptographic services to a vast array of Cisco's networking and collaboration products. The module provides FIPS 140 validated cryptographic algorithms for services such as IPSEC, SRTP, SSH, TLS, 802.1x, etc. The module does not directly implement any of these protocols, instead it provides the cryptographic primitives and functions to allow a developer to implement the various protocols.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2099", "Certificate Number": "2099", "Vendor Name": "Riverbed Technology, Inc.", "Module Name": "Riverbed Cryptographic Security Module", "Module Type": "Software", "Validation Date": "03/07/201404/16/201409/25/201412/15/201511/01/201611/02/201612/09/201601/05/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2099.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2099", "detail_available": true, "module_name": "Riverbed Cryptographic Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 4 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Riverbed Cryptographic Security Module (\"RCSM\") provides the cryptographic functionality for a variety of Riverbed's platforms including Steelhead, SteelFusion and SteelCentral products. Using RCSM to provide FIPS compliance across Riverbed solutions, strengthens security and facilitates the product certification and accreditation processes, enabling hybrid enterprises to transform application performance into a competitive advantage by maximizing employee productivity and leveraging IT to create new forms of operational agility.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2098", "Certificate Number": "2098", "Vendor Name": "Gemalto", "Module Name": "IDPrime MD 830", "Module Type": "Hardware", "Validation Date": "03/05/201408/04/201604/03/201805/31/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2098.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2098", "detail_available": true, "module_name": "IDPrime MD 830", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "IDPrime MD 830 is a Minidriver enabled PKI smartcard, offering all the necessary services (with either RSA or Elliptic curves algorithms) to secure an IT Security and ID access infrastructure.", "algorithms": [ "AES", "DES", "ECDH", "ECDSA", "KTS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2097", "Certificate Number": "2097", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE(R) Crypto-C Micro Edition", "Module Type": "Software", "Validation Date": "03/05/201411/25/201402/03/201601/05/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2097.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2097", "detail_available": true, "module_name": "RSA BSAFE(R) Crypto-C Micro Edition", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Crypto-C Micro Edition (ME) Module is RSA, The Security Division of EMC's cryptographic library designed for securing mobile devices like wireless phones and personal digital assistants. It contains assembly-level optimizations on key wireless processors. Its functionality includes a wide range of data encryption and signing algorithms, including Triple-DES, the Advanced Encryption Standard (AES) algorithm, the RSA Public Key Cryptosystem, the DSA government signature algorithm, MD5 and SHA1 message digest routines, and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2096", "Certificate Number": "2096", "Vendor Name": "WatchDox, Inc.", "Module Name": "WatchDox® CryptoModule", "Module Type": "Software", "Validation Date": "03/05/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2096.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2096", "detail_available": true, "module_name": "WatchDox® CryptoModule", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The WatchDox Crypto Module provides the services necessary to support the cryptographic features and functions of the WatchDox Secure File Sharing services and products.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2095", "Certificate Number": "2095", "Vendor Name": "Symantec Corporation", "Module Name": "Symantec Mobility: Suite Server Cryptographic Module", "Module Type": "Software", "Validation Date": "02/28/201407/23/201502/11/201602/11/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2095.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2095", "detail_available": true, "module_name": "Symantec Mobility: Suite Server Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Symantec Mobility: Suite Server Cryptographic Module provides cryptographic functions for the Server component of Symantec Mobility: Suite, a scalable solution for deploying and managing native and web apps on corporate‐liable and employee‐owned mobile devices.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2094", "Certificate Number": "2094", "Vendor Name": "Securonix, Inc.", "Module Name": "Intelligence Platform Cryptographic Module", "Module Type": "Software", "Validation Date": "02/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2094.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2094", "detail_available": true, "module_name": "Intelligence Platform Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Intelligence Platform Cryptographic Module provides cryptographic functions for the Intelligence Platform products from Securonix.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2093", "Certificate Number": "2093", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 3560-C [1], 3560-X [2] and 3750-X [3] Switches", "Module Type": "Hardware", "Validation Date": "02/27/201403/12/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2093.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2093", "detail_available": true, "module_name": "Cisco Catalyst 3560-C [1], 3560-X [2] and 3750-X [3] Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cisco Catalyst Switches provide enterprise-class access for campus and branch applications. Designed for operational simplicity to lower total cost of ownership, they enable scalable, secure and energy-efficient business operations with intelligent services and a range of advanced Cisco IOS Software features. The Catalyst Switches meet FIPS 140-2 overall Level 2 requirements as multi-chip standalone modules.", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "RSA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2092", "Certificate Number": "2092", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung FIPS BC for Mobile Phone and Tablet", "Module Type": "Software", "Validation Date": "02/26/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2092.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2092", "detail_available": true, "module_name": "Samsung FIPS BC for Mobile Phone and Tablet", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Provides general purpose cryptographic services to user-space applications on the mobile platform for the protection of data in transit." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2091", "Certificate Number": "2091", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Optical Networking Solution (ONS) 15454 Multiservice Transport Platforms (MSTPs)", "Module Type": "Hardware", "Validation Date": "02/26/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2091.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2091", "detail_available": true, "module_name": "Cisco Optical Networking Solution (ONS) 15454 Multiservice Transport Platforms (MSTPs)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and when tamper evident labels are installed on the initially built configuration as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco ONS 15454 Multiservice Transport Platform (MSTP) is the most deployed metropolitan-area (metro) and regional dense wavelength division multiplexing (DWDM) solution in the world featuring two- through eight-degree reconfigurable optical add/drop multiplexer (ROADM) technology that enables wavelength provisioning across entire networks and eliminates the need for optical-to-electrical-to-optical (OEO) transponder conversions.", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "KDF", "RSA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2090", "Certificate Number": "2090", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ASR 1001 [1][K1], ASR 1002 [2][K2][E1 or E2], ASR1002-X [3][K2], ASR 1004 [4][K3][R1 or R2][E2, E3 or E4], ASR 1006 [5][K4][single or dual E2, E3, E4 or E5][dual R1 or R2] and ASR 1013 [6][K5][E4 or E5][R2]", "Module Type": "Hardware", "Validation Date": "02/26/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2090.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2090", "detail_available": true, "module_name": "Cisco ASR 1001 [1][K1], ASR 1002 [2][K2][E1 or E2], ASR1002-X [3][K2], ASR 1004 [4][K3][R1 or R2][E2, E3 or E4], ASR 1006 [5][K4][single or dual E2, E3, E4 or E5][dual R1 or R2] and ASR 1013 [6][K5][E4 or E5][R2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and when tamper evident labels and security devices are installed on the initially built configuration as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The ASR 1000 Routers accelerate services by offering performance and resiliency with optimized, intelligent services; establishing a benchmark for price-to-performance offerings in the enterprise routing, service provider edge, and broadband aggregation segments; facilitating significant network innovations in areas such as secure WAN aggregation, managed customer-premises-equipment services, and service provider edge services, and reducing operating expenses and capital expenditures by facilitating managed or hosted services over identical architectures and operating environments.", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2089", "Certificate Number": "2089", "Vendor Name": "HGST, Inc.", "Module Name": "HGST Ultrastar SSD800/1000/1600 TCG Enterprise SSDs", "Module Type": "Hardware", "Validation Date": "02/25/201404/03/201404/11/201407/17/201409/12/201410/23/201412/31/201401/23/201502/13/201505/29/201508/07/201509/04/201509/30/201512/09/201502/23/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2089.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2089", "detail_available": true, "module_name": "HGST Ultrastar SSD800/1000/1600 TCG Enterprise SSDs", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "HGST Self-Encrypting Drives implement TCG Storage specifications, and meet or exceed the most demanding performance and security requirements. The Ultrastar SSD800/1000 series are 12Gbs SAS, TCG Enterprise SSDs. 10/23/14: Added HW HUSMH8080ASS205, HUSMH8040ASS205, HUSMH8020ASS205, HUSMM8080ASS205, HUSMM8040ASS205, HUSMM8020ASS205, HUSMR1010ASS205, HUSMR1050ASS205, HUSMR1025ASS205" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2088", "Certificate Number": "2088", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Database Security Sensor Cryptographic Module", "Module Type": "Software", "Validation Date": "02/25/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2088.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2088", "detail_available": true, "module_name": "McAfee Database Security Sensor Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and when installed, initialized and configured as specified in the Security Policy Section 4", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The McAfee Database Security Sensor Cryptographic Module Version 1.0, is a software shared library that provides cryptographic services required by the McAfee Database Security Sensor.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2087", "Certificate Number": "2087", "Vendor Name": "Fixmo, Inc.", "Module Name": "Server Crypto Module", "Module Type": "Software", "Validation Date": "02/24/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2087.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2087", "detail_available": true, "module_name": "Server Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Fixmo Server Crypto Module provides cryptographic functions for Fixmo products and solutions.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "KAS", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2086", "Certificate Number": "2086", "Vendor Name": "Oracle Corporation", "Module Name": "StorageTek T10000C Tape Drive", "Module Type": "Hardware", "Validation Date": "02/22/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2086.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2086", "detail_available": true, "module_name": "StorageTek T10000C Tape Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Oracle StorageTek T10000C Tape Drive blends the highest capacity, performance, reliability, and data security to support demanding, 24/7 data center operations. The StorageTek T10000C Tape Drive delivers the world’s fastest write speeds to a native 5 TB of magnetic tape storage; making it ideal for data center operations with growing volumes. Designed for maximum performance, the drive allows the use of multiple keys per tape with a cache memory to minimize the overhead of key transmission. Works seamlessly with the Oracle Key Manager to provide a secure end-to-end management solution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2085", "Certificate Number": "2085", "Vendor Name": "Curtiss-Wright", "Module Name": "VPX3-685 Secure Routers", "Module Type": "Hardware", "Validation Date": "02/22/201405/22/201412/22/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2085.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2085", "detail_available": true, "module_name": "VPX3-685 Secure Routers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The VPX3-685 Secure Routers are used for strong security in the embedded defense and aerospace industries. They support industry standard encryption algorithms used in IPSec/VPN/IKE/PKI and other networking standards. Including H/W accelerated AES bulk encryption.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2084", "Certificate Number": "2084", "Vendor Name": "GOTrust Technology Inc.", "Module Name": "GO-Trust SDencrypter", "Module Type": "Hardware", "Validation Date": "02/22/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2084.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2084", "detail_available": true, "module_name": "GO-Trust SDencrypter", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS Mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "SDencrypter is a hardware security module embedded into one microSD. The entire encryption, decryption, key generation process is completed inside the module. Fast íºin-chipí¿ processing, using a high-performance smart card chip, supports streaming voice and media operations. High-assurance protection is provided to keys and sensitive data which are encrypted and stored inside the chip." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2083", "Certificate Number": "2083", "Vendor Name": "FiberLogic Communications, Inc.", "Module Name": "TS-250", "Module Type": "Hardware", "Validation Date": "02/22/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2083.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2083", "detail_available": true, "module_name": "TS-250", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The TS-250 can encrypt the high speed network traffic passed through. The module can be configured to encrypt different layer of network traffic, e.g., from Ethernet frame payload or from IP packet payload." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2082", "Certificate Number": "2082", "Vendor Name": "Toshiba Electronic Devices & Storage Corporation", "Module Name": "Toshiba Secure TCG Opal SSC and Wipe technology Self-Encrypting Drive (MQ01ABU050BW, MQ01ABU032BW and MQ01ABU025BW)", "Module Type": "Hardware", "Validation Date": "02/13/201404/23/201407/18/201707/31/201812/04/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2082.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2082", "detail_available": true, "module_name": "Toshiba Secure TCG Opal SSC and Wipe technology Self-Encrypting Drive (MQ01ABU050BW, MQ01ABU032BW and MQ01ABU025BW)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Toshiba Secure TCG Opal SSC and Wipe Technology Self-Encrypting Drive is used for hard disk drive data security. This cryptographic module provides various cryptographic services using FIPS approved algorithms. Services are provided through an industry-standard TCG Opal SSC and the Toshiba Wipe Technology. Services include hardware-based data encryption, cryptographic erase, independently protected user data LBA ranges, host device authentication and secure automatic data invalidation. The last two services are provided by the Toshiba Wipe Technology." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2081", "Certificate Number": "2081", "Vendor Name": "Dispersive Technologies, Inc.", "Module Name": "V2VNet Common Crypto Module", "Module Type": "Software", "Validation Date": "02/22/201409/18/201502/26/201601/18/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2081.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2081", "detail_available": true, "module_name": "V2VNet Common Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "V2VNet Common Crypto Module provides cryptographic functions for Dispersive Solutions V2VNet Server Edition, a scalable solution allowing clients to communicate directly with other clients, and securely route voice, video and data communications.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2080", "Certificate Number": "2080", "Vendor Name": "Senetas Corporation Ltd. and SafeNet Inc.", "Module Name": "CN6000 Series Encryptors", "Module Type": "Hardware", "Validation Date": "02/10/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2080.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2080", "detail_available": true, "module_name": "CN6000 Series Encryptors", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The CN6000 Series Encryptor is a high-speed standards based hardware encryption platform designed to secure data transmitted over optical and twisted-pair Ethernet and optical Fibre Channel networks. Two models are validated: the CN6100 10G Ethernet Encryptor operating at a line rate of 10Gb/s and the CN6040, a protocol selectable model operating at data rates up to 4Gb/s. Configured in Ethernet mode the CN6040 model supports rates of 10Mb/s, 100Mb/s & 1Gb/s and in Fibre Channel mode supports rates of 1.0625, 2.125 & 4.25Gb/s. Data privacy is provided by FIPS approved AES algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2079", "Certificate Number": "2079", "Vendor Name": "Hewlett Packard Enterprise Development LP", "Module Name": "HP-UX Kernel Cryptographic Module", "Module Type": "Software", "Validation Date": "02/07/201412/18/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2079.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2079", "detail_available": true, "module_name": "HP-UX Kernel Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in Section 3 of the Security Policy. When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "HP-UX Kernel Crypto Module (HP-UX KCM) is a kernel-space crypto engine in the HP-UX operating system containing core cryptographic algorithms and operations in a single shared library. It implements asymmetric, symmetric, and digest operations that are used by HP-UX security solutions. HP-UX KCM is available on HP-UX 11i v3 operating system on the HPE Integrity Platform and the HPE Portable HP-UX Platform.", "algorithms": [ "AES", "DRBG", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2078", "Certificate Number": "2078", "Vendor Name": "Dolby Laboratories, Inc.", "Module Name": "CAT904 Dolby® JPEG 2000/MPEG-2 Processor", "Module Type": "Hardware", "Validation Date": "02/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2078.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2078", "detail_available": true, "module_name": "CAT904 Dolby® JPEG 2000/MPEG-2 Processor", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The CAT904 Dolby® JPEG 2000/MPEG-2 Processor performs all the cryptography, license management, and video decoding functions for the DSP100 Dolby Show Player, which forms the nucleus of the Dolby Digital Cinema system. The system offers superb picture quality, outstanding reliability, and the highest level of security in the business. It includes support for JPEG 2000 playback, as specified by DCI, and MPEG-2 for compatibility with alternative content such as preshow advertising. The system also meets other key DCI specifications for security, data rate, and storage capacity." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2077", "Certificate Number": "2077", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Solaris Userland Cryptographic Framework", "Module Type": "Software", "Validation Date": "02/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2077.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2077", "detail_available": true, "module_name": "Oracle Solaris Userland Cryptographic Framework", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Oracle Solaris OS utilizes the Oracle Solaris Userland Cryptographic Framework module for cryptographic functionality for any applications running in user space. It exposes PKCS#11 APIs, uCrypto APIs, and libmd public interfaces to provide cryptography to any application designed to utilize them.", "algorithms": [ "AES", "DES", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2076", "Certificate Number": "2076", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Solaris Userland Cryptographic Framework with SPARC T4 and SPARC T5", "Module Type": "Software-Hybrid", "Validation Date": "02/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2076.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2076", "detail_available": true, "module_name": "Oracle Solaris Userland Cryptographic Framework with SPARC T4 and SPARC T5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "The Oracle Solaris OS utilizes two cryptographic modules; one in the Userland space and the second in the Kernel space. The OS uses the Oracle Solaris Userland Cryptographic Framework module for cryptographic functionality for any applications running in user space. It exposes PKCS#11 APIs, uCrypto APIs, and libmd public interfaces to provide cryptography to any application designed to utilize them. The module includes the SPARC T4 and SPARC T5 processor special instruction sets for hardware-accelerated cryptography.", "algorithms": [ "AES", "DES", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2075", "Certificate Number": "2075", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with Wireless Services Modules-2 (WiSM2)", "Module Type": "Hardware", "Validation Date": "01/29/201402/20/201403/13/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2075.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2075", "detail_available": true, "module_name": "Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with Wireless Services Modules-2 (WiSM2)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and physical security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with WiSM WLAN Controller deliver centralized control and high capacity for medium to large-scale Enterprise wireless LAN networks. In FIPS 140-2 mode of operation, the Cisco WiSM2 Controller supports the IEEE 802.11i & 802.1x standards, IETF CAPWAP standard and supports a Secure Wireless Architecture with certified WiFi Alliance WPA-2 security. The Cisco WiSM2 Controller supports voice, video and data services along with Cisco Clean Air technology, IPv6 mobility, intrusion protection and intelligent radio resource management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2074", "Certificate Number": "2074", "Vendor Name": "ViaSat, Inc.", "Module Name": "Embeddable Security System (ES-1200)", "Module Type": "Hardware", "Validation Date": "02/22/201403/12/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2074.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2074", "detail_available": true, "module_name": "Embeddable Security System (ES-1200)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The ES-1200 is a low cost, size, weight & power multichip programmable embedded cryptographic module. It provides encryption and decryption services, plaintext bypass, key management, and PIN-based access control. The ES-1200 is intended for use in environments where FIPS 140-2 Level 2 cryptographic products are required. Typical applications are military Transmission Security (TRANSEC), Communications Security (COMSEC), and Data-At-Rest (DAR) using Suite B cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2073", "Certificate Number": "2073", "Vendor Name": "GoldKey Security Corporation", "Module Name": "GoldKey Security Token Cryptographic Module", "Module Type": "Hardware", "Validation Date": "01/29/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2073.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2073", "detail_available": true, "module_name": "GoldKey Security Token Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with Windows 7 Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #1330 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Provides cryptographic algorithm implementation for GoldKey Products" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2072", "Certificate Number": "2072", "Vendor Name": "Chunghwa Telecom Co., Ltd.", "Module Name": "HiCOS PKI Native Smart Card Cryptographic Module", "Module Type": "Hardware", "Validation Date": "01/29/201404/22/201611/09/201712/20/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2072.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2072", "detail_available": true, "module_name": "HiCOS PKI Native Smart Card Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The HiCOS PKI native smart card module is a single chip implementation of a cryptographic module. The HiCOS PKI native smart card module is mounted in an ID-1 class smart card body that adheres to ISO/IEC specifications for Integrated Circuit Chip (ICC) based identification cards. The module consists of the chip (ICC), the contact faceplate, and the electronic connectors between the chip and contact pad, all contained within an epoxy substrate." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2071", "Certificate Number": "2071", "Vendor Name": "Fujitsu limited", "Module Name": "ETERNUS DX400/DX8000 Controller Module", "Module Type": "Firmware", "Validation Date": "01/24/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2071.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2071", "detail_available": true, "module_name": "ETERNUS DX400/DX8000 Controller Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode", "module_type": "Firmware", "embodiment": "Multi-chip embedded", "description": "ETERNUS DX400/DX8000 Controller Module is a module which manages the whole disk storage system. In order to prevent a data leakage by removal of disks, the disk encryption mechanism encrypts data on the disks. This encryption function is valid if the Disk Encryption mechanism is activated through GUI." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2070", "Certificate Number": "2070", "Vendor Name": "API Technologies Corp.", "Module Name": "Common Crypto Module for NetGard Privileged Gateway, SA5600-IA and NetGard MFD", "Module Type": "Software", "Validation Date": "01/24/201404/23/201402/10/201611/10/202001/18/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2070.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2070", "detail_available": true, "module_name": "Common Crypto Module for NetGard Privileged Gateway, SA5600-IA and NetGard MFD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Common Crypto Module for PRIISMS, PRIISMS RD, SA5600-IA, and NetGard MFD is a standards-based cryptographic engine for servers and appliances. The module delivers core cryptographic functions and features robust algorithm support, including Suite B algorithms.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2069", "Certificate Number": "2069", "Vendor Name": "Hewlett-Packard Company", "Module Name": "HP Networking 3800 Switch Series", "Module Type": "Hardware", "Validation Date": "12/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2069.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2069", "detail_available": true, "module_name": "HP Networking 3800 Switch Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and when tamper evident labels and security devices are installed on the initially built configuration as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The HP Networking 3800 Switch Series cryptographic modules are a family of next-generation gigabit Layer 2/3 enterprise-class access layer switches. The 3800 Switch Series, which is designed with a custom HP ProVision ASIC, delivers unmatched performance and scalability to meet the needs of the most demanding enterprise networks. The HP Networking 3800 Switch Series modules integrate 10 Gb connectivity for high-performance links to the network aggregation and core; allowing for increased throughput and network link redundancy.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2068", "Certificate Number": "2068", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee SIEM Cryptographic Module", "Module Type": "Software", "Validation Date": "12/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2068.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2068", "detail_available": true, "module_name": "McAfee SIEM Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The McAfee SIEM Cryptographic Module provides cryptographic services required by the McAfee SIEM environments.", "algorithms": [ "AES", "CVL", "DES", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2067", "Certificate Number": "2067", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Virtual SIEM Cryptographic Module", "Module Type": "Software", "Validation Date": "12/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2067.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2067", "detail_available": true, "module_name": "McAfee Virtual SIEM Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The McAfee Virtual SIEM Cryptographic Module provides cryptographic services required by the McAfee SIEM virtual environments.", "algorithms": [ "AES", "CVL", "DES", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2066", "Certificate Number": "2066", "Vendor Name": "Kanguru Solutions", "Module Name": "Kanguru Defender Elite 200™", "Module Type": "Hardware", "Validation Date": "12/24/201302/28/201406/05/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2066.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2066", "detail_available": true, "module_name": "Kanguru Defender Elite 200™", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Kanguru Defender Elite 200™ is a 256-bit AES hardware encrypted USB flash drive. It is used to securely store sensitive data housed on the device. It can also be used as a secure platform for remote access and virtualized applications run directly from the device. The device supports onboard hardware random number generation, RSA, HMAC and algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2065", "Certificate Number": "2065", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 5508 Wireless LAN Controller", "Module Type": "Hardware", "Validation Date": "12/24/201302/20/201402/20/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2065.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2065", "detail_available": true, "module_name": "Cisco 5508 Wireless LAN Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 5508 Series WLAN Controllers deliver centralized control and high capacity for small, medium and large-scale Enterprise wireless LAN networks. In FIPS 140-2 mode of operation, the Cisco WLAN Controllers support the IEEE 802.11i & 802.1x standards, IETF CAPWAP standard and support a Secure Wireless Architecture with WiFi Alliance certified WPA-2 security. The Cisco WLAN Controllers support voice, video and data services along with Cisco Clean Air technology, IPv6 mobility, intrusion protection and intelligent radio resource management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2064", "Certificate Number": "2064", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "12/23/201308/09/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2064.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2064", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2063", "Certificate Number": "2063", "Vendor Name": "Neopost Technologies", "Module Name": "PSD MODEL 145, 146, 147, 148", "Module Type": "Hardware", "Validation Date": "12/18/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2063.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2063", "detail_available": true, "module_name": "PSD MODEL 145, 146, 147, 148", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Neopost PSD (Postal Security Device) for low range Postage Evidencing Systems (PES)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2062", "Certificate Number": "2062", "Vendor Name": "RSAE Labs Inc.", "Module Name": "Cubic Managed Asset Tag (MAT) Cryptographic Module and Cubic SINK Cryptographic Module", "Module Type": "Hardware", "Validation Date": "12/17/201301/24/201408/22/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2062.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2062", "detail_available": true, "module_name": "Cubic Managed Asset Tag (MAT) Cryptographic Module and Cubic SINK Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The Cubic Managed Asset Tag Cryptographic Module and Cubic SINK Cryptographic Module securely sends and receives information collected from peripheral sensors to/from an external Cubic Gateway in support of Cubic Mist® mesh networking solutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2061", "Certificate Number": "2061", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Solaris Kernel Cryptographic Framework", "Module Type": "Software", "Validation Date": "12/13/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2061.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2061", "detail_available": true, "module_name": "Oracle Solaris Kernel Cryptographic Framework", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy and operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Oracle Solaris OS utilizes the Oracle Solaris Kernel Cryptographic Framework module to provide cryptographic functionality for any kernel-level processes that require it, via Oracle-proprietary APIs.", "algorithms": [ "AES", "DES", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2060", "Certificate Number": "2060", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Solaris Kernel Cryptographic Framework with SPARC T4 and SPARC T5", "Module Type": "Software-Hybrid", "Validation Date": "12/13/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2060.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2060", "detail_available": true, "module_name": "Oracle Solaris Kernel Cryptographic Framework with SPARC T4 and SPARC T5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy and operated in FIPS mode.", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "The Oracle Solaris OS utilizes the Oracle Solaris Kernel Cryptographic Framework module to provide cryptographic functionality for any kernel-level processes that require it, via Oracle-proprietary APIs. The module includes the SPARC T4 processor special instruction sets for hardware-accelerated cryptography.", "algorithms": [ "AES", "DES", "DSA", "ECDSA", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2059", "Certificate Number": "2059", "Vendor Name": "Sony Corporation", "Module Name": "Gemini", "Module Type": "Hardware", "Validation Date": "12/13/201305/22/201410/31/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2059.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2059", "detail_available": true, "module_name": "Gemini", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The primary purpose of the Gemini is to provide decryption, decoding/encoding of audio/video data for the digital cinema projector system in which it is being employed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2058", "Certificate Number": "2058", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module", "Module Type": "Software", "Validation Date": "12/13/201307/03/201402/12/201605/10/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2058.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2058", "detail_available": true, "module_name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSA BSAFE® Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2057", "Certificate Number": "2057", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module", "Module Type": "Software", "Validation Date": "12/13/201307/03/201402/12/201605/10/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2057.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2057", "detail_available": true, "module_name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSA BSAFE® Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2056", "Certificate Number": "2056", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE(R) Crypto-C Micro Edition", "Module Type": "Software", "Validation Date": "12/05/201311/25/201402/03/201601/05/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2056.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2056", "detail_available": true, "module_name": "RSA BSAFE(R) Crypto-C Micro Edition", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Crypto-C Micro Edition (ME) Module is RSA, The Security Division of EMC's cryptographic library designed for securing mobile devices like wireless phones and personal digital assistants. It contains assembly-level optimizations on key wireless processors. Its functionality includes a wide range of data encryption and signing algorithms, including Triple-DES, the Advanced Encryption Standard (AES) algorithm, the RSA Public Key Cryptosystem, the DSA government signature algorithm, MD5 and SHA1 message digest routines, and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2055", "Certificate Number": "2055", "Vendor Name": "ActivIdentity, Inc.", "Module Name": "ActivIdentity Digital Identity Applet v2 on Gemalto IDCore 3020 (v2)", "Module Type": "Hardware", "Validation Date": "12/05/201302/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2055.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2055", "detail_available": true, "module_name": "ActivIdentity Digital Identity Applet v2 on Gemalto IDCore 3020 (v2)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with module TOP DL v2 validated to FIPS 140-2 under Cert. #1450 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This module is based on a Java Card platform (IDCore 3020 v2) with 128K EEPROM memory and the ActivIdentity Digital Identity Applet loaded on the Java Card platform. The Cryptographic Module provides dual interfaces (i.e. contact and contact-less) where the same security level is achieved.", "algorithms": [ "AES", "DES", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2054", "Certificate Number": "2054", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Datacryptor® 100M Ethernet", "Module Type": "Hardware", "Validation Date": "12/05/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2054.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2054", "detail_available": true, "module_name": "Datacryptor® 100M Ethernet", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When configured with the Multi-Point license as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Datacryptor® 100 Mbps Ethernet Layer 2 is a rack-mountable multi-chip standalone cryptographic module designed to secure data in transmissions across public Ethernet Layer 2 networks. The Datacryptor® uses 100BaseT ports to connect the host and public sides of the network. The Datacryptor® employs an automatic key generation and exchange mechanism using X.509 v3 certificates and the Elliptic Curve Diffie-Hellman key agreement scheme. The algorithm used for securing data transmission is AES-256 GCM. Management of the Datacryptor® is performed via a remote management interface." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2053", "Certificate Number": "2053", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Datacryptor® 100M Ethernet", "Module Type": "Hardware", "Validation Date": "12/05/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2053.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2053", "detail_available": true, "module_name": "Datacryptor® 100M Ethernet", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When configured with the Point-Point license as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Datacryptor® 100 Mbps Ethernet Layer 2 is rack-mountable multi-chip standalone cryptographic modules which facilitate secure data transmission across public Ethernet Layer 2 networks. The Datacryptor® uses 100BaseT ports to connect the host and public sides of the network. The Datacryptor® offers user verification services via ECDSA enabled X.509 v.3 certificates, key management based on a Elliptic Curve Diffie-Hellman key agreement scheme, and AES encryption of data passing over public networks. Management of the Datacryptor® is performed via a remote management interface." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2052", "Certificate Number": "2052", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "MX Series 3D Universal Edge Routers with the Multiservices DPC", "Module Type": "Hardware", "Validation Date": "12/05/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2052.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2052", "detail_available": true, "module_name": "MX Series 3D Universal Edge Routers with the Multiservices DPC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "The tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "MX Series 3D Universal Edge Routers is a family of Ethernet routers designed to meet very large scale and medium-to-small size applications. It is capable of supporting business, mobile, and residential, services in even the fastest-growing networks and markets. With the Multiservices DPC (the MX Series) provides dedicated high-performance processing for flows and sessions, and integrates advanced security capabilities that protect the network infrastructure as well as user data." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2051", "Certificate Number": "2051", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "µMACE", "Module Type": "Hardware", "Validation Date": "12/03/201304/25/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2051.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2051", "detail_available": true, "module_name": "µMACE", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The µMACE cryptographic processor is used in security modules embedded in Motorola Solutions security products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2050", "Certificate Number": "2050", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade ICX 6430 and ICX 6450 Series Stackable Switch with FastIron 7.4.00a Firmware", "Module Type": "Hardware", "Validation Date": "12/03/201302/20/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2050.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2050", "detail_available": true, "module_name": "Brocade ICX 6430 and ICX 6450 Series Stackable Switch with FastIron 7.4.00a Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Brocade ICX 6430 and 6450 Switches provide enterprise-class stackable LAN switching solutions to meet the growing demands of campus networks. Brocade ICX 6430 and 6450 are available in 24- and 48- port 10/100/1000/ Mbps models and 1 Gigabit Ethernet (GbE) or 10 GbE dual-purpose uplink/stacking ports, with or without IEEE 802.3af Power over Ethernet (PoE) and 802.3at Power over Ethernet Plus (PoE+ - to support enterprise edge networking, wireless mobility, and IP communications.", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "KDF", "RSA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2049", "Certificate Number": "2049", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet Software Cryptographic Library", "Module Type": "Software", "Validation Date": "11/27/201312/15/201501/10/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2049.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2049", "detail_available": true, "module_name": "SafeNet Software Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and when installed, initialized and configured as specified in Section 4 of the provided Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy; No assurance of the minimum strength of generated keys.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The SafeNet Software Cryptographic Library is SafeNet's cryptographic service provider that provides extended high performance cryptographic services for SafeNet's broad range of Data Protection products.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2048", "Certificate Number": "2048", "Vendor Name": "Allegro Software Development Corporation", "Module Name": "Allegro Cryptographic Engine", "Module Type": "Software", "Validation Date": "11/27/201302/20/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2048.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2048", "detail_available": true, "module_name": "Allegro Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Allegro’s suite of Embedded Device Security toolkits makes embedding standards-based security protocols into resource sensitive embedded systems and consumer electronics fast, easy and reliable. The Allegro Cryptographic Engine (ACE) is a cryptographic library module specifically engineered for embedded devices. The module provides embedded systems developers with an easily understood software interface to enable bulk encryption and decryption, message digests, digital signature creation and validation and key generation and exchange. For full details see www.allegrosoft.com/ace.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2047", "Certificate Number": "2047", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE(R) Crypto-C Micro Edition", "Module Type": "Software-Hybrid", "Validation Date": "11/25/201311/25/201402/03/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2047.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2047", "detail_available": true, "module_name": "RSA BSAFE(R) Crypto-C Micro Edition", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "The Crypto-C Micro Edition (ME) Module is RSA, The Security Division of EMC's cryptographic library designed for securing mobile devices like wireless phones and personal digital assistants. It contains assembly-level optimizations on key wireless processors. Its functionality includes a wide range of data encryption and signing algorithms, including Triple-DES, the Advanced Encryption Standard (AES) algorithm, the RSA Public Key Cryptosystem, the DSA government signature algorithm, MD5 and SHA1 message digest routines, and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2046", "Certificate Number": "2046", "Vendor Name": "WatchGuard Technologies, Inc.", "Module Name": "XTM 515, XTM 525, XTM 535 and XTM 545", "Module Type": "Hardware", "Validation Date": "11/18/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2046.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2046", "detail_available": true, "module_name": "XTM 515, XTM 525, XTM 535 and XTM 545", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and the tamper evident seals installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "WatchGuard Fireware XTM extensible threat management appliances are built for enterprise-grade performance with blazing throughput and numerous connectivity options. Advanced networking features include clustering, high availability (active/active), VLAN support, multi-WAN load balancing and enhanced VoIP security, plus inbound and outbound HTTPS inspection, to give the strong security enterprises need." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2045", "Certificate Number": "2045", "Vendor Name": "Mocana Corporation", "Module Name": "Mocana Cryptographic Suite B Module", "Module Type": "Software", "Validation Date": "11/18/201301/03/201404/14/201605/26/201705/16/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2045.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2045", "detail_available": true, "module_name": "Mocana Cryptographic Suite B Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Mocana Cryptographic Module is the engine of Mocana's Device Security Framework - a software framework that secures all aspects of a system. The Device Security Framework helps applications and device designers reduce development costs and dramatically enhance cryptographic performance. For details see www.mocana.com." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2044", "Certificate Number": "2044", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung Key Management Module", "Module Type": "Software", "Validation Date": "11/18/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2044.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2044", "detail_available": true, "module_name": "Samsung Key Management Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Provides general purpose key management services to user-space applications on the mobile platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2043", "Certificate Number": "2043", "Vendor Name": "Hewlett-Packard Company", "Module Name": "HP LTO-6 Tape Drive", "Module Type": "Hardware", "Validation Date": "11/15/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2043.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2043", "detail_available": true, "module_name": "HP LTO-6 Tape Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "HP LTO-6 tape drives help to keep pace with data growth with up to 6.25TB compressed data storage per cartridge and capable of compressed data transfer rates of up to 400MB/sec. Ground breaking LTFS technology makes LTO-6 tapes as easy to use as disk and enables easy file access, reliable long term archive retrieval and simpler transportability between systems. LTO-6 tape drives also provide easy-to-enable security to protect the most sensitive data and prevent unauthorized access of tape cartridges with AES 256-bit hardware data encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2042", "Certificate Number": "2042", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Datacryptor® SONET/SDH OC-3/12/48/192C", "Module Type": "Hardware", "Validation Date": "11/15/201302/13/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2042.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2042", "detail_available": true, "module_name": "Datacryptor® SONET/SDH OC-3/12/48/192C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Datacryptor® SONET/SDH OC-3/12/48/192C are rack-mountable multi-chip standalone cryptographic modules which facilitate secure data transmission across public SONET or SDH backbone networks. The devices use standard SFP/XFP optical transceivers for their host and network connections. The Datacryptor® offers user verification services via ECDSA enabled X.509 v.3 certificates, key management based on a Elliptic Curve Diffie-Hellman key agreement scheme, and AES encryption of data passing over public networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2041", "Certificate Number": "2041", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Datacryptor® Gig Ethernet and 10 Gig Ethernet", "Module Type": "Hardware", "Validation Date": "11/15/201302/13/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2041.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2041", "detail_available": true, "module_name": "Datacryptor® Gig Ethernet and 10 Gig Ethernet", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When configured with the Multi-Point license as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Datacryptor® Gig Ethernet and 10 Gig Ethernet are rack-mountable multi-chip standalone cryptographic modules designed to secure data transmissions across public Ethernet Layer 2 networks. The Gig Ethernet uses an SFP transceiver and the 10 Gig Ethernet uses a higher-speed XFP transceiver. The Datacryptor® employs an automatic key generation and exchange mechanism using X.509 v3 certificates and the Elliptic Curve Diffie-Hellman key agreement scheme. The algorithm used for securing data transmission is AES-256 GCM." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2040", "Certificate Number": "2040", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise S1104, S2008, S3008, S4016, S5032 and S6032", "Module Type": "Hardware", "Validation Date": "11/15/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2040.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2040", "detail_available": true, "module_name": "McAfee Firewall Enterprise S1104, S2008, S3008, S4016, S5032 and S6032", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as indicated in the Security Policy in Section 3. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2039", "Certificate Number": "2039", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Datacryptor® Gig Ethernet and 10 Gig Ethernet", "Module Type": "Hardware", "Validation Date": "11/15/201302/13/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2039.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2039", "detail_available": true, "module_name": "Datacryptor® Gig Ethernet and 10 Gig Ethernet", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When configured with the Point-Point license as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Datacryptor® 1 Gig Ethernet and 10 Gig Ethernet are rack-mountable multi-chip standalone cryptographic modules which facilitate secure data transmission across public Ethernet Layer 2 networks. The 1 Gig and 10 Gig units use an standard SFP/XFP optical transceivers for their host and network connections. The Datacryptor® offers user verification services via ECDSA enabled X.509 v.3 certificates, key management based on a Elliptic Curve Diffie-Hellman key agreement scheme, and AES encryption of data passing over public networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2037", "Certificate Number": "2037", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade DCX, DCX 8510-8, DCX-4S and DCX 8510-4 Backbones; 6510 FC Switch; 6520 FC Switch; and 7800 Extension Switch", "Module Type": "Hardware", "Validation Date": "11/13/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2037.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2037", "detail_available": true, "module_name": "Brocade DCX, DCX 8510-8, DCX-4S and DCX 8510-4 Backbones; 6510 FC Switch; 6520 FC Switch; and 7800 Extension Switch", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and when tamper evident labels are installed on the initially built configuration as indicated in the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Brocade DCX, DCX 8510-8, DCX-4S and DCX 8510-4 Backbones and the 6510 and 6520 Switch provide a reliable, scalable Fibre Channel switching infrastructure with market-leading 16 Gbps technology and capabilities that support demanding, enterprise-class private cloud storage and highly virtualized environments. The Brocade 7800 Extension Switch provides fast, reliable WAN/MAN connectivity for remote data replication, backup, and migration with Fibre Channel and advanced Fibre Channel over IP (FCIP) technology.", "algorithms": [ "AES", "DES", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2036", "Certificate Number": "2036", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI-E Cryptographic Module", "Module Type": "Hardware", "Validation Date": "11/13/201301/10/201706/23/201706/23/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2036.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2036", "detail_available": true, "module_name": "Luna® PCI-E Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Luna® PCI-E for Luna® IS cryptographic module features powerful cryptographic processing and hardware key management for applications where performance and security are the priority. The multi-chip embedded hardware cryptographic module offers hardware-based key management and cryptographic operations to protect sensitive keys. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI-E card.", "algorithms": [ "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2035", "Certificate Number": "2035", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade ICX 6610 Series Stackable Switch with FastIron 7.3.00c Firmware", "Module Type": "Hardware", "Validation Date": "11/13/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2035.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2035", "detail_available": true, "module_name": "Brocade ICX 6610 Series Stackable Switch with FastIron 7.3.00c Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident seals and opacity baffles installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Brocade ICX 6610 delivers wire-speed, non-blocking performance across all ports to support latency-sensitive applications such as real-time voice and video streaming and VDI. Brocade ICX 6610 Switches can be stacked to provide an unprecedented 320 Gbps of backplane stacking bandwidth. Additionally, each switch can provide up to eight 10 Gigabit Ethernet (GbE) ports.", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "KDF", "RSA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2034", "Certificate Number": "2034", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco FIPS Object Module", "Module Type": "Software", "Validation Date": "11/13/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2034.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2034", "detail_available": true, "module_name": "Cisco FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Cisco FIPS Object Module (FOM) is a software library that provides cryptographic services to a vast array of Cisco's networking and collaboration products. The module provides FIPS 140 validated cryptographic algorithms for services such as IPSEC, SRTP, SSH, TLS, 802.1x, etc. The module does not directly implement any of these protocols, instead it provides the cryptographic primitives and functions to allow a developer to implement the various protocols.", "algorithms": [ "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2033", "Certificate Number": "2033", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE Crypto-J Software Module", "Module Type": "Software", "Validation Date": "11/13/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2033.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2033", "detail_available": true, "module_name": "RSA BSAFE Crypto-J Software Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. This validation entry is a non-security relevant modification to Cert. #1291", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSA BSAFE® Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2032", "Certificate Number": "2032", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "VDX 6710, VDX 6720, VDX 6730 and VDX 8770 with Network OS (NOS) v3.0.1 Firmware", "Module Type": "Hardware", "Validation Date": "11/13/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2032.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2032", "detail_available": true, "module_name": "VDX 6710, VDX 6720, VDX 6730 and VDX 8770 with Network OS (NOS) v3.0.1 Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "algorithms": [ "AES", "DES", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2031", "Certificate Number": "2031", "Vendor Name": "Stonesoft Corporation", "Module Name": "Stonesoft Cryptographic Library", "Module Type": "Software", "Validation Date": "11/13/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2031.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2031", "detail_available": true, "module_name": "Stonesoft Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Stonesoft Cryptographic Library is a software module that provides cryptographic services for Stonesoft network security products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2030", "Certificate Number": "2030", "Vendor Name": "Sony Corporation", "Module Name": "Aspen", "Module Type": "Hardware", "Validation Date": "11/13/201311/22/201301/23/201408/29/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2030.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2030", "detail_available": true, "module_name": "Aspen", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The primary purpose of the Aspen is to provide decryption, decoding/encoding of audio/video data for the digital cinema projector system in which it is being employed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2029", "Certificate Number": "2029", "Vendor Name": "Worldline SA/NV", "Module Name": "Worldline ADYTON Cryptographic Module", "Module Type": "Hardware", "Validation Date": "11/13/201302/06/201803/01/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2029.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2029", "detail_available": true, "module_name": "Worldline ADYTON Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Worldline’s ADYTON is an innovative high-performance Hardware Security Module (HSM) platform. The design of the ADYTON is based on high security, reliability and robustness, user friendliness, and conformance to international security standards. ADYTON has an integrated color display, full HEX capacitive keyboard, chip card reader, fingerprint reader, and a USB Host connection." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2028", "Certificate Number": "2028", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "11/12/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2028.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2028", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2027", "Certificate Number": "2027", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "11/12/201310/10/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2027.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2027", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-Chip Embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2026", "Certificate Number": "2026", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Database Security Server Cryptographic Module", "Module Type": "Software", "Validation Date": "11/12/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2026.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2026", "detail_available": true, "module_name": "McAfee Database Security Server Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 4 and operated in FIPS140_MODE", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "McAfee Database Security Server Cryptographic Module provides FIPS 140-2 validated services to the server component of the McAfee Database Security product line." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2025", "Certificate Number": "2025", "Vendor Name": "Blue Coat® Systems, Inc.", "Module Name": "Blue Coat Systems, Software Cryptographic Module", "Module Type": "Software", "Validation Date": "11/12/201305/20/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2025.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2025", "detail_available": true, "module_name": "Blue Coat Systems, Software Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Blue Coat Systems, Software Cryptographic Module is a software multi-chip standalone module, providing cryptographic services for Solera DeepSee Software. Solera DeepSee is a solution for security intelligence and analytics that creates a complete record of network traffic. The module is a shared library that links to Solera DeepSee components.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2024", "Certificate Number": "2024", "Vendor Name": "Nokia of America Corporation (NoAC)", "Module Name": "Nokia Cryptographic Module", "Module Type": "Software", "Validation Date": "11/12/201312/31/201405/29/201502/08/201601/17/201707/26/201708/22/201706/12/201806/18/201812/13/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2024.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2024", "detail_available": true, "module_name": "Nokia Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Nokia Cryptographic Module is a Linux loadable kernel module that provides cryptographic services in the Linux kernel. It provides an API that can be used by other kernel services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2023", "Certificate Number": "2023", "Vendor Name": "Nuvoton Technology Corporation", "Module Name": "Nuvoton TPM 1.2", "Module Type": "Hardware", "Validation Date": "11/08/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2023.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2023", "detail_available": true, "module_name": "Nuvoton TPM 1.2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Nuvoton Trusted Platform Module is a hardware cryptographic module, a member of the Nuvoton SafeKepper family, which implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography, as well as key generation and random number generation as defined by the Trusted Computing Group (TCG) version 1.2 specification for PC-Client TPM." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2022", "Certificate Number": "2022", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "11/08/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2022.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2022", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2021", "Certificate Number": "2021", "Vendor Name": "Apple Inc.", "Module Name": "Apple iOS CoreCrypto Kernel Module, v4.0", "Module Type": "Software", "Validation Date": "11/07/201311/22/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2021.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2021", "detail_available": true, "module_name": "Apple iOS CoreCrypto Kernel Module, v4.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Apple iOS CoreCrypto Kernel Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2020", "Certificate Number": "2020", "Vendor Name": "Apple Inc.", "Module Name": "Apple iOS CoreCrypto Module, v4.0", "Module Type": "Software-Hybrid", "Validation Date": "11/07/201311/22/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2020.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2020", "detail_available": true, "module_name": "Apple iOS CoreCrypto Module, v4.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "The Apple iOS CoreCrypto Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2019", "Certificate Number": "2019", "Vendor Name": "Hewlett-Packard Company", "Module Name": "HP LTO-6 Tape Drive", "Module Type": "Hardware", "Validation Date": "11/07/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2019.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2019", "detail_available": true, "module_name": "HP LTO-6 Tape Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "HP LTO-6 tape drives help to keep pace with data growth with up to 6.25TB compressed data storage per cartridge and capable of compressed data transfer rates of up to 400MB/sec. Ground breaking LTFS technology makes LTO-6 tapes as easy to use as disk and enables easy file access, reliable long term archive retrieval and simpler transportability between systems. LTO-6 tape drives also provide easy-to-enable security to protect the most sensitive data and prevent unauthorized access of tape cartridges with AES 256-bit hardware data encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2018", "Certificate Number": "2018", "Vendor Name": "Kingston Technology Company, Inc.", "Module Name": "IronKey S250/D250", "Module Type": "Hardware", "Validation Date": "11/07/201302/20/201403/08/201605/26/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2018.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2018", "detail_available": true, "module_name": "IronKey S250/D250", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "Files distributed with the module mounted within the internal CD Drive are excluded from validation", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The IronKey S250/D250 Secure Flash Drives include a high-speed hardware-based 256 Bit AES cryptography engine for encrypting and decrypting NAND flash and RAM buffers via USB. It also includes RSA, HMAC, SHA, and DRBG algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2017", "Certificate Number": "2017", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "AP 71xx Series Wireless Access Points - AP 7131N, AP 7131N-GR, AP 7161, AP 7181", "Module Type": "Hardware", "Validation Date": "11/07/201312/20/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2017.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2017", "detail_available": true, "module_name": "AP 71xx Series Wireless Access Points - AP 7131N, AP 7131N-GR, AP 7161, AP 7181", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The AP-71xx Series 802.11n Wireless Access Points deliver the high throughput, coverage, and resiliency required to build an all-wireless enterprise. The dual and tri-radio options provide simultaneous support for high-speed wireless voice and data services, self-healing mesh networking and wireless intrusion detection/prevention services.", "algorithms": [ "AES", "DES", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2016", "Certificate Number": "2016", "Vendor Name": "Apple Inc.", "Module Name": "Apple OS X CoreCrypto Kernel Module, v4.0", "Module Type": "Software", "Validation Date": "11/07/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2016.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2016", "detail_available": true, "module_name": "Apple OS X CoreCrypto Kernel Module, v4.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Apple iOS CoreCrypto Kernel Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2015", "Certificate Number": "2015", "Vendor Name": "Apple Inc.", "Module Name": "Apple OS X CoreCrypto Module, v4.0", "Module Type": "Software", "Validation Date": "11/07/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2015.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2015", "detail_available": true, "module_name": "Apple OS X CoreCrypto Module, v4.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Apple OS X CoreCrypto Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2014", "Certificate Number": "2014", "Vendor Name": "Atmel Corporation", "Module Name": "Atmel Trusted Platform Module", "Module Type": "Hardware", "Validation Date": "11/05/201304/11/201405/20/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2014.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2014", "detail_available": true, "module_name": "Atmel Trusted Platform Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The AT97SC3204 and AT97SC3205 are single chip cryptographic modules used for cryptographic key generation, key storage and key management as well as generation and secure storage for digital certificates." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2013", "Certificate Number": "2013", "Vendor Name": "Dispersive Technologies, Inc.", "Module Name": "DSI V2VNet Mobile Crypto Module", "Module Type": "Software", "Validation Date": "11/05/201309/18/201502/25/2022", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2013.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2013", "detail_available": true, "module_name": "DSI V2VNet Mobile Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security relevant modification to Cert. #1938.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "V2VNet Mobile Crypto Module provides cryptographic functions for Dispersive Solutions V2VNet Mobile Edition, a scalable solution allowing clients to communicate directly with other clients, and securely route voice, video and data communications.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2012", "Certificate Number": "2012", "Vendor Name": "Pulse Secure, LLC.", "Module Name": "Pulse Secure Cryptographic Module", "Module Type": "Software", "Validation Date": "11/05/201312/11/201302/13/201501/19/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2012.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2012", "detail_available": true, "module_name": "Pulse Secure Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Pulse Secure’s portfolio delivers secure, remote and local network access. It includes the Pulse client, Connect Secure (SSL‐VPN), and Policy Secure (NAC) ‐ available on the MAG Series Gateways or as virtual appliances. These products grants authorized users granular, policydriven secure, remote and LAN‐based network access based on their role, identity, device and location. They supports broad coverage across mobile and non‐mobile devices, with built‐in device integrity checks to further enable secure BYOD initiatives.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2011", "Certificate Number": "2011", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-200B [1], FortiGate-300C [2], FortiGate-310B [3], FortiGate-600C [4] and FortiGate-620B [5]", "Module Type": "Hardware", "Validation Date": "11/05/201306/27/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2011.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2011", "detail_available": true, "module_name": "FortiGate-200B [1], FortiGate-300C [2], FortiGate-310B [3], FortiGate-600C [4] and FortiGate-620B [5]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FortiGate product family spans the full range of network environments, from SOHO to service provider, offering cost effective systems for any size of application. FortiGate appliances detect and eliminate the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2010", "Certificate Number": "2010", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-5140 Chassis with FortiGate 5000 Series Blades", "Module Type": "Hardware", "Validation Date": "11/05/201306/27/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2010.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2010", "detail_available": true, "module_name": "FortiGate-5140 Chassis with FortiGate 5000 Series Blades", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FortiGate product family spans the full range of network environments, from SOHO to service provider, offering cost effective systems for any size of application. FortiGate appliances detect and eliminate the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2009", "Certificate Number": "2009", "Vendor Name": "Stanley Security Solutions, Inc.", "Module Name": "Wi-Q Communication Server Cryptographic Module", "Module Type": "Software", "Validation Date": "11/05/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2009.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2009", "detail_available": true, "module_name": "Wi-Q Communication Server Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Windows Server 2008 Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #1010 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Communication Server Cryptographic Module (CSCM) is a software solution that provides secure key retrieval and key transfer functions within the Stanley Wi-Q Wireless Access Control System." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2008", "Certificate Number": "2008", "Vendor Name": "Hewlett-Packard TippingPoint", "Module Name": "HP TippingPoint Intrusion Prevention System", "Module Type": "Hardware", "Validation Date": "10/25/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2008.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2008", "detail_available": true, "module_name": "HP TippingPoint Intrusion Prevention System", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with pick-resistant locks and opaque cover installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Inserted transparently into the network, the HP TippingPoint Intrusion Prevention System (IPS) is an in-line security device that performs high-performance, deep packet inspection to protect customer networks from attack. The IPS blocks malicious and unwanted traffic, while allowing good traffic to pass unimpeded. In fact, the IPS optimizes the performance of good traffic by continually cleansing the network and prioritizing applications that are mission critical." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2007", "Certificate Number": "2007", "Vendor Name": "GDC Technology (USA), LLC", "Module Name": "Standalone IMB", "Module Type": "Hardware", "Validation Date": "10/25/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2007.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2007", "detail_available": true, "module_name": "Standalone IMB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "A digital cinema standalone integrated media block that is compliant with DCI specifications and SMPTE digital cinema standards. The supported features include JPEG2000 decoding, AES decryption, key management, and logging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2006", "Certificate Number": "2006", "Vendor Name": "Bull SAS", "Module Name": "CHR Cryptographic Module", "Module Type": "Hardware", "Validation Date": "10/25/201302/01/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2006.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2006", "detail_available": true, "module_name": "CHR Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The BULL CHR is a multi-chip standalone security module providing functionality for the secure loading of applications. The CHR is the corner stone of a range of security products developed and signed by BULL as Application Provider and known as \"CRYPT2Protect HR\" and \"CRYPT2Pay HR\" product range available for different domain of applications including Banks and Financial Institutions. Additional products may be developed by Application Providers, based on the CHR." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2005", "Certificate Number": "2005", "Vendor Name": "UTC Fire & Security Americas Corporation, Inc.", "Module Name": "Lenel OnGuard Communication Server", "Module Type": "Software", "Validation Date": "10/25/201311/07/201411/25/201408/14/201510/20/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2005.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2005", "detail_available": true, "module_name": "Lenel OnGuard Communication Server", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with [(Windows 7 Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #1330 operating in FIPS mode), (Windows Server 2008 Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #1010 operating in FIPS mode) or (Windows 8 and Windows Server 2012 Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #1894 operating in FIPS mode)])", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Lenel OnGuard Communication Server module's primary purpose is to provide secure communications with external access control devices. The module is part of the Lenel's advanced access control and alarm monitoring system. The Lenel advanced access control and alarm monitoring system is built on an open architecture platform, offers unlimited scalability, database segmentation, fault tolerance, and biometrics and smart card support. The Lenel advanced access control and alarm monitoring system is fully customizable, and can be seamlessly integrated into the OnGuard total security solution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2004", "Certificate Number": "2004", "Vendor Name": "Covia Labs, Inc.", "Module Name": "Covia Connector Cryptographic Module", "Module Type": "Software", "Validation Date": "09/30/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2004.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2004", "detail_available": true, "module_name": "Covia Connector Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Covia Connector Cryptographic Module provides cryptographic services for the Covia Connector. These services include but are not limited to pseudo-random number generation, symmetric and asymmetic key generation, data encryption and decryption, key wrapping, and key unwrapping." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2003", "Certificate Number": "2003", "Vendor Name": "Doremi Labs", "Module Name": "IMS-SM", "Module Type": "Hardware", "Validation Date": "09/30/201301/03/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2003.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2003", "detail_available": true, "module_name": "IMS-SM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2002", "Certificate Number": "2002", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 6503-E, Catalyst C6504-E, Catalyst 6506-E, Catalyst 6509-E and Catalyst 6513-E Switches with Supervisor Cards (VS-S2T-10G and VS-S2T-10G-XL) and Line Cards (WS-X6908-10G, WS-X6908-10G-2TXL, WS-X6904-40G-2T and WS-X6904-40G-2TXL)", "Module Type": "Hardware", "Validation Date": "09/19/201311/01/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2002.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2002", "detail_available": true, "module_name": "Cisco Catalyst 6503-E, Catalyst C6504-E, Catalyst 6506-E, Catalyst 6509-E and Catalyst 6513-E Switches with Supervisor Cards (VS-S2T-10G and VS-S2T-10G-XL) and Line Cards (WS-X6908-10G, WS-X6908-10G-2TXL, WS-X6904-40G-2T and WS-X6904-40G-2TXL)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident labels and security devices installed on the initially built configurations as indicated in Table 1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Catalyst 6500 series switches offer versatility, integration, and security to branch offices. With numerous network modules and service modules available, the modular architecture of the Cisco switches easily allows interfaces to be upgraded to accommodate network expansion. The Catalyst 6500 series switches provide a scalable, secure, manageable remote access server that meets FIPS 140-2 Level 2 requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2001", "Certificate Number": "2001", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet ProtectDrive Cryptographic Engine", "Module Type": "Software", "Validation Date": "09/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2001.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2001", "detail_available": true, "module_name": "SafeNet ProtectDrive Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. For Windows 7: With module Microsoft Windows 7 Kernel Mode Cryptographic Primitives Library (cng.sys) validated to FIPS 140-2 under Cert. #1328 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SafeNet ProtectDrive Cryptographic Engine 1.0.1 provides cryptographic services and key management for the SafeNet ProtectDrive Disk Encryption product. SafeNet ProtectDrive delivers full disk encryption for general purpose computers, laptops and removable media." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2000", "Certificate Number": "2000", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet ProtectDrive Cryptographic Engine", "Module Type": "Software", "Validation Date": "09/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2000.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2000", "detail_available": true, "module_name": "SafeNet ProtectDrive Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SafeNet ProtectDrive Cryptographic Engine 1.0.1 provides cryptographic services and key management for the SafeNet ProtectDrive Disk Encryption product. SafeNet ProtectDrive delivers full disk encryption for general purpose computers, laptops and removable media." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1999", "Certificate Number": "1999", "Vendor Name": "Thales Communications, Inc.", "Module Name": "Liberty™ Cryptographic Module", "Module Type": "Firmware", "Validation Date": "09/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1999.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1999", "detail_available": true, "module_name": "Liberty™ Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS Mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The Liberty™ Cryptographic Module is a firmware stand alone executable module which provides FIPS 140-2 Level 1 certified cryptographic functionality for devices that utilize the APCO project 25 standard. The Liberty™ Cryptographic Module uses Green Hills Integrity™ address space seperation to provide secure isolation of the cryptographic module without requiring a separate cryptographic hardware module." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1998", "Certificate Number": "1998", "Vendor Name": "Motorola Mobility LLC", "Module Name": "Motorola Mobility Linux Kernel Software Cryptographic Module", "Module Type": "Software", "Validation Date": "09/17/201301/03/201404/17/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1998.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1998", "detail_available": true, "module_name": "Motorola Mobility Linux Kernel Software Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "No assurance of the minimum strength of provided entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Motorola Mobility Linux Kernel Software Cryptographic Module is a software only Linux kernel cryptographic module intended to operate on a multi-chip standalone personal mobile device running Android. It provides general-purpose cryptographic services to the remainder of the Linux kernel. It is designed to operate at FIPS 140-2 overall security level 1." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1997", "Certificate Number": "1997", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "Check Point CryptoCore", "Module Type": "Software", "Validation Date": "09/13/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1997.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1997", "detail_available": true, "module_name": "Check Point CryptoCore", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Check Point Crypto Core is a 140-2 Level 1 cryptographic module for Windows 7, Mac OS X, and UEFI firmware. The module provides cryptographic services accessible in pre-boot mode, kernel mode and user mode on the respective platforms through implementation of platform specific binaries." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1996", "Certificate Number": "1996", "Vendor Name": "Fixmo, Inc.", "Module Name": "Fixmo Client Crypto Module", "Module Type": "Software", "Validation Date": "09/06/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1996.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1996", "detail_available": true, "module_name": "Fixmo Client Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Fixmo Client Crypto Module provides cryptographic functions for Fixmo client applications and solutions.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "DSA", "ECDSA", "HMAC", "KAS", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1995", "Certificate Number": "1995", "Vendor Name": "Oracle Corporation", "Module Name": "Sun Crypto Accelerator 6000", "Module Type": "Hardware", "Validation Date": "09/11/201312/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1995.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1995", "detail_available": true, "module_name": "Sun Crypto Accelerator 6000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The SCA-6000 is a high performance hardware security module for Sun SPARC, x86, x64 platforms in a low-profile, short PCI-E (X8) card. Supported on Linux and Solaris-10, it provides on-board cryptographic acceleration hardware and key store. It supports remote management with serial and USB ports for local administration. It enhances performance by off-loading compute intensive cryptographic calculations, accelerating IPsec and SSL processing and performs many financial service functions. The SCA6000 performs primary cryptographic functions for the Sun KMS 2.X Key Management System." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1994", "Certificate Number": "1994", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® Crypto for C", "Module Type": "Software", "Validation Date": "08/27/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1994.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1994", "detail_available": true, "module_name": "IBM® Crypto for C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The IBM Crypto for C v8.2.2.0 (ICC) cryptographic module is implemented in the C programming language. It is packaged as dynamic (shared) libraries usable by applications written in a language that supports C language linking conventions (e.g. C, C++, Java, Assembler, etc.) for use on commercially available operating systems. The ICC allows these applications to access cryptographic functions using an Application Programming Interface (API) provided through an ICC import library and based on the API defined by the OpenSSL group." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1993", "Certificate Number": "1993", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® Java JCE FIPS 140-2 Cryptographic Module", "Module Type": "Software", "Validation Date": "08/27/201305/29/201503/15/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1993.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1993", "detail_available": true, "module_name": "IBM® Java JCE FIPS 140-2 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for Multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework that is part of all JVM's at the 1.6 level and higher." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1992", "Certificate Number": "1992", "Vendor Name": "TecSec Incorporated", "Module Name": "TecSec Armored Card - Contact Cryptographic Module", "Module Type": "Hardware", "Validation Date": "08/19/201302/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1992.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1992", "detail_available": true, "module_name": "TecSec Armored Card - Contact Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the fingerprint authentication mechanism parameters configured as indicated in the Security Policy Section 9. No assurance of Secure Channel Protocol (SCP) message integrity", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The TecSec Armored Card is a cryptographic module which provides enterprise personnel identification, persistent data security for data in transit and at rest, with additional support for physical/logical/functional/content authorization. The Chip is part of a dual-chip PIV smart card that is fully compliant with the end-point service specified in SP800-73-1. This Contact Chip Provides 368k eprom memory leveraging a common robust identity process and additionally providing a federation platform for multiple applications from multiple owners enforced by cryptographic separation.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1991", "Certificate Number": "1991", "Vendor Name": "Stonesoft Corporation", "Module Name": "Stonesoft Cryptographic Kernel Module", "Module Type": "Software", "Validation Date": "08/13/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1991.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1991", "detail_available": true, "module_name": "Stonesoft Cryptographic Kernel Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Provides general cryptographic services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1990", "Certificate Number": "1990", "Vendor Name": "Ultra Stereo Labs, Inc.", "Module Name": "IMB-1000 HFR and IMB-1200 HFR Secure Media Blocks", "Module Type": "Hardware", "Validation Date": "08/13/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1990.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1990", "detail_available": true, "module_name": "IMB-1000 HFR and IMB-1200 HFR Secure Media Blocks", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Image Media Block is a type of Secure Processing Block that contains a Security Manager, Image, Audio and Subtitle Media Decryptors, Image decoder, Image and Audio Forensic Marking (FM) and optional Link Encoder. It is used for playback of encrypted movie content in commercial cinemas." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1989", "Certificate Number": "1989", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll)", "Module Type": "Software", "Validation Date": "08/13/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1989.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1989", "detail_available": true, "module_name": "Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Microsoft Windows Cryptographic Primitives Library is a general purpose, software-based, cryptographic module. The primitive provider functionality is offered through one cryptographic module, BCRYPT.DLL (version 7.00.1687), subject to FIPS-140-2 validation. BCRYPT.DLL provides cryptographic services, through its documented interfaces, to Windows Embedded Compact 7 components and applications running on Windows Embedded Compact 7." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1988", "Certificate Number": "1988", "Vendor Name": "Senetas Corporation Ltd. and SafeNet Inc.", "Module Name": "CN6000 Series Encryptors", "Module Type": "Hardware", "Validation Date": "08/13/201309/16/201302/20/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1988.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1988", "detail_available": true, "module_name": "CN6000 Series Encryptors", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The CN6000 Series is a high-speed hardware encryption platform designed to secure data transmitted over Ethernet and Fibre Channel networks. The CN6040 is protocol selectable operating at line rates up to 4Gb/s. Configured in Ethernet mode the CN6040 supports optical and twisted-pair link rates of 10Mb/s, 100Mb/s & 1Gb/s whilst in Fibre Channel mode supports rates of 1.0625, 2.125 & 4.25Gb/s. The CN6100 is an Ethernet model that operates at a line rate of 10Gb/s. SafeNet, Inc. makes Senetas products available globally under a master distribution agreement and are co-branded as such." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1987", "Certificate Number": "1987", "Vendor Name": "Stanley Security Solutions, Inc.", "Module Name": "Wi-Q Portal Gateway", "Module Type": "Hardware", "Validation Date": "08/13/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1987.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1987", "detail_available": true, "module_name": "Wi-Q Portal Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Stanley Wi-Q Portal Gateway Cryptographic Module is a wireless gateway device that communicates via wired network to the Stanley Wi-Q Communications Server and communicates via proprietary 802.15.4 protocol to wireless Stanley Wi-Q Controller modules. The Stanley Wi-Q Portal Gateway provides secure key retrieval and key transfer functions within the Stanley Wi-Q Wireless Access Control System." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1986", "Certificate Number": "1986", "Vendor Name": "TecSec Incorporated", "Module Name": "TecSec Armored Card - Contactless Cryptographic Module", "Module Type": "Hardware", "Validation Date": "08/09/201302/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1986.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1986", "detail_available": true, "module_name": "TecSec Armored Card - Contactless Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the fingerprint authentication mechanism parameters configured as indicated in the Security Policy Section 9. No assurance of Secure Channel Protocol (SCP) message integrity", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The TecSec Armored Card is a cryptographic module which provides enterprise personnel identification, persistent data security for data in transit and at rest, with additional support for physical/logical/functional/content authorization. The Chip is part of a dual-chip PIV smart card that is fully compliant with the end-point service specified in SP800-73-1. This Chip provides the contactless functionality leveraging a common robust identity process in support of the federation platform capabilities of the overall card.", "algorithms": [ "AES", "CVL", "DES", "DRBG", "ECDSA", "HMAC", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1985", "Certificate Number": "1985", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung FIPS BC for Mobile Phone and Tablet", "Module Type": "Software", "Validation Date": "07/23/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1985.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1985", "detail_available": true, "module_name": "Samsung FIPS BC for Mobile Phone and Tablet", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Provides general purpose cryptographic services to user-space applications on the mobile platform for the protection of data in transit." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1984", "Certificate Number": "1984", "Vendor Name": "SafeNet, Inc.", "Module Name": "eToken", "Module Type": "Hardware", "Validation Date": "07/23/201301/10/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1984.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1984", "detail_available": true, "module_name": "eToken", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "No assurance of Secure Channel Protocol (SCP) message integrity", "module_type": "Hardware", "embodiment": "Single-chip", "description": "SafeNet eToken is a portable two-factor USB authenticator with advanced smart card technology. It utilizes certificate based technology to generate and store credentials, such as private keys, passwords and digital certificates inside the protected environment of the smart card chip. To authenticate, users must supply both their personal SafeNet authenticator and password, providing a critical second level of security beyond simple passwords to protect valuable digital business resources.", "algorithms": [ "AES", "DRBG", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1983", "Certificate Number": "1983", "Vendor Name": "A10 Networks, Inc.", "Module Name": "AX Series Advanced Traffic Manager AX2500, AX2600-GCF, AX3000-11-GCF, AX5100, AX5200-11, AX1030, AX3030, AX3400, AX3200-12, AX3530 and AX5630, and Thunder Series Application Delivery Controller TH1030S, TH3030S, TH5430S, and TH6430S", "Module Type": "Hardware", "Validation Date": "07/23/201312/20/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1983.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1983", "detail_available": true, "module_name": "AX Series Advanced Traffic Manager AX2500, AX2600-GCF, AX3000-11-GCF, AX5100, AX5200-11, AX1030, AX3030, AX3400, AX3200-12, AX3530 and AX5630, and Thunder Series Application Delivery Controller TH1030S, TH3030S, TH5430S, and TH6430S", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices. AX Series standard redundant components and high availability design ensure organizations non-stop service availability for all types of applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1982", "Certificate Number": "1982", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 4503-E, Catalyst 4506-E, Catalyst 4507R-E, Catalyst 4507R+E, Catalyst 4510R-E, Catalyst 4510R+E with Supervisor Cards (WS-X45-SUP7-E and WS-X45-Sup7L-E) and Line Cards (WS-X4748-RJ45V+E, WS-X4712-SFP+E, WS-X4640-CSFP-E, WS-X4748-NGPOE+E, and WS-X4748-RJ45-E)", "Module Type": "Hardware", "Validation Date": "07/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1982.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1982", "detail_available": true, "module_name": "Cisco Catalyst 4503-E, Catalyst 4506-E, Catalyst 4507R-E, Catalyst 4507R+E, Catalyst 4510R-E, Catalyst 4510R+E with Supervisor Cards (WS-X45-SUP7-E and WS-X45-Sup7L-E) and Line Cards (WS-X4748-RJ45V+E, WS-X4712-SFP+E, WS-X4640-CSFP-E, WS-X4748-NGPOE+E, and WS-X4748-RJ45-E)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels and security devices installed on the initially built configuration as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Catalyst 4500 Series switches are Cisco`s leading modular switches for borderless access and price/performance distribution deployments. They offer best-in-class investment protection with forward and backward compatibility and deep application visibility with Flexible NetFlow. The Catalyst 4500 Series Switches meet FIPS 140-2 overall Level 2 requirements as multi-chip standalone modules. The switches include cryptographic algorithms implemented in IOS software as well as hardware ASICs. The module provides 802.1X-rev." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1981", "Certificate Number": "1981", "Vendor Name": "Kanguru Solutions", "Module Name": "Kanguru Defender 2000™ Cryptographic Module", "Module Type": "Hardware", "Validation Date": "07/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1981.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1981", "detail_available": true, "module_name": "Kanguru Defender 2000™ Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Kanguru Defender 2000 Cryptographic Module is a 256-bit AES hardware encrypted USB flash drive. It is used to securely store sensitive data housed on the device." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1980", "Certificate Number": "1980", "Vendor Name": "Cocoon Data Holdings Limited", "Module Name": "Cocoon Data Secure Objects C++ Cryptographic Module Version 1.8", "Module Type": "Software", "Validation Date": "07/17/201308/07/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1980.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1980", "detail_available": true, "module_name": "Cocoon Data Secure Objects C++ Cryptographic Module Version 1.8", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Cocoon Data Secure Objects C++ Cryptographic Module Version 1.8 has been implemented as part of the Cocoon Data Secure Objects solution, an encryption-based access control system for protecting the confidentiality and integrity of electronic files. Coccon Data Holdings Limited is the parent company of all Covata entities.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1979", "Certificate Number": "1979", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "Provider-1", "Module Type": "Firmware", "Validation Date": "07/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1979.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1979", "detail_available": true, "module_name": "Provider-1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "Check Point Provider 1 technology provides virtualized security management, segmenting your security management into multiple virtual domains. Businesses of all sizes can easily create virtual domains based on geography, business unit or security function to strengthen security and simplify management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1978", "Certificate Number": "1978", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "Security Management", "Module Type": "Firmware", "Validation Date": "07/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1978.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1978", "detail_available": true, "module_name": "Security Management", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "Check Point Security Management technology provides security management. Businesses of all sizes can easily create domains based on geography, business unit or security function to strengthen security and simplify management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1977", "Certificate Number": "1977", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "Security Gateway", "Module Type": "Firmware", "Validation Date": "07/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1977.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1977", "detail_available": true, "module_name": "Security Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "Check Point VPN-1 Security Gateway allows enterprises and managed service providers to provide firewall, VPN, and intrusion prevention functionality on a single hardware platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1976", "Certificate Number": "1976", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "VSX", "Module Type": "Firmware", "Validation Date": "07/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1976.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1976", "detail_available": true, "module_name": "VSX", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "Check Point VPN-1 Power VSX is a virtualized security gateway that allows virtualized enterprises and managed service providers to create up to 250 virtual systems (firewall, VPN, and intrusion prevention functionality within a virtual network environment) on a single, highly scalable hardware platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1975", "Certificate Number": "1975", "Vendor Name": "Accellion, Inc.", "Module Name": "Accellion Cryptographic Module", "Module Type": "Software", "Validation Date": "07/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1975.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1975", "detail_available": true, "module_name": "Accellion Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Accellion Cryptographic Module is a key component of Accellion's secure collaboration solution that enables enterprises to securely share and transfer files. Extensive tracking and reporting tools allow compliance with SOX, HIPAA, FDA and GLB regulations while providing enterprise grade security and ease of use." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1974", "Certificate Number": "1974", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "07/29/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1974.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1974", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Single-chip" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1973", "Certificate Number": "1973", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise Virtual Appliance for Crossbeam XOS", "Module Type": "Software", "Validation Date": "07/10/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1973.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1973", "detail_available": true, "module_name": "McAfee Firewall Enterprise Virtual Appliance for Crossbeam XOS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3.1", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee's Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1972", "Certificate Number": "1972", "Vendor Name": "Chunghwa Telecom Laboratories", "Module Name": "HiPKI SafGuard 1200 HSM", "Module Type": "Hardware", "Validation Date": "07/05/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1972.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1972", "detail_available": true, "module_name": "HiPKI SafGuard 1200 HSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "HiPKI SafGuard 1200 HSM is a multi-chip standalone cryptographic module that is used to provide highly-secure cryptographic services and key storage for PKI applications. (e.g., secure private key storage, high-speed accelerator for 1024-4096 bit RSA and ECDSA signatures, and hashing). The HiPKI SafGuard 1200 HSM provides secure identity-based authentication using smart cards and data encryption using FIPS approved Triple-DES and AES encryption.", "algorithms": [ "AES", "DES", "DRBG", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1971", "Certificate Number": "1971", "Vendor Name": "3e Technologies International, Inc.", "Module Name": "3e-520 Secure Access Point Cryptographic Module", "Module Type": "Hardware", "Validation Date": "07/03/201302/26/201603/16/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1971.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1971", "detail_available": true, "module_name": "3e-520 Secure Access Point Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3.1", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The 3e-520 Secure Access Point acts as an access point for the universal wireless family of devices from 3eTI. The 520 board is installed inside the wireless devices and provides the cryptographic functionality for the device. The access point allows for wireless clients or wireless bridges to securely connect wirelessly with the module and send encrypted data." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1970", "Certificate Number": "1970", "Vendor Name": "iStorage Limited", "Module Name": "iStorage FIPS Module 140-2", "Module Type": "Hardware", "Validation Date": "07/02/201309/30/201506/06/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1970.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1970", "detail_available": true, "module_name": "iStorage FIPS Module 140-2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The iStorage FIPS 140-2 Module is a flexible FIPS module with the ability to interface to multiple types of authentication or hardware. Completely contained within a small footprint/boundary, the module is designed to allow simple integration into various secure storage systems requiring a FIPS validated encryption boundary and does not require software." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1969", "Certificate Number": "1969", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Authentication Token", "Module Type": "Hardware", "Validation Date": "06/26/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1969.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1969", "detail_available": true, "module_name": "Authentication Token", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "No assurance of Secure Channel Protocol (SCP) message integrity", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Authentication Token is a Cryptographic Module containing Thales' authenticated Java applets. Authentication Token is compliant with the latest Java Card 2.2.2 and GlobalPlatform 2.1.1 specifications and is validated to FIPS 140-2 Level 3. Authentication Token supports FIPS-Approved: DRBG; SHA-1 and all SHA-2; TDES; AES; ECDSA and ECC CDC; and, RSA and ECC key generation. Authentication Token is designed to provide users of Thales' hardware security modules with high-performance smart card capabilities in support of their government and enterprise applications.", "algorithms": [ "AES", "DRBG", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1968", "Certificate Number": "1968", "Vendor Name": "Francotyp-Postalia GmbH", "Module Name": "Postal mRevenector CA 2012", "Module Type": "Hardware", "Validation Date": "06/26/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1968.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1968", "detail_available": true, "module_name": "Postal mRevenector CA 2012", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Francotyp-Postalia Postal mRevenector CA 2012 employs strong encryption, decryption, and digital signature techniques for the protection of customer revenues in Francotyp-Postalia's mail handlers. The Postal mRevenector CA 2012 has been designed in compliance with the Canadian Postal Specification." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1967", "Certificate Number": "1967", "Vendor Name": "Telephonics Sweden AB", "Module Name": "TruLink Control Logic Module CL6882-M1", "Module Type": "Hardware", "Validation Date": "06/26/201307/26/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1967.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1967", "detail_available": true, "module_name": "TruLink Control Logic Module CL6882-M1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "TruLink is a wireless intercom system for use in military and harsh industrial environments. It provides fully duplex wireless communication. TruLink users can converse among themselves without pressing a Push to Talk button or waiting for another user to finish their transmission. The system supports 50 channels. Up to 31 users can be logged on to a channel. Each channel is an independent network. TruLink employs a unique noise cancellation system that automatically adjusts its VOX switching level to match the ambient noise level and subtracts this noise from the user's transmitted audio." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1966", "Certificate Number": "1966", "Vendor Name": "Gemalto", "Module Name": "IDCore 30", "Module Type": "Hardware", "Validation Date": "06/21/201307/05/201308/08/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1966.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1966", "detail_available": true, "module_name": "IDCore 30", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The IDCore 30 is a part of Gemalto's IDCore family of Java Cards and offers a comprehensive array of features and options for logical and physical access control applications. IDCore 30 is a highly secure platform for private and public sector smart card deployments implementing Java Card 2.2.2 and Global Platform 2.1.1 / 2.2 Amdt D specifications. IDCore 30 is ideally suited for markets such as Identity or Security/Access, including one-time password authentication, Public Key Infrastructure (PKI) services, digital transactions and physical access control.", "algorithms": [ "AES", "DES", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1965", "Certificate Number": "1965", "Vendor Name": "Apricorn, Inc.", "Module Name": "Apricorn FIPS Module 140-2", "Module Type": "Hardware", "Validation Date": "06/14/201304/16/201406/27/201410/20/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1965.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1965", "detail_available": true, "module_name": "Apricorn FIPS Module 140-2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The Apricorn FIPS 140-2 Module is a flexible FIPS module with the ability to interface to multiple types of authentication or hardware. Completely contained within a small footprint/boundary, the module is designed to allow simple integration into various secure storage systems requiring a FIPS validated encryption boundary and does not require software. The Apricorn FIPS 140-2 Module is used in the Aegis Fortress, Padlock DT FIPS, and the Padlock SSD families." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1964", "Certificate Number": "1964", "Vendor Name": "Apple Inc.", "Module Name": "Apple OS X CoreCrypto Module, v3.0", "Module Type": "Software", "Validation Date": "06/14/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1964.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1964", "detail_available": true, "module_name": "Apple OS X CoreCrypto Module, v3.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Apple OS X CoreCrypto Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1963", "Certificate Number": "1963", "Vendor Name": "Apple Inc.", "Module Name": "Apple iOS CoreCrypto Module, v3.0", "Module Type": "Software-Hybrid", "Validation Date": "06/14/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1963.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1963", "detail_available": true, "module_name": "Apple iOS CoreCrypto Module, v3.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "The Apple iOS CoreCrypto Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1962", "Certificate Number": "1962", "Vendor Name": "ACES", "Module Name": "Tahir Pak Crypto Library", "Module Type": "Software", "Validation Date": "06/14/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1962.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1962", "detail_available": true, "module_name": "Tahir Pak Crypto Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 6.1. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "TPCL (Tahir Pak Crypto Library) is a software cryptographic module which provides FIPS approved Cryptographic functions to consuming applications via an Application Programming Interface (API).", "algorithms": [ "AES", "DRBG", "DSA", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1961", "Certificate Number": "1961", "Vendor Name": "Telephonics Sweden AB", "Module Name": "TruLink Control Logic Module CL6792-M1", "Module Type": "Hardware", "Validation Date": "06/14/201307/26/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1961.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1961", "detail_available": true, "module_name": "TruLink Control Logic Module CL6792-M1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "TruLink is a wireless intercom system for use in military and harsh industrial environments. It provides fully duplex wireless communication. TruLink users can converse among themselves without pressing a Push to Talk button or waiting for another user to finish their transmission. The system supports 50 channels. Up to 31 users can be logged on to a channel. Each channel is an independent network. TruLink employs a unique noise cancellation system that automatically adjusts its VOX switching level to match the ambient noise level and subtracts this noise from the user's transmitted audio." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1960", "Certificate Number": "1960", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise Virtual Appliance for VMware ESXi 4.1", "Module Type": "Software", "Validation Date": "06/12/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1960.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1960", "detail_available": true, "module_name": "McAfee Firewall Enterprise Virtual Appliance for VMware ESXi 4.1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 3.1", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee's Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1959", "Certificate Number": "1959", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "Check Point CryptoCore", "Module Type": "Software", "Validation Date": "06/12/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1959.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1959", "detail_available": true, "module_name": "Check Point CryptoCore", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Check Point Crypto Core is a 140-2 Level 1 cryptographic module for Windows 7, Mac OS X, and UEFI firmware. The module provides cryptographic services accessible in pre-boot mode, kernel mode and user mode on the respective platforms through implementation of platform specific binaries." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1958", "Certificate Number": "1958", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® G5 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "06/11/201308/07/201501/22/201605/12/201601/10/201706/23/201706/23/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1958.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1958", "detail_available": true, "module_name": "Luna® G5 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Luna® G5 delivers key management in a portable appliance. All key materials are maintained exclusively within the confines of the hardware. The small form-factor and on-board key storage sets the product apart, making it especially attractive to customers who need to physically remove and store the small appliance holding PKI root keys. The appliance directly connects the HSM to the application server via a USB interface.", "algorithms": [ "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1957", "Certificate Number": "1957", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® G5 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "06/11/201308/07/201501/12/201601/14/201601/22/201605/12/201601/10/201706/23/201706/23/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1957.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1957", "detail_available": true, "module_name": "Luna® G5 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Luna® G5 delivers key management in a portable appliance. All key materials are maintained exclusively within the confines of the hardware. The small form-factor and on-board key storage sets the product apart, making it especially attractive to customers who need to physically remove and store the small appliance holding PKI root keys. The appliance directly connects the HSM to the application server via a USB interface.", "algorithms": [ "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1956", "Certificate Number": "1956", "Vendor Name": "Apple Inc.", "Module Name": "Apple OS X CoreCrypto Kernel Module, v3.0", "Module Type": "Software", "Validation Date": "06/07/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1956.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1956", "detail_available": true, "module_name": "Apple OS X CoreCrypto Kernel Module, v3.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Apple iOS CoreCrypto Kernel Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1955", "Certificate Number": "1955", "Vendor Name": "Kony, Inc.", "Module Name": "Kony Cryptographic Library", "Module Type": "Software", "Validation Date": "06/03/201308/23/201309/16/201305/16/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1955.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1955", "detail_available": true, "module_name": "Kony Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Kony Cryptographic Library is a full featured cryptographic module used in Kony mobile and multi-channel application platforms and the KonyOne™ Platform.", "algorithms": [ "ECDSA", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1954", "Certificate Number": "1954", "Vendor Name": "ViaSat, Inc.", "Module Name": "Enhanced Bandwidth Efficient Modem (EBEM) Cryptographic Module", "Module Type": "Hardware", "Validation Date": "05/30/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1954.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1954", "detail_available": true, "module_name": "Enhanced Bandwidth Efficient Modem (EBEM) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seal installed as indicated in the Security Policy for the optional ESEM feature", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Enhanced Bandwidth Efficient Modem (EBEM) is a high-performance multi-input/multi-output SCPC satellite modulator/demodulator that converts multiple baseband digital input signals into multiple waveform intermediate frequencies (IF) and vice-versa.The EBEM provides extensive backwards compatibility with fielded modem and crypto technology, while adding high-order terminal modulation and Turbo coding to further enhance bandwidth efficiency." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1953", "Certificate Number": "1953", "Vendor Name": "NXP Semiconductors", "Module Name": "NXP JCOP 2.4.2 R2", "Module Type": "Hardware", "Validation Date": "05/23/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1953.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1953", "detail_available": true, "module_name": "NXP JCOP 2.4.2 R2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "NXP J3D081, J2D081, J3D145, J2D145 Secure Smart Card Controller Revision 2", "algorithms": [ "AES", "CVL", "DES", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1952", "Certificate Number": "1952", "Vendor Name": "3S Group Incorporated", "Module Name": "3S Group Cryptographic Module (3SGX)", "Module Type": "Hardware", "Validation Date": "05/23/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1952.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1952", "detail_available": true, "module_name": "3S Group Cryptographic Module (3SGX)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "3SGX is a high performance embedded PCIe cryptographic module that provides complete cryptographic support to hundreds of concurrent users and/or applications. Each user/application is authenticated twice before accessing its own symmetric and asymmetric keys and certificates. All cryptographic and key management operations are performed within the Hardware Security Module (HSM). 3SGX HSM is the core of 3S Group's hardware security appliances. Available in a range of models and configurations and high-level APIs, it is ideal for enterprise key management, virtualization and cloud server soluti" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1951", "Certificate Number": "1951", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-80C [1], FortiGate-110C [2], FortiGate-60C [3] and FortiWiFi-60C [4]", "Module Type": "Hardware", "Validation Date": "05/23/201311/08/201306/27/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1951.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1951", "detail_available": true, "module_name": "FortiGate-80C [1], FortiGate-110C [2], FortiGate-60C [3] and FortiWiFi-60C [4]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FortiGate product family spans the full range of network environments, from SOHO to service provider, offering cost effective systems for any size of application. FortiGate appliances detect and eliminate the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1950", "Certificate Number": "1950", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-1000C [1], FortiGate-1240B [2] and FortiGate-3140B [3]", "Module Type": "Hardware", "Validation Date": "05/23/201311/08/201306/27/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1950.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1950", "detail_available": true, "module_name": "FortiGate-1000C [1], FortiGate-1240B [2] and FortiGate-3140B [3]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FortiGate product family spans the full range of network environments, from SOHO to service provider, offering cost effective systems for any size of application. FortiGate appliances detect and eliminate the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1948", "Certificate Number": "1948", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "05/16/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1948.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1948", "detail_available": true, "module_name": "Samsung OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Provides general purpose cryptographic services to user-space applications on the mobile platform for the protection of data in transit." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1947", "Certificate Number": "1947", "Vendor Name": "TrellisWare Technologies Inc.", "Module Name": "TW-230 (CheetahNet II)", "Module Type": "Hardware", "Validation Date": "05/16/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1947.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1947", "detail_available": true, "module_name": "TW-230 (CheetahNet II)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The TW-230 combines the high data rate capability of TrellisWare's Tactical Scalable MANET-Enhanced (TSM-E) waveform with narrowband VHF/UHF AM/FM voice. TW-230 provides a robust highly scalable self-forming, self-healing wideband networked waveform transparent to the operator. The TW-230 supports multi-channel push to talk (PTT) voice, IP data, position location information (PLI) tracking, and remote operation of live streaming video. The TW-230 can also be operated in plaintext narrowband voice modes that allow it to interoperate with most other standard AM/FM PTT radios." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1946", "Certificate Number": "1946", "Vendor Name": "TrellisWare Technologies Inc.", "Module Name": "TW-400 (CUB)", "Module Type": "Hardware", "Validation Date": "05/14/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1946.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1946", "detail_available": true, "module_name": "TW-400 (CUB)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The TW-400 is a small form factor software defined radio that employs an enhanced version of TrellisWare's Tactical Scalable MANET waveform (TSM-E) and is capable of robust operation at high data rate modes. The TW-400 supports multi-channel push to talk (PTT) voice, IP data, network level position location information (PLI) tracking, sleep functions for long term sensing applications, IP gateway features and remote operation of live streaming video sources for networked sensing missions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1945", "Certificate Number": "1945", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "05/10/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1945.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1945", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "module_type": "Hardware", "embodiment": "Single-chip" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1944", "Certificate Number": "1944", "Vendor Name": "Apple Inc.", "Module Name": "Apple iOS CoreCrypto Kernel Module, v3.0", "Module Type": "Software", "Validation Date": "05/03/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1944.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1944", "detail_available": true, "module_name": "Apple iOS CoreCrypto Kernel Module, v3.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Apple iOS CoreCrypto Kernel Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1943", "Certificate Number": "1943", "Vendor Name": "VT iDirect, Inc.", "Module Name": "Evolution e8350™ - Satellite Router [1], iConnex e800™ - Satellite Router Board [2], iConnex e850MP™ Satellite Router Board [3], iConnex e850MP™ - IND Satellite Router Board [4], iConnex e850MP™ - IND with Heat Sink Satellite Router Board [5], Evolution eM1D1™ Line Card [6] and Evolution eM0DM™", "Module Type": "Hardware", "Validation Date": "05/02/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1943.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1943", "detail_available": true, "module_name": "Evolution e8350™ - Satellite Router [1], iConnex e800™ - Satellite Router Board [2], iConnex e850MP™ Satellite Router Board [3], iConnex e850MP™ - IND Satellite Router Board [4], iConnex e850MP™ - IND with Heat Sink Satellite Router Board [5], Evolution eM1D1™ Line Card [6] and Evolution eM0DM™", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "iDirect's AES-based bidirectional TRANSEC, combined with other system features such as cutting-edge coding techniques, acceleration and compression provides a fully integrated IP networking solution where security, performance and bandwidth efficiency are critical", "algorithms": [ "AES", "DES", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1942", "Certificate Number": "1942", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst C4500X-32SFP+ and Catalyst C4500X-F-32SFP+", "Module Type": "Hardware", "Validation Date": "05/02/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1942.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1942", "detail_available": true, "module_name": "Cisco Catalyst C4500X-32SFP+ and Catalyst C4500X-F-32SFP+", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and when tamper evident labels and security devices are installed on the initially built configuration as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The fixed-aggregation Cisco Catalyst 4500-X Series Switches deliver best-in-class scalability, simplified network virtualization, and integrated network services for space-constrained environments in campus networks. The Catalyst 4500-X switches provide a secure and manageable platform that meets FIPS 140-2 Level 2 requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1941", "Certificate Number": "1941", "Vendor Name": "IBM Internet Security Systems, Inc.", "Module Name": "Proventia GX Series Security Appliances", "Module Type": "Hardware", "Validation Date": "04/30/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1941.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1941", "detail_available": true, "module_name": "Proventia GX Series Security Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode when installed with Firmware v4.3 and with the tamper evidence seals installed as indicated in the Security Policy. No assurance of module integrity when operating in non-FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The IBM Proventia Network Intrusion Prevention System (IPS) stops Internet threats before they impact your business and delivers protection to all three layers of the network: core, perimeter and remote segments. Preemptive protection, or protection that works ahead of the threat, is available from IBM Internet Security Systems through its proprietary combination of line-speed performance, security intelligence and a modular protection engine that enables security convergence." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1940", "Certificate Number": "1940", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "IOS Common Cryptographic Module (IC2M)", "Module Type": "Firmware", "Validation Date": "04/30/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1940.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1940", "detail_available": true, "module_name": "IOS Common Cryptographic Module (IC2M)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The IC2M module provides the FIPS validated cryptographic algorithms for services requiring those algorithms. The module does not implement any protocols directly. Instead, it provides the cryptographic primitives and functions to allow IOS to implement those various protocols." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1939", "Certificate Number": "1939", "Vendor Name": "Chunghwa Telecom Co., Ltd.", "Module Name": "HiCOS PKI Native Smart Card", "Module Type": "Hardware", "Validation Date": "04/30/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1939.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1939", "detail_available": true, "module_name": "HiCOS PKI Native Smart Card", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The HiCOS PKI native smart card module is a single chip implementation of a cryptographic module. The HiCOS PKI native smart card module is mounted in an ID-1 class smart card body that adheres to ISO/IEC specifications for Integrated Circuit Chip (ICC) based identification cards. The module consists of the chip (ICC), the contact faceplate, and the electronic connectors between the chip and contact pad, all contained within an epoxy substrate." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1937", "Certificate Number": "1937", "Vendor Name": "Symantec Corporation", "Module Name": "Symantec App Center Cryptographic Module", "Module Type": "Software", "Validation Date": "04/30/201302/11/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1937.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1937", "detail_available": true, "module_name": "Symantec App Center Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Symantec App Center Cryptographic Module Version 1.0 provides cryptographic functions for Symantec App Center, a scalable solution for deploying and managing native and web apps on corporate-liable and employee-owned mobile devices.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1936", "Certificate Number": "1936", "Vendor Name": "Mxtran Inc.", "Module Name": "Mxtran Payeeton Solution", "Module Type": "Hardware", "Validation Date": "04/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1936.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1936", "detail_available": true, "module_name": "Mxtran Payeeton Solution", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Mxtran Payeeton Solution of Mxtran Inc. acts as a flexible platform for diversified mobile commerce services, allowing Mxtran clients to support both proximity payment and mobile payment via Short Message Service for prepaid, online paid and post-paid services including e-ticketing, e-coupons, access control, membership management and more. Mxtran leverages extensive integrated circuit expertise to deliver highly customizable, portable applications and payment services in a single handset." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1935", "Certificate Number": "1935", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 5915 Embedded Services Routers", "Module Type": "Hardware", "Validation Date": "04/18/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1935.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1935", "detail_available": true, "module_name": "Cisco 5915 Embedded Services Routers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Cisco 5915 ESR is a high-performance, ruggedized router designed for use in harsh environments-offering reliable operation in extreme temperatures and under shock and vibration conditions typical for mobile applications in rugged terrain. With onboard hardware encryption, the Cisco 5915 ESR offloads encryption processing from the routing engine to provide highly secure yet scalable video, voice, and data services for mobile and embedded outdoor networks.", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "RSA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1934", "Certificate Number": "1934", "Vendor Name": "VT iDirect, Inc.", "Module Name": "Evolution e8350™ - FIPSL2 Satellite Router [1], iConnex e800™ - FIPSL2 Satellite Router Board [2], iConnex e850MP™ - FIPSL2 Satellite Router Board [3], Evolution eM1D1™ - FIPSL2 Line Card [4] and Evolution eM0DM™ - FIPSL2 Line Card [5]", "Module Type": "Hardware", "Validation Date": "04/18/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1934.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1934", "detail_available": true, "module_name": "Evolution e8350™ - FIPSL2 Satellite Router [1], iConnex e800™ - FIPSL2 Satellite Router Board [2], iConnex e850MP™ - FIPSL2 Satellite Router Board [3], Evolution eM1D1™ - FIPSL2 Line Card [4] and Evolution eM0DM™ - FIPSL2 Line Card [5]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "iDirect's AES-based bidirectional TRANSEC, combined with other system features such as cutting-edge coding techniques, acceleration and compression provides a fully integrated IP networking solution where security, performance and bandwidth efficiency are critical", "algorithms": [ "AES", "DES", "HMAC", "KDF", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1933", "Certificate Number": "1933", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 6.2 dm-crypt Cryptographic Module", "Module Type": "Software", "Validation Date": "04/15/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1933.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1933", "detail_available": true, "module_name": "Red Hat Enterprise Linux 6.2 dm-crypt Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Red Hat Enterprise Linux 6.2 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #1758, Red Hat Enterprise Linux 6.2 Kernel Crypto API Cryptographic Module validated to FIPS 140-2 under Cert. #1901, Red Hat Enterprise Linux 6.2 Libgcrypt Cryptographic Module validated to FIPS 140-2 under Cert. #1757 and NSS Cryptographic Module validated to FIPS 140-2 under Cert. #1837, each module shall be obtained, installed, and initialized as specified in Section 9.1 of the provided Security Policy. Section 1 of the provided Security Policies specifies the precise RPM file containing each module. The integrity of the RPM is automatically verified during the installation and the Crypto officer shall not install the RPM file if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Device-mapper is an infrastructure in the Linux kernel that provides a generic way to create virtual layers of block devices on top of real block devices. dm-crypt is a device-mapper target that provides transparent encryption of block devices using the Kernel Crypto API shipped with RHEL 6.2. The user can specify one of the symmetric ciphers, a key (of any allowed size), an IV generation mode which allows the user to create a new block device in /dev. Writes to this device will be encrypted and reads decrypted transparent to the user." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1932", "Certificate Number": "1932", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ASA 5505, ASA 5510, ASA 5520, ASA 5540, ASA 5550, ASA 5580-20, ASA 5580-40, ASA 5585-X SSP-10, 5585-X SSP-20, 5585-X SSP-40 and 5585-X SSP-60 Security Appliances", "Module Type": "Hardware", "Validation Date": "04/08/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1932.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1932", "detail_available": true, "module_name": "Cisco ASA 5505, ASA 5510, ASA 5520, ASA 5540, ASA 5550, ASA 5580-20, ASA 5580-40, ASA 5585-X SSP-10, 5585-X SSP-20, 5585-X SSP-40 and 5585-X SSP-60 Security Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "Validated when tamper evident labels and security devices are installed on the initially built configuration as indicated in the Security Policy and when operated in FIPS mode. No assurance of module integrity when operating in non-FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes", "algorithms": [ "AES", "DES", "HMAC", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1931", "Certificate Number": "1931", "Vendor Name": "INSIDE Secure", "Module Name": "SafeZone FIPS Cryptographic Module", "Module Type": "Software", "Validation Date": "04/08/201305/20/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1931.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1931", "detail_available": true, "module_name": "SafeZone FIPS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SafeZone FIPS Cryptographic Module is a FIPS 140-2 Security Level 1 validated software cryptographic module from INSIDE Secure. The module is a toolkit which provides the most commonly needed cryptographic primitives for a large variety of applications, including but not limited to, primitives needed for DAR, DRM, TLS, and VPN on mobile devices.", "algorithms": [ "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1930", "Certificate Number": "1930", "Vendor Name": "SUSE Linux Products GmbH", "Module Name": "OpenSSL Module", "Module Type": "Software", "Validation Date": "04/08/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1930.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1930", "detail_available": true, "module_name": "OpenSSL Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy. When installed, initialized and configured as specified in the security policy section 9.1", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The OpenSSL Module is a software library supporting FIPS 140-2 -approved cryptographic algorithms for the purposes of protecting data in transit and at rest on the SUSE Linux platforms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1929", "Certificate Number": "1929", "Vendor Name": "Dell Software, Inc.", "Module Name": "SRA EX9000", "Module Type": "Hardware", "Validation Date": "04/08/201304/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1929.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1929", "detail_available": true, "module_name": "SRA EX9000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Mobile enterprises with hundreds or even thousands of mobile users can enjoy secure, easy-to-manage remote access with the Dell SonicWALL Aventail® E-Class Secure Remote Access (SRA) EX9000 appliance. This clientless SSL VPN solution increases user productivity and maximizes IT control by providing authorized access to any application from a broad range of cross-platform devices." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1928", "Certificate Number": "1928", "Vendor Name": "Christie Digital Systems Canada Inc.", "Module Name": "Christie IMB-S2 4K Integrated Media Block (IMB)", "Module Type": "Hardware", "Validation Date": "04/08/201304/19/201307/05/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1928.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1928", "detail_available": true, "module_name": "Christie IMB-S2 4K Integrated Media Block (IMB)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Christie IMB-S2 is a DCI-compliant solution to enable the playback of the video, audio and timed text essence on a 2K or 4K DLP Series-II digital cinema projector. The IMB-S2 utilizes an integrated SMS and permits the playback of alternative content and High Frame Rate (HFR) material." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1927", "Certificate Number": "1927", "Vendor Name": "Feitian Technologies Co., Ltd.", "Module Name": "FEITIAN-FIPS-COS", "Module Type": "Hardware", "Validation Date": "04/08/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1927.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1927", "detail_available": true, "module_name": "FEITIAN-FIPS-COS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Single-chip", "description": "FEITIAN-FIPS-COS, is both an integrated circuit and an operating system, and has been developed to support their ePass series USB1 tokens. These tokens are designed to provide strong authentication and identification and to support network logon, secure online transactions, digital signatures, and sensitive data protection. The FEITIAN-FIPS-COS provides all cryptographic functionality for their ePass line of products. ePass supports dual-factor authentication with an ISO27816-12 USB interface for the PC host connection acting as a smart card reader.", "algorithms": [ "AES", "DES", "DRBG", "KDF", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1926", "Certificate Number": "1926", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "04/08/201312/13/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1926.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1926", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "module_type": "Hardware", "embodiment": "Single-chip" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1925", "Certificate Number": "1925", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung Key Management Module", "Module Type": "Software", "Validation Date": "04/04/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1925.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1925", "detail_available": true, "module_name": "Samsung Key Management Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Provides general purpose key management services to user-space applications on the mobile platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1924", "Certificate Number": "1924", "Vendor Name": "Hewlett-Packard Company", "Module Name": "HP MSR30/50 Routers with Encryption Accelerator Modules", "Module Type": "Hardware", "Validation Date": "03/26/201310/25/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1924.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1924", "detail_available": true, "module_name": "HP MSR30/50 Routers with Encryption Accelerator Modules", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The HP MSR30/50 provides devices are suitable for a range of uses: core routers on small and medium enterprise networks, access routers for network branches on some large-sized enterprise networks, regional offices, and mid-sized businesses. Each device is based on the Comware 5.2 platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1923", "Certificate Number": "1923", "Vendor Name": "Crossbeam Systems, Inc.", "Module Name": "X60 and X80-S Platforms", "Module Type": "Hardware", "Validation Date": "03/22/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1923.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1923", "detail_available": true, "module_name": "X60 and X80-S Platforms", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and the tamper evident seals installed as indicated in the Security Policy. No assurance of module integrity when operating in non-FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Crossbeam’s X-Series network security platform offers enterprises, service providers and governments an open, high-performance architecture that easily scales multiple security applications to meet changing security threats. Crossbeam intelligently manages risk and protects businesses from evolving threats.", "algorithms": [ "AES", "DES", "DSA", "RSA", "SHA", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1922", "Certificate Number": "1922", "Vendor Name": "Utimaco Inc.", "Module Name": "Enterprise Secure Key Manager", "Module Type": "Hardware", "Validation Date": "03/22/201305/16/201301/01/201401/25/201612/21/201712/04/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1922.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1922", "detail_available": true, "module_name": "Enterprise Secure Key Manager", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1921", "Certificate Number": "1921", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "03/22/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1921.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1921", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1920", "Certificate Number": "1920", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "03/22/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1920.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1920", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1919", "Certificate Number": "1919", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "03/22/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1919.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1919", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1918", "Certificate Number": "1918", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 7600 Series Routers with Supervisor RSP720", "Module Type": "Hardware", "Validation Date": "03/22/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1918.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1918", "detail_available": true, "module_name": "Cisco 7600 Series Routers with Supervisor RSP720", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "Validated when tamper evident labels are installed as indicated in the Security Policy and when operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 7600-S Router is a compact, high-performance router designed in 3, 4, 6, 9 and 13-slot form factor for deployment at the network edge, where robust performance and IP/Multiprotocol Label Switching (MPLS) services are necessary to meet the requirements of both enterprises and service providers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1917", "Certificate Number": "1917", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade® MLXe® and Brocade NetIron® CER Series Ethernet Routers", "Module Type": "Hardware", "Validation Date": "05/21/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1917.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1917", "detail_available": true, "module_name": "Brocade® MLXe® and Brocade NetIron® CER Series Ethernet Routers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident labels installed and with the configurations in Tables 8 and 13 as defined in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Brocade MLXe series of core routers support IPv4, IPv6, MPLS and advanced Layer 2 switching. Ideally suited for service provider backbones, Metro Ethernet networks, ISPs, CDNs, IXPs, data centers, and distributed enterprises. The NetIron CER 2000 series 1 Gigabit Ethernet (GbE) routers support copper and hybrid fiber configurations with two optional 10 GbE uplink ports. All the ports support forwarding IP and MPLS packets at wire speed without oversubscription. The routers support standard IPv4, IPv6 routing protocols, RIP/RIPng, OSPF/OSPFv3, IS-IS/IS-IS for IPv6, and BGP/BGP-MP for IPv6.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1916", "Certificate Number": "1916", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "03/22/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1916.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1916", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "module_type": "Hardware", "embodiment": "Single-chip" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1915", "Certificate Number": "1915", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung Kernel Cryptographic Module", "Module Type": "Software", "Validation Date": "03/20/201305/23/201306/21/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1915.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1915", "detail_available": true, "module_name": "Samsung Kernel Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Provides general purpose cryptographic services to services in the Linux kernel and user-space applications, intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1914", "Certificate Number": "1914", "Vendor Name": "Hewlett-Packard Company", "Module Name": "HP MSR30/50 Routers", "Module Type": "Hardware", "Validation Date": "03/20/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1914.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1914", "detail_available": true, "module_name": "HP MSR30/50 Routers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The HP MSR30/50 provides devices are suitable for a range of uses: core routers on small and medium enterprise networks, access routers for network branches on some large-sized enterprise networks, regional offices, and mid-sized businesses. Each device is based on the Comware 5.2 platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1913", "Certificate Number": "1913", "Vendor Name": "Hewlett-Packard Company", "Module Name": "HP A-Series Routers", "Module Type": "Hardware", "Validation Date": "03/20/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1913.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1913", "detail_available": true, "module_name": "HP A-Series Routers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The HP A-series provides devices are suitable for a range of uses: in IP backbone networks, IP metropolitan area networks (MANs), or the core or convergence layers of large IP networks. The A-series routers provide a flexible, modular form factor." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1912", "Certificate Number": "1912", "Vendor Name": "Hewlett-Packard Company", "Module Name": "HP Networking Switches", "Module Type": "Hardware", "Validation Date": "03/20/201307/31/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1912.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1912", "detail_available": true, "module_name": "HP Networking Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "HP Networking Box Switches are focused on enterprise access and aggregation application or datacenter application and are suitable for a range of uses: at the edge of a network, connecting server clusters in a data center, in an enterprise LAN core, and in large-scale industrial networks and campus networks. The series includes fixed-port L2/L2+ managed Ethernet switch appliances, fixed-port L3 managed Ethernet switch appliances, and modular Ethernet switches. Each device is based on the Comware 5.2 platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1911", "Certificate Number": "1911", "Vendor Name": "Hewlett-Packard Company", "Module Name": "HP A-Series Routers with VPN Firewall Module", "Module Type": "Hardware", "Validation Date": "03/20/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1911.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1911", "detail_available": true, "module_name": "HP A-Series Routers with VPN Firewall Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The HP A-series provides devices are suitable for a range of uses: in IP backbone networks, IP metropolitan area networks (MANs), or the core or convergence layers of large IP networks. The A-series routers provide a flexible, modular form factor." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1910", "Certificate Number": "1910", "Vendor Name": "Hewlett-Packard Company", "Module Name": "HP Networking Switches with VPN Firewall", "Module Type": "Hardware", "Validation Date": "03/20/201307/31/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1910.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1910", "detail_available": true, "module_name": "HP Networking Switches with VPN Firewall", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "HP Networking Box Switches are focused on enterprise access and aggregation application or datacenter applicationan are suitable for a range of uses: at the edge of a network, connecting server clusters in a data center, in an enterprise LAN core, and in large-scale industrial networks and campus networks. The series includes modular Ethernet switches. Each device is based on the Comware 5.2 platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1909", "Certificate Number": "1909", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with Wireless Services Modules-2 (WiSM2)", "Module Type": "Hardware", "Validation Date": "03/20/201305/16/201307/12/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1909.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1909", "detail_available": true, "module_name": "Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with Wireless Services Modules-2 (WiSM2)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and physical security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with WiSM WLAN Controller deliver centralized control and high capacity for medium to large-scale Enterprise wireless LAN networks. In FIPS 140-2 mode of operation, the Cisco WiSM2 Controller supports the IEEE 802.11i & 802.1x standards, IETF CAPWAP standard and supports a Secure Wireless Architecture with certified WiFi Alliance WPA-2 security. The Cisco WiSM2 Controller supports voice, video and data services along with Cisco Clean Air technology, IPv6 mobility, intrusion protection and intelligent radio resource management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1908", "Certificate Number": "1908", "Vendor Name": "Panzura, Inc.", "Module Name": "Panzura Cryptographic Module 4.2", "Module Type": "Software", "Validation Date": "03/20/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1908.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1908", "detail_available": true, "module_name": "Panzura Cryptographic Module 4.2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Panzura Cryptographic Module provides validated cryptographic services for multiple Panzura products.", "algorithms": [ "ECDSA", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1907", "Certificate Number": "1907", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Aironet® CAP3602E and CAP3602I Wireless LAN Access Points", "Module Type": "Hardware", "Validation Date": "03/14/201305/03/201305/16/201307/12/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1907.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1907", "detail_available": true, "module_name": "Cisco Aironet® CAP3602E and CAP3602I Wireless LAN Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Aironet® 3600 Series sustains reliable connections at higher speeds further from the access point than competing solutions, resulting in up to three times more availability of 450 Mbps rates, and optimizing the performance of more mobile devices. Cisco Aironet® 3600 Series is an innovative, modular platform that offers unparalleled investment protection with future module expansion to support incoming 802.11ac clients with 870 Mbps rates, or offer comprehensive security and spectrum monitoring and control." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1906", "Certificate Number": "1906", "Vendor Name": "Biscom, Inc.", "Module Name": "Biscom Cryptographic Library", "Module Type": "Software", "Validation Date": "03/12/201305/06/201605/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1906.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1906", "detail_available": true, "module_name": "Biscom Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Biscom Cryptographic Library (the cryptographic module or the module) provides cryptographic security functions as Java APIs for application developers to integrate cryptographic services into Biscom applications or systems. The module is distributed only as an integrated subcomponent of the Biscom Delivery Server (BDS). The Biscom Cryptographic Library provides security functions for encryption, decryption, random number generation, hashing, getting the status of the integrity test, and running the self-tests. The library is used by the application." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1905", "Certificate Number": "1905", "Vendor Name": "Seagate Technology LLC", "Module Name": "Seagate Secure® TCG Enterprise SSC Self-Encrypting Drives FIPS 140 Module", "Module Type": "Hardware", "Validation Date": "03/12/201305/22/201305/31/201308/09/201311/08/201302/20/201404/03/201406/05/201409/26/201412/31/201405/08/201507/23/201512/22/201504/05/201605/24/201605/24/201605/24/201603/05/201706/22/201712/06/201707/03/201809/17/201803/25/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1905.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1905", "detail_available": true, "module_name": "Seagate Secure® TCG Enterprise SSC Self-Encrypting Drives FIPS 140 Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Seagate Secure® TCG Enterprise SSC FIPS 140 Module is embodied in Savvio®, Enterprise Performance®, Enterprise Turbo® and Constellation® model disk drives. These products meet the performance requirements of the most demanding Enterprise applications. The cryptographic module provides a wide range of cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, instant user data disposal with cryptographic erase, independently controlled and protected user data LBA bands and authenticated FW download.", "algorithms": [ "AES", "DRBG", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1904", "Certificate Number": "1904", "Vendor Name": "General Dynamics Mission Systems", "Module Name": "Fortress Mesh Points", "Module Type": "Hardware", "Validation Date": "03/20/201305/17/201306/14/201306/21/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1904.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1904", "detail_available": true, "module_name": "Fortress Mesh Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Fortress Mesh Point is an all-in-one network access device housed in a rugged compact chassis, with the most stringent security available today built in. It can serve as a wireless bridge, a WLAN access point, and an eight-port LAN switch, while performing all the functions of a Fortress controller device: encrypting wireless traffic and providing Multi-factor Authentication for devices on the network it protects." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1903", "Certificate Number": "1903", "Vendor Name": "Mocana Corporation", "Module Name": "Mocana Cryptographic Loadable Kernel Module", "Module Type": "Software", "Validation Date": "02/22/201303/28/201301/23/201402/20/201404/03/201411/25/201404/10/201510/15/201504/05/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1903.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1903", "detail_available": true, "module_name": "Mocana Cryptographic Loadable Kernel Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-Chip Stand Alone", "description": "The Mocana Cryptographic Module is the engine of Mocana's Device Security Framework - a software framework that secures all aspects of a system. The Device Security Framework helps applications and device designers reduce development costs and dramatically enhance cryptographic performance. For details see www.mocana.com." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1902", "Certificate Number": "1902", "Vendor Name": "Kingston Technology Company, Inc.", "Module Name": "IronKey S250/D250", "Module Type": "Hardware", "Validation Date": "02/21/201303/08/201605/31/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1902.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1902", "detail_available": true, "module_name": "IronKey S250/D250", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "Files distributed with the module mounted within the internal CD Drive are excluded from validation", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The IronKey S250/D250 Secure Flash Drives include a high-speed hardware-based 256 Bit AES cryptography engine for encrypting and decrypting NAND flash and RAM buffers via USB. It also includes RSA, HMAC, SHA, and DRBG algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1901", "Certificate Number": "1901", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 6.2 Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "02/21/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1901.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1901", "detail_available": true, "module_name": "Red Hat Enterprise Linux 6.2 Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Network Security Services (NSS) Cryptographic Module validated to FIPS 140-2 under Cert. #1837, Section 1 of the provided Security Policy specifies the precise RPM files containing this module. The integrity of the RPMs is automatically verified during the installation and the Crypto officer shall not install the RPM files if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Linux kernel Crypto API implemented in Red Hat Enterprise Linux 6.2 provides services operating inside the Linux kernel with various ciphers, message digests and an approved random number generator." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1900", "Certificate Number": "1900", "Vendor Name": "Gemalto", "Module Name": "MultiApp ID V2.1 Platform", "Module Type": "Hardware", "Validation Date": "02/21/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1900.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1900", "detail_available": true, "module_name": "MultiApp ID V2.1 Platform", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "MultiApp V2.1 is a highly secured smartcard contact-only platform from Gemalto complying with Javacard 2.2.2 and GP 2.1.1 standards and operated on NXP P5CC081 and P5CC145 chips. Its cryptographic library implements TDES, AES, SHA, RSA, RSA CRT, ECDSA, ECC CDH and RNG ANSX9.31 algorithms. This modular and flexible platform serves various needs, enabling secure data storage, identification, authentication and digital signatures (AS) with biometry control. This field-proven OS has the largest number of references in national ID programs, thus ensuring a secure investment.", "algorithms": [ "AES", "DES", "ECDH", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1899", "Certificate Number": "1899", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, Microsoft Windows Phone 8, and Microsoft\nWindows Storage Server 2012 BitLocker® Dump Filter (DUMPFVE.SYS)", "Module Type": "Software", "Validation Date": "09/13/201301/09/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1899.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1899", "detail_available": true, "module_name": "Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, Microsoft Windows Phone 8, and Microsoft Windows Storage Server 2012 BitLocker® Dump Filter (DUMPFVE.SYS)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When installed, initialized and configured as specified in the Security Policy Section 2 with modules Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Boot Manager validated to FIPS 140-2 under Cert. #1895 operating in FIPS mode, Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 BitLocker® Windows OS Loader (WINLOAD) validated to FIPS 140-2 under Cert. #1896 operating in FIPS mode, and Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Code Integrity (CI.DLL) validated to FIPS 140-2 under Cert. #1897 operating in FIPS mode.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The BitLocker® Dump Filter (DUMPFVE.SYS) is the full volume encryption filter that resides in the system dump stack. Whenever the dump stack is called (in the event of a system crash or for hibernation), this filter ensures that all data is encrypted before it gets written to the disk as a dump file or hibernation file. This cryptographic module also maintains FIPS 140-2 validation compliance (according to FIPS 140-2 PUB Implementation Guidance G.5) on Microsoft Windows 8, Microsoft Windows 8 Pro, and Microsoft Windows Server 2012 Datacenter." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1898", "Certificate Number": "1898", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Surface Windows 8 Pro, and Microsoft Windows Storage Server 2012 BitLocker® Windows Resume (WINRESUME)", "Module Type": "Software", "Validation Date": "09/06/201301/09/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1898.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1898", "detail_available": true, "module_name": "Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Surface Windows 8 Pro, and Microsoft Windows Storage Server 2012 BitLocker® Windows Resume (WINRESUME)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Boot Manager validated to FIPS 140-2 under Cert. #1895 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "BitLocker® Windows Resume is an operating system loader which loads the Windows OS kernel (ntoskrnl.exe) and other boot stage binary image files, as well as previous operating system state information, when Windows has been previously put into a sleep or hibernate power state. This cryptographic module also maintains FIPS 140-2 validation compliance (according to FIPS 140-2 PUB Implementation Guidance G.5) on Microsoft Windows 8, Microsoft Windows 8 Pro, and Microsoft Windows Server 2012 Datacenter." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1897", "Certificate Number": "1897", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, Microsoft Windows Phone 8, and Microsoft Windows\nStorage Server 2012 Code Integrity (CI.DLL)", "Module Type": "Software", "Validation Date": "09/06/201301/09/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1897.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1897", "detail_available": true, "module_name": "Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, Microsoft Windows Phone 8, and Microsoft Windows Storage Server 2012 Code Integrity (CI.DLL)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Boot Manager validated to FIPS 140-2 under Cert. #1895 operating in FIPS mode, and Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 BitLocker® Windows OS Loader (WINLOAD) validated to FIPS 140-2 under Cert. #1896 operating in FIPS mode.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Code Integrity (CI.DLL) verifies the integrity of executable files, including kernel mode drivers, critical system components, and user mode cryptographic modules as they are loaded into memory from the disk. This cryptographic module also maintains FIPS 140-2 validation compliance (according to FIPS 140-2 PUB Implementation Guidance G.5) on Microsoft Windows 8, Microsoft Windows 8 Pro, and Microsoft Windows Server 2012 Datacenter." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1896", "Certificate Number": "1896", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, Microsoft Windows Phone 8, and Microsoft Windows\nStorage Server 2012 BitLocker® Windows OS Loader (WINLOAD)", "Module Type": "Software", "Validation Date": "09/06/201301/09/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1896.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1896", "detail_available": true, "module_name": "Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, Microsoft Windows Phone 8, and Microsoft Windows Storage Server 2012 BitLocker® Windows OS Loader (WINLOAD)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Boot Manager validated to FIPS 140-2 under Cert. #1895 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The BitLocker® Windows OS Loader loads the boot-critical driver and OS kernel image files. Please note that AES (Cert. #2197) is only used in the entropy source for the module. This particular instance of AES is labeled as non-compliant because it does not perform a power-up self-test. This cryptographic module also maintains FIPS 140-2 validation compliance (according to FIPS 140-2 PUB Implementation Guidance G.5) on Microsoft Windows 8, Microsoft Windows 8 Pro, and Microsoft Windows Server 2012 Datacenter." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1895", "Certificate Number": "1895", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, Microsoft Windows Phone 8, and Microsoft Windows\nStorage Server 2012 Boot Manager", "Module Type": "Software", "Validation Date": "09/13/201301/09/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1895.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1895", "detail_available": true, "module_name": "Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, Microsoft Windows Phone 8, and Microsoft Windows Storage Server 2012 Boot Manager", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This is the system boot manager, called by the bootstrapping code that resides in the boot sector. It checks its own integrity, checks the integrity of the Windows OS Loader, and then launches it. This cryptographic module also maintains FIPS 140-2 validation compliance (according to FIPS 140-2 PUB Implementation Guidance G.5) on Microsoft Windows 8, Microsoft Windows 8 Pro, and Microsoft Windows Server 2012 Datacenter." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1894", "Certificate Number": "1894", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, Microsoft Windows Phone 8, and Microsoft Windows\nStorage Server 2012 Enhanced Cryptographic Provider (RSAENH.DLL)", "Module Type": "Software", "Validation Date": "08/27/201301/09/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1894.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1894", "detail_available": true, "module_name": "Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, Microsoft Windows Phone 8, and Microsoft Windows Storage Server 2012 Enhanced Cryptographic Provider (RSAENH.DLL)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Code Integrity (CI.DLL) validated to FIPS 140-2 under Cert. #1897 operating in FIPS mode, Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL) validated to FIPS 140-2 under Cert. #1892 operating in FIPS mode, and Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Kernel Mode Cryptographic Primitives Library (CNG.SYS) validated to FIPS 140-2 under Cert. #1891 operating in FIPS mode.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Enhanced Cryptographic Provider (RSAENH.DLL) encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. It can be dynamically linked into applications by software developers to permit the use of general-purpose FIPS 140-2 validated cryptography. This cryptographic module also maintains FIPS 140-2 validation compliance (according to FIPS 140-2 PUB Implementation Guidance G.5) on Microsoft Windows 8, Microsoft Windows 8 Pro, and Microsoft Windows Server 2012 Datacenter." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1893", "Certificate Number": "1893", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, Microsoft Windows Phone 8, and Microsoft Windows\nStorage Server 2012 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)", "Module Type": "Software", "Validation Date": "09/13/201301/09/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1893.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1893", "detail_available": true, "module_name": "Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, Microsoft Windows Phone 8, and Microsoft Windows Storage Server 2012 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Boot Manager validated to FIPS 140-2 under Cert. #1895 operating in FIPS mode, Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 BitLocker® Windows OS Loader (WINLOAD) validated to FIPS 140-2 under Cert. #1896 operating in FIPS mode, Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Code Integrity (CI.DLL) validated to FIPS 140-2 under Cert. #1897 operating in FIPS mode, Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Kernel Mode Cryptographic Primitives Library (CNG.SYS) validated to FIPS 140-2 under Cert. #1891 operating in FIPS mode, and Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL) validated to FIPS 140-2 under Cert. #1892 operating in FIPS mode.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL) encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. It can be dynamically linked into applications by software developers to permit the use of general-purpose FIPS 140-2 validated cryptography. This cryptographic module also maintains FIPS 140-2 validation compliance (according to FIPS 140-2 PUB Implementation Guidance G.5) on Microsoft Windows 8, Microsoft Windows 8 Pro, and Microsoft Windows Server 2012 Datacenter." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1892", "Certificate Number": "1892", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, Microsoft Windows Phone 8, and Microsoft Windows\nStorage Server 2012 Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)", "Module Type": "Software", "Validation Date": "09/06/201301/09/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1892.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1892", "detail_available": true, "module_name": "Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, Microsoft Windows Phone 8, and Microsoft Windows Storage Server 2012 Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Kernel Mode Cryptographic Primitives Library (CNG.SYS) validated to FIPS 140-2 under Cert. #1891 operating in FIPS mode, and Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Code Integrity (CI.DLL) validated to FIPS 140-2 under Cert. #1897 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL) provides cryptographic services to Windows components and applications. It includes cryptographic algorithms in an easy-to-use cryptographic module via the Cryptography Next Generation (CNG) API. It can be dynamically linked into applications for the use of general-purpose FIPS 140-2 validated cryptography. This cryptographic module also maintains FIPS 140-2 validation compliance (according to FIPS 140-2 PUB Implementation Guidance G.5) on Microsoft Windows 8, Microsoft Windows 8 Pro, and Microsoft Windows Server 2012 Datacenter." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1891", "Certificate Number": "1891", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, Microsoft Windows Phone 8, and Microsoft Windows Storage Server 2012 Kernel Mode Cryptographic Primitives Library (CNG.SYS)", "Module Type": "Software", "Validation Date": "09/06/201301/09/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1891.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1891", "detail_available": true, "module_name": "Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, Microsoft Windows Phone 8, and Microsoft Windows Storage Server 2012 Kernel Mode Cryptographic Primitives Library (CNG.SYS)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with modules Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Boot Manager validated to FIPS 140-2 under Cert. #1895 operating in FIPS mode, and Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 BitLocker® Windows OS Loader (WINLOAD) validated to FIPS 140-2 under Cert. #1896 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Kernel Mode Cryptographic Primitives Library (CNG.SYS) runs as a kernel mode export driver, and provides cryptographic services, through their documented interfaces, to Windows kernel components. It supports several cryptographic algorithms accessible via a FIPS function table request IRP (I/O request packet). This cryptographic module also maintains FIPS 140-2 validation compliance (according to FIPS 140-2 PUB Implementation Guidance G.5) on Microsoft Windows 8, Microsoft Windows 8 Pro, and Microsoft Windows Server 2012 Datacenter." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1890", "Certificate Number": "1890", "Vendor Name": "IBM Internet Security Systems, Inc.", "Module Name": "SiteProtector Cryptographic Module", "Module Type": "Software", "Validation Date": "02/19/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1890.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1890", "detail_available": true, "module_name": "SiteProtector Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "IBM Proventia+ Management SiteProtectorTM system is a security management system that provides centralized command and control, analysis, reporting and workflow for all ISS IBM Protection devices and select third-party security solutions including network IPS, Network Multi-Function, Server, Endpoint, Vulnerability Assessment, Application Assessment, and DLP. All of these IBM ISS security components have a common update and policy management system as well. The SiteProtector system provides an in-depth security event analysis capability that is specific to the needs of security analysts." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1889", "Certificate Number": "1889", "Vendor Name": "Stanley Security Solutions, Inc.", "Module Name": "Wi-Q OMW (OW2000) [1], WAC (SDC2K) [2], WDC [3] and WXC [4] Controllers", "Module Type": "Hardware", "Validation Date": "02/13/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1889.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1889", "detail_available": true, "module_name": "Wi-Q OMW (OW2000) [1], WAC (SDC2K) [2], WDC [3] and WXC [4] Controllers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of module integrity when operating in non-FIPS mode.", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Stanley Wi-Q Controller Cryptographic Module is a wireless end point device that communicates via proprietary 802.15.4 protocol to a Stanley Wi-Q Portal Gateway module. The Stanley Wi-Q Controller provides secure key entry and data encryption functions within the Stanley Wi-Q Wireless Access Control System." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1888", "Certificate Number": "1888", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Aironet 1552E Outdoor Access Point", "Module Type": "Hardware", "Validation Date": "02/11/201303/28/201305/03/201305/16/201307/12/201302/20/201402/20/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1888.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1888", "detail_available": true, "module_name": "Cisco Aironet 1552E Outdoor Access Point", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Aironet 1552E Outdoor Access Point is the standard model, dual-radio system with dual-band radios that are compliant with IEEE 802.11a/n (5-GHz) and 802.11b/g/n standards (2.4 GHz). The 1552E has three external antenna connections for three dual-band antennas. It has Ethernet and fiber Smaill Form-Factor Pluggable (SFP) backhaul options, along with the option of a battery backup. This model also has a PoE-out port and can power a video surveillance camera." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1887", "Certificate Number": "1887", "Vendor Name": "Cambium Networks, Ltd.", "Module Name": "Cambium PTP 600 Series Point to Point Wireless Ethernet Bridges", "Module Type": "Hardware", "Validation Date": "02/08/201302/22/201306/14/201301/24/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1887.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1887", "detail_available": true, "module_name": "Cambium PTP 600 Series Point to Point Wireless Ethernet Bridges", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The 600 Series of Point-to-Point wireless Ethernet bridges operates in the 2.5, 4.5, 4.8, 4.9, 5.4, 5.8 and 5.9 GHz spectrum, offering high performance Ethernet and TDM connectivity in line-of-sight and non-line-of-sight environments. PTP 600 links have class-leading sensitivity and power output, supporting data rates up to 300 Mbps and range up to 124 miles. This series of secure wireless bridges makes cost-effective connectivity and backhaul a reality for a wide range of enterprises, service providers, utilities, transportation agencies and public safety organizations." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1886", "Certificate Number": "1886", "Vendor Name": "Comtech EF Data Corporation", "Module Name": "DMD2050E TRANSEC Module", "Module Type": "Hardware", "Validation Date": "02/08/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1886.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1886", "detail_available": true, "module_name": "DMD2050E TRANSEC Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Comtech EF Data FIPS Security Module features an FPGA to perform bulk encryption/decryption for Ethernet data traffic via the DMD2050E Satellite Modem, as well as firmware to provide the cryptographic functions needed to act as an endpoint for TLS and SSH management, and control traffic.", "algorithms": [ "AES", "DES", "ECDH", "ECDSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1885", "Certificate Number": "1885", "Vendor Name": "Curtiss-Wright Controls Defense Solutions", "Module Name": "3U VPX-1TB FSM Flash Storage Module", "Module Type": "Hardware", "Validation Date": "02/08/201305/16/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1885.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1885", "detail_available": true, "module_name": "3U VPX-1TB FSM Flash Storage Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Flash Storage Module (FSM) AES cryptographic engine uses 256-bit encryption keys and performs real-time encryption of all data written to or read from solid state drives. The FSM cryptographic engines provides maximum data-at-rest security in commercial and military applications.", "algorithms": [ "AES", "DRBG", "HMAC", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1884", "Certificate Number": "1884", "Vendor Name": "Totemo AG", "Module Name": "Totemo Cryptographic Module (TCM)", "Module Type": "Software", "Validation Date": "02/08/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1884.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1884", "detail_available": true, "module_name": "Totemo Cryptographic Module (TCM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of module integrity when operating in non-FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Totemo Cryptographic Module supplies the cryptographic services required by the Totemo Security Platform (TSP) and the Totemo products which provides secure email, file transfer, and mobile messaging solutions. These solutions secure all types of communication without any infrastructure prerequisites.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA", "SHS", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1883", "Certificate Number": "1883", "Vendor Name": "SafeNet, Inc.", "Module Name": "eToken 5100, 5105, 5200 and 5205", "Module Type": "Hardware", "Validation Date": "02/08/201302/15/201309/12/201601/10/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1883.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1883", "detail_available": true, "module_name": "eToken 5100, 5105, 5200 and 5205", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "SafeNet eToken is a portable two-factor USB authenticator with advanced smart card technology. It utilizes certificate based technology to generate and store credentials, such as private keys, passwords and digital certificates inside the protected environment of the smart card chip. To authenticate, users must supply both their personal SafeNet authenticator and password, providing a critical second level of security beyond simple passwords to protect valuable digital business resources.", "algorithms": [ "AES", "DRBG", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1882", "Certificate Number": "1882", "Vendor Name": "Entrust, Inc.", "Module Name": "Entrust IdentityGuard PIV Credential", "Module Type": "Hardware", "Validation Date": "02/08/201302/06/201405/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1882.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1882", "detail_available": true, "module_name": "Entrust IdentityGuard PIV Credential", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with PIN policies configured as indicated in the Security Policy Section 9", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The Entrust IdentityGuard PIV Credential is a cryptographic module intended for use by US Federal agencies and other markets that require smartcards conformant with the PIV standards. The module can also be configured for use in markets where the set of keys and data objects, or the access control rules governing their use, differ from the PIV data model.", "algorithms": [ "AES", "DES", "ECDSA", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1881", "Certificate Number": "1881", "Vendor Name": "WinMagic Incorporated", "Module Name": "SecureDoc® Disk Encryption Cryptographic Engine for MacOS X", "Module Type": "Software", "Validation Date": "02/04/201307/11/201606/01/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1881.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1881", "detail_available": true, "module_name": "SecureDoc® Disk Encryption Cryptographic Engine for MacOS X", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SecureDoc® Disk Encryption Cryptographic Engine for MacOS X provides cryptographic services and key management for the SecureDoc® Disk Encryption products running on MacOS X platform. The module employs PKCS-11 cryptographic standard to deliver full disk and removable media encryption on Apple computers and laptops." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1880", "Certificate Number": "1880", "Vendor Name": "WinMagic Incorporated", "Module Name": "SecureDoc® Disk Encryption Cryptographic Engine for Windows", "Module Type": "Software", "Validation Date": "02/04/201307/25/201603/16/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1880.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1880", "detail_available": true, "module_name": "SecureDoc® Disk Encryption Cryptographic Engine for Windows", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SecureDoc® Disk Encryption Cryptographic Engine for Windows provides cryptographic services and key management for the SecureDoc® Disk Encryption products running on Windows platform. The module employs PKCS-11 cryptographic standard to deliver full disk encryption and other data protection solutions for General Purpose Computers, laptops and removable media." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1879", "Certificate Number": "1879", "Vendor Name": "TechGuard Security", "Module Name": "PoliWall-CCF M10 [1], M50 [2], G01 [3] and G10 [4] Series Security Appliance", "Module Type": "Hardware", "Validation Date": "02/04/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1879.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1879", "detail_available": true, "module_name": "PoliWall-CCF M10 [1], M50 [2], G01 [3] and G10 [4] Series Security Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The TechGuard Security PoliWall is a network boundary device that rapidly determines the country of origin for all incoming packets using HIPPIE (High-speed Internet Protocol Packet Inspection Engine) technology. Packets are filtered according to defined policies, exception lists, and Pre-Compiled Exception Lists (PCEL) that are bound to rule groups for specific network addresses and protocols. PoliWall also provides administrators with the ability to create maps which exclude traffic from selected countries." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1878", "Certificate Number": "1878", "Vendor Name": "Mocana Corporation", "Module Name": "Mocana Cryptographic Suite B Module", "Module Type": "Software", "Validation Date": "01/31/201303/28/201301/23/201404/03/201411/25/201402/20/201507/06/201504/12/201607/08/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1878.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1878", "detail_available": true, "module_name": "Mocana Cryptographic Suite B Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Mocana Cryptographic Module is the engine of Mocana's Device Security Framework - a software framework that secures all aspects of a system. The Device Security Framework helps applications and device designers reduce development costs and dramatically enhance cryptographic performance. For details see www.mocana.com." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1877", "Certificate Number": "1877", "Vendor Name": "Palo Alto Networks", "Module Name": "PA-500, PA-2000 Series, PA-4000 Series, and PA-5000 Series Firewalls", "Module Type": "Hardware", "Validation Date": "01/30/201308/16/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1877.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1877", "detail_available": true, "module_name": "PA-500, PA-2000 Series, PA-4000 Series, and PA-5000 Series Firewalls", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Palo Alto Networks PA-500, PA-2000 Series, PA-4000 Series, and PA-5000 Series firewalls are multi-chip standalone modules that provide network security by enabling enterprises to see and control applications, users, and content using three unique idenification technologies: App-ID, User-ID, and Content-ID. These identification technologies enable enterprises to create business-relevant security policies - safely enabling organizations to adopt new applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1876", "Certificate Number": "1876", "Vendor Name": "Apricorn, Inc.", "Module Name": "Apricorn Aegis Secure Key", "Module Type": "Hardware", "Validation Date": "01/30/201303/08/201303/28/201306/16/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1876.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1876", "detail_available": true, "module_name": "Apricorn Aegis Secure Key", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "Tamper evidence determined as indicated in the Security Policy, Physical Security Policy section", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Apricorn Aegis Secure Key is a self-authenticating and self-encrypting secure USB flash drive based on DATALOCK® technology. The Apricorn Aegis Secure Key uses full-disk hardware based AES 256 bit encryption in CBC mode. The unit is not dependent on any host software and drivers. By design it is OS/Host independent and agnostic to any operating system (Win, Mac, Linux, Chrome, Android, Symbian, etc.), computer, or embedded device that supports the standard mass storage class (USB/USB OTG)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1875", "Certificate Number": "1875", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 6506, 6506-E, 6509, and 6509-E Switches with Wireless Services Modules (WiSMs)", "Module Type": "Hardware", "Validation Date": "01/25/201302/20/201402/20/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1875.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1875", "detail_available": true, "module_name": "Cisco Catalyst 6506, 6506-E, 6509, and 6509-E Switches with Wireless Services Modules (WiSMs)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the physical security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Catalyst 6506, 6506-E, 6509, and 6509-E Switches with WiSM WLAN Controller deliver centralized control and high capacity for medium to large-scale Enterprise wireless LAN networks. In FIPS 140-2 mode of operation, the Cisco WiSM Controller supports the IEEE 802.11i & 802.1x standards, IETF CAPWAP standard and supports a Secure Wireless Architecture with certified WiFi Alliance WPA-2 security. The Cisco WiSM Controller supports voice, video and data services along with Cisco Clean Air technology, IPv6 mobility, intrusion protection and intelligent radio resource management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1874", "Certificate Number": "1874", "Vendor Name": "Ultra Stereo Labs, Inc.", "Module Name": "IMB-1000 HFR and IMB-1200 HFR Secure Media Blocks", "Module Type": "Hardware", "Validation Date": "01/18/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1874.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1874", "detail_available": true, "module_name": "IMB-1000 HFR and IMB-1200 HFR Secure Media Blocks", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Image Media Block is a type of Secure Processing Block that contains a Security Manager, Image, Audio and Subtitle Media Decryptors, Image decoder, Image and Audio Forensic Marking (FM) and optional Link Encoder. It is used for playback of encrypted movie content in commercial cinemas." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1873", "Certificate Number": "1873", "Vendor Name": "iStorage Limited", "Module Name": "datAshur Secure USB Flash Drive", "Module Type": "Hardware", "Validation Date": "01/08/201301/24/201303/28/201308/29/201406/16/201606/06/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1873.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1873", "detail_available": true, "module_name": "datAshur Secure USB Flash Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "Tamper evidence determined as indicated in the Security Policy, Physical Security Policy section", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The iStorage datAshur is a self-authenticating and self-encrypting secure USB flash drive based on DATALOCK® technology licensed from ClevX, LLC. datAshur uses full-disk hardware based AES 256 Bit encryption in CBC mode. The unit is not dependent on any host software and drivers. By design it is OS/Host independent and agnostic to any operating system (Win, Mac, Linux, Chrome, Android, Symbian, etc.), computer, or embedded device that supports the standard mass storage class (USB/USB OTG). datAshur supports a single encrypted private partition available to the user when unlocked." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1872", "Certificate Number": "1872", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise 4150F", "Module Type": "Hardware", "Validation Date": "01/08/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1872.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1872", "detail_available": true, "module_name": "McAfee Firewall Enterprise 4150F", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and opacity baffles installed and initializing the module as specified in Section 3.1.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1871", "Certificate Number": "1871", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise 2150F", "Module Type": "Hardware", "Validation Date": "01/08/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1871.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1871", "detail_available": true, "module_name": "McAfee Firewall Enterprise 2150F", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and opacity baffles installed and initializing the module as specified in Section 3.1.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1870", "Certificate Number": "1870", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise 1100F", "Module Type": "Hardware", "Validation Date": "01/08/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1870.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1870", "detail_available": true, "module_name": "McAfee Firewall Enterprise 1100F", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and opacity baffles installed and initializing the module as specified in Section 3.1.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee's Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1869", "Certificate Number": "1869", "Vendor Name": "WatchGuard Technologies, Inc.", "Module Name": "XTM 21 [1], XTM 21-W [2], XTM 22 [3], XTM 22-W [4], XTM 23 [5], XTM 23-W [6], XTM 25 [7], XTM 25-W [8], XTM 26 [9], XTM 26-W [10], XTM 33 [11], XTM 33-W [12], XTM 330 [13], XTM 505 [14], XTM 510 [15], XTM 520 [16], XTM 530 [17], XTM 810 [18], XTM 820 [19], XTM 830 [20], XTM 830-F [21], XTM 1050 [22] and XTM 2050 [23]", "Module Type": "Hardware", "Validation Date": "12/21/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1869.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1869", "detail_available": true, "module_name": "XTM 21 [1], XTM 21-W [2], XTM 22 [3], XTM 22-W [4], XTM 23 [5], XTM 23-W [6], XTM 25 [7], XTM 25-W [8], XTM 26 [9], XTM 26-W [10], XTM 33 [11], XTM 33-W [12], XTM 330 [13], XTM 505 [14], XTM 510 [15], XTM 520 [16], XTM 530 [17], XTM 810 [18], XTM 820 [19], XTM 830 [20], XTM 830-F [21], XTM 1050 [22] and XTM 2050 [23]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "WatchGuard Fireware XTM extensible threat management appliances are built for enterprise-grade performance with blazing throughput and numerous connectivity options. Advanced networking features include clustering, high availability (active/active), VLAN support, multi-WAN load balancing and enhanced VoIP security, plus inbound and outbound HTTPS inspection, to give the strong security enterprises need." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1868", "Certificate Number": "1868", "Vendor Name": "Bomgar Corporation", "Module Name": "B200™, B300™ and B400™ Remote Support Appliances", "Module Type": "Hardware", "Validation Date": "01/15/201304/08/201410/31/201407/06/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1868.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1868", "detail_available": true, "module_name": "B200™, B300™ and B400™ Remote Support Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident labels and front bezels applied as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Bomgar Remote Support Appliances provide technicians secure remote control of devices over the internet/LAN/WAN. Bomgar allows collaborative remote support to various operating systems, including desktops, servers, mobile and network devices. In addition, Bomgar provides extensive auditing and recording of support sessions.", "algorithms": [ "AES", "DES", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1867", "Certificate Number": "1867", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Cygnus X3 Hardware Security Module (XHSM)", "Module Type": "Hardware", "Validation Date": "12/19/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1867.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1867", "detail_available": true, "module_name": "Cygnus X3 Hardware Security Module (XHSM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The Pitney Bowes Cygnus X3 Postal Security Device (PSD) has been designed in compliance with FIPS 140-2 in order to support international digital indicia standards globally. The Cygnus X3 HSM Cryptographic Module employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes Postage Metering products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1866", "Certificate Number": "1866", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-3950B/3951B", "Module Type": "Hardware", "Validation Date": "12/19/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1866.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1866", "detail_available": true, "module_name": "FortiGate-3950B/3951B", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "FortiGate Multi-Threat Security Solutions are dedicated, hardware-based devices that deliver complete content protection against blended threats at the network perimeter or within the internal network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1865", "Certificate Number": "1865", "Vendor Name": "Aruba Networks, Inc.", "Module Name": "Aruba 3000 [A], 6000/M3 Revision C4 [B] and Dell W-3000 [C], W-6000M3 [D] Controllers with ArubaOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "12/18/201201/24/201307/26/201301/23/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1865.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1865", "detail_available": true, "module_name": "Aruba 3000 [A], 6000/M3 Revision C4 [B] and Dell W-3000 [C], W-6000M3 [D] Controllers with ArubaOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy clause \"Installing the Controller\" and the 6000/M3 configured as specified in Security Policy clause \"Minimum Configuration for the Aruba 6000-400\"", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba's family of Mobility Controllers are network infrastructure devices providing secure, scalable solutions for enterprise Wi-Fi, network security policy enforcement, VPN services, and wireless intrusion detection and prevention. Mobility controllers serve as central points of authentication, encryption, access control, and network coordination for all mobile network services" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1864", "Certificate Number": "1864", "Vendor Name": "Cambium Networks, Ltd.", "Module Name": "Cambium Networks PTP 800 Compact Modem Unit (CMU)", "Module Type": "Hardware", "Validation Date": "02/04/201302/22/201301/24/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1864.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1864", "detail_available": true, "module_name": "Cambium Networks PTP 800 Compact Modem Unit (CMU)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Operating in the 6 to 38 GHz RF bands at up to 368 Mbps throughput (full duplex) and with user-configured channel bandwidths from 7 to 56 MHz, the Cambium Networks Point-to-Point 800 Series of Licensed Ethernet Microwave solutions offer operators a highly reliable licensed band wireless solution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1863", "Certificate Number": "1863", "Vendor Name": "Kaseya US Sales, LLC", "Module Name": "Virtual System Administrator Cryptographic Module", "Module Type": "Software", "Validation Date": "12/13/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1863.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1863", "detail_available": true, "module_name": "Virtual System Administrator Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Kaseya Virtual System Administrator provides an IT automation framework allowing IT managers to proactively monitor, manage, maintain, and protect distributed IT resources using a single, integrated web-based interface. The services offered by Kaseya Virtual System Administrator are ever-broadening; as IT management services needs increase, so do the tools and services provided by the framework.", "algorithms": [ "AES", "DRBG", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1862", "Certificate Number": "1862", "Vendor Name": "Seagate Technology LLC", "Module Name": "Seagate Secure® TCG Enterprise SSC Pulsar.2 Self-Encrypting Drive FIPS 140 Module", "Module Type": "Hardware", "Validation Date": "01/07/201301/25/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1862.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1862", "detail_available": true, "module_name": "Seagate Secure® TCG Enterprise SSC Pulsar.2 Self-Encrypting Drive FIPS 140 Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Seagate Secure« Enterprise Self-Encrypting Drives FIPS 140 Module is embodied in the Seagate Pulsar.2 SED model disk drive. These products meet the performance requirements of the most demanding Enterprise applications. The cryptographic module (CM) provides a wide range of cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, instantaneous user data disposal with cryptographic erase, independently controlled and protected user data LBA bands and authenticated FW download.", "algorithms": [ "AES", "DRBG", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1861", "Certificate Number": "1861", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-C Micro Edition for Samsung MFP SW Platform (VxWorks)", "Module Type": "Software", "Validation Date": "12/10/201202/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1861.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1861", "detail_available": true, "module_name": "RSA BSAFE® Crypto-C Micro Edition for Samsung MFP SW Platform (VxWorks)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "A software cryptographic library within the Vxworks real-time operating system specifically for embedded systems based on the ARM9 CPU architecture." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1860", "Certificate Number": "1860", "Vendor Name": "CMS Products", "Module Name": "CE Secure", "Module Type": "Hardware", "Validation Date": "01/25/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1860.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1860", "detail_available": true, "module_name": "CE Secure", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The CE Secure CE-HDDFIPS is a Self Encrypting Drive used in CMS Products' line of external secure storage devices. All data on the secure storage device is protected with state of the art hardware encryption.", "algorithms": [ "AES", "DRBG", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1859", "Certificate Number": "1859", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 6.2 Openswan Cryptographic Module", "Module Type": "Software", "Validation Date": "12/03/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1859.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1859", "detail_available": true, "module_name": "Red Hat Enterprise Linux 6.2 Openswan Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and when obtained, installed, and initialized as assumed by the Crypto Officer role and specified in Section 9 of the provided Security Policy. This module contains the embedded Red Hat Enterprise Linux 6.2 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #1758 operating in FIPS mode and the Network Security Services (NSS) Cryptographic Module validated to FIPS 140-2 under Cert. #1837 operating in FIPS mode. Section 1 of the provided Security Policy specifies the precise RPM files containing this module. The integrity of the RPMs are verified during the installation and the Crypto officer shall not install the RPM files if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Red Hat Enterprise Linux 6.2 OpenSwan Cryptographic Module is a software only cryptographic module that provides the IKE protocol version 1 and version 2 key agreement services required for IPSec." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1858", "Certificate Number": "1858", "Vendor Name": "Vidyo, Inc.", "Module Name": "Cryptographic Security Kernel", "Module Type": "Software", "Validation Date": "11/29/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1858.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1858", "detail_available": true, "module_name": "Cryptographic Security Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Vidyo Cryptographic Security Kernel is a subset of the VidyoTechnology Software Development Kit, which consists of a set of libraries providing video conferencing capabilities. The SDK allows licensed end-users to implement video conferencing capabilities within their own software applications; the Vidyo CSK library provides the cryptographic functions required to secure the communications.", "algorithms": [ "AES", "DRBG", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1857", "Certificate Number": "1857", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI 7000 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "11/29/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1857.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1857", "detail_available": true, "module_name": "Luna® PCI 7000 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and configured to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Luna® PCI offers dedicated hardware key management to protect sensitive cryptographic keys from attack. The high-security hardware design ensures the integrity and protection of encryption keys throughout their life cycle. All digital signing and verification operations are performed within the HSM to increase performance and maintain security. Luna® PCI HSMs provide hardware secured key generation, storage, secure key backup and accelerated encryption in a range of models and configurations offering a wide selection of security, performance and operational capabilities.", "algorithms": [ "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1856", "Certificate Number": "1856", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI 7000 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "11/29/201212/03/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1856.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1856", "detail_available": true, "module_name": "Luna® PCI 7000 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and configured to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Luna PCI® offers dedicated hardware key management to protect sensitive cryptographic keys from attack. The high-security hardware design ensures the integrity and protection of encryption keys throughout their life cycle. All digital signing and verification operations are performed within the HSM to increase performance and maintain security. Luna PCI® HSMs provide hardware secured key generation, storage, secure key backup and accelerated encryption in a range of models and configurations offering a wide selection of security, performance and operational capabilities.", "algorithms": [ "AES", "DES", "DSA", "ECDH", "ECDSA", "HMAC", "KDF", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1855", "Certificate Number": "1855", "Vendor Name": "Nexus Wireless", "Module Name": "Nexus FIPS 140-2 Crypto Module", "Module Type": "Hardware", "Validation Date": "01/18/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1855.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1855", "detail_available": true, "module_name": "Nexus FIPS 140-2 Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Nexus FIPS140-2 Crypto Module is a single-board security module designed to conform to FIPS140-2 standards and primarily intended for use in P25 radio equipment. The module supports both KFD and KMF management implementations, including a dedicated 3-wire KFD interface. It includes a complete key storage and critical security material management function for TEK, KEK, UKEK, CKEK and KSKEK keys in non-volatile memory within the FIPS module, with protection from unauthorized disclosure or modification. The FIPS Module executes encryption and decryption of P25 Phase 1 voice and data tra" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1854", "Certificate Number": "1854", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "11/28/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1854.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1854", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1853", "Certificate Number": "1853", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 4402 and 4404 Wireless LAN Controllers", "Module Type": "Hardware", "Validation Date": "11/29/201202/20/201402/20/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1853.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1853", "detail_available": true, "module_name": "Cisco 4402 and 4404 Wireless LAN Controllers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the physical security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 4400 Series WLAN Controllers deliver centralized control and high capacity for small, medium and large-scale Enterprise wireless LAN networks. In FIPS 140-2 mode of operation, the Cisco WLAN Controllers support the IEEE 802.11i & 802.1x standards, IETF CAPWAP standard and support a Secure Wireless Architecture with WiFi Alliance certified WPA-2 security. The Cisco WLAN Controllers support voice, video and data services along with Cisco Clean Air technology, intrusion protection and intelligent radio resource management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1852", "Certificate Number": "1852", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiWiFi-60C", "Module Type": "Hardware", "Validation Date": "11/29/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1852.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1852", "detail_available": true, "module_name": "FortiWiFi-60C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FortiGate product family spans the full range of network environments, from SOHO to service provider, offering cost effective systems for any size of application. FortiGate appliances detect and eliminate the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1851", "Certificate Number": "1851", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise Control Center", "Module Type": "Hardware", "Validation Date": "11/29/201212/12/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1851.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1851", "detail_available": true, "module_name": "McAfee Firewall Enterprise Control Center", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise Control Center simplifies the management of multiple McAfee Firewall Enterprise appliances. Control Center enables centralized management and monitoring of the McAfee Firewall Enterprise solutions, allowing network administrators to centrally define firewall policy, deploy updates and inventory their firewall products.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1850", "Certificate Number": "1850", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-C Micro Edition", "Module Type": "Software", "Validation Date": "11/29/201201/24/201306/24/201307/23/201502/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1850.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1850", "detail_available": true, "module_name": "RSA BSAFE® Crypto-C Micro Edition", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Crypto-C Micro Edition (ME) Module is RSA, The Security Division of EMC's cryptographic library designed for securing mobile devices like wireless phones and personal digital assistants. It contains assembly-level optimizations on key wireless processors. Its functionality includes a wide range of data encryption and signing algorithms, including Triple-DES, the Advanced Encryption Standard (AES) algorithm, the RSA Public Key Cryptosystem, the DSA government signature algorithm, MD5 and SHA1 message digest routines, and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1849", "Certificate Number": "1849", "Vendor Name": "Aruba Networks, Inc.", "Module Name": "Aruba AP-60 and AP-61 Wireless Access Points", "Module Type": "Hardware", "Validation Date": "12/06/201201/24/201307/26/201301/23/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1849.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1849", "detail_available": true, "module_name": "Aruba AP-60 and AP-61 Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba's Wi-Fi access points serve as secure network on-ramps, aggregating wireless user traffic and forwarding it to Aruba's highly secure Mobility Controllers, where per-user role based access controls are applied through an integrated firewall. In FIPS 140-2 Mode, Aruba APs in conjunction with the Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also provide wireless intrusion detection/prevention services, support wireless mesh topologies, and have Wi-Fi Alliance certification for IEEE 802.11a/b/g/n." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1848", "Certificate Number": "1848", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise 4150E", "Module Type": "Hardware", "Validation Date": "12/19/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1848.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1848", "detail_available": true, "module_name": "McAfee Firewall Enterprise 4150E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1847", "Certificate Number": "1847", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise 2150E", "Module Type": "Hardware", "Validation Date": "12/19/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1847.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1847", "detail_available": true, "module_name": "McAfee Firewall Enterprise 2150E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1846", "Certificate Number": "1846", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise 1100E", "Module Type": "Hardware", "Validation Date": "12/19/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1846.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1846", "detail_available": true, "module_name": "McAfee Firewall Enterprise 1100E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1845", "Certificate Number": "1845", "Vendor Name": "Aruba Networks, Inc.", "Module Name": "Aruba AP-65, AP-70 and AP-85 Wireless Access Points", "Module Type": "Hardware", "Validation Date": "11/29/201201/24/201307/26/201301/23/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1845.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1845", "detail_available": true, "module_name": "Aruba AP-65, AP-70 and AP-85 Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evidence seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba's Wi-Fi access points serve as secure network on-ramps, aggregating wireless user traffic and forwarding it to Aruba's highly secure Mobility Controllers, where per-user role based access controls are applied through an integrated firewall. In FIPS 140-2 Mode, Aruba APs in conjunction with the Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also provide wireless intrusion detection/prevention services, support wireless mesh topologies, and have Wi-Fi Alliance certification for IEEE 802.11a/b/g/n." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1843", "Certificate Number": "1843", "Vendor Name": "Gemalto", "Module Name": "Protiva+ PIV v2.0 using TOP DL v2 and TOP IL v2", "Module Type": "Hardware", "Validation Date": "11/29/201202/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1843.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1843", "detail_available": true, "module_name": "Protiva+ PIV v2.0 using TOP DL v2 and TOP IL v2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with module TOP DL v2 or TOP IL v2 validated to FIPS 140-2 under Cert. #1450 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This module is based on a Java Card platform (TOP DL V2) with 128K EEPROM memory and the Protiva PIV Applet loaded on the Java Card platform. The Cryptographic Module provides dual interfaces (i.e. contact and contact-less) where the same security level is achieved." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1842", "Certificate Number": "1842", "Vendor Name": "Dell Software, Inc.", "Module Name": "SRA EX6000 and SRA EX7000", "Module Type": "Hardware", "Validation Date": "11/29/201204/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1842.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1842", "detail_available": true, "module_name": "SRA EX6000 and SRA EX7000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Built on Aventail's powerful, proven SSL VPN platform, the Dell SonicWALL Aventail SRA EX6000 and SRA EX7000 appliances provide granular access control for any type of remote access by first detecting the identity and the security of the end point, protecting applications with granular policy based on who the user is and the trust established for the end point used for access, and then connecting authorized employees and business partners effortlessly from a broad range of cross-platform devices only to authorized resources." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1841", "Certificate Number": "1841", "Vendor Name": "InZero Systems", "Module Name": "InZero Gateway", "Module Type": "Hardware", "Validation Date": "11/29/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1841.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1841", "detail_available": true, "module_name": "InZero Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The InZero Gateway is a pocket-sized appliance that provides FIPS-validated VPNs and endpoint security for a Windows PC. The module's hardware sandbox ensures safe browsing (e.g., opening downloaded files) and safe internet banking. A conversion engine strips malware from e-mail attachments. The firewall helps enforce NAC policy. The module may be managed locally by the Crypto Officer or by a network administrator using a Management Console. The HTTPS management connection and VPNs use FIPS validated encryption, while sandbox HTTPS connections are non-FIPS for compatibility." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1840", "Certificate Number": "1840", "Vendor Name": "Aruba Networks, Inc.", "Module Name": "Aruba 3000 [1] and 6000/M3 Revision B2 [2] Controllers with ArubaOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "02/11/201303/08/201307/26/201301/23/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1840.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1840", "detail_available": true, "module_name": "Aruba 3000 [1] and 6000/M3 Revision B2 [2] Controllers with ArubaOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy clause \"Installing the Controller\" and the 6000/M3 configured as specified in Security Policy clause \"Minimum Configuration for the Aruba 6000-400\"", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba's family of Mobility Controllers are network infrastructure devices providing secure, scalable solutions for enterprise Wi-Fi, network security policy enforcement, VPN services, and wireless intrusion detection and prevention. Mobility controllers serve as central points of authentication, encryption, access control, and network coordination for all mobile network services" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1839", "Certificate Number": "1839", "Vendor Name": "Entrust Datacard Corporation", "Module Name": "Entrust Authority™ Security Toolkit for the Java® Platform", "Module Type": "Software", "Validation Date": "11/29/201205/28/201401/08/201606/12/201803/19/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1839.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1839", "detail_available": true, "module_name": "Entrust Authority™ Security Toolkit for the Java® Platform", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Entrust Authority™ Security Toolkit for the Java® Platform enables custom applications to be built using a rich set of APIs that provide encryption, digital signature, and certificate authentication capabilities, as well as the ability to manage the full lifecycles of digital certificate-based identities through integration with the Entrust Authority PKI." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1838", "Certificate Number": "1838", "Vendor Name": "Aruba Networks, Inc.", "Module Name": "Aruba AP-92, AP-93, AP-104, AP-105, AP-175, Dell W-AP92, W-AP93, W-AP104, W-AP105 and W-AP175 Wireless Access Points", "Module Type": "Hardware", "Validation Date": "11/08/201201/24/201307/26/201301/23/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1838.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1838", "detail_available": true, "module_name": "Aruba AP-92, AP-93, AP-104, AP-105, AP-175, Dell W-AP92, W-AP93, W-AP104, W-AP105 and W-AP175 Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba's Wi-Fi access points serve as secure network on-ramps, aggregating wireless user traffic and forwarding it to Aruba's highly secure Mobility Controllers, where per-user role based access controls are applied through an integrated firewall. In FIPS 140-2 Mode, Aruba APs in conjunction with the Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also provide wireless intrusion detection/prevention services, support wireless mesh topologies, and have Wi-Fi Alliance certification for IEEE 802.11a/b/g/n." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1837", "Certificate Number": "1837", "Vendor Name": "Red Hat®, Inc.", "Module Name": "NSS Cryptographic Module", "Module Type": "Software", "Validation Date": "11/08/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1837.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1837", "detail_available": true, "module_name": "NSS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and when obtained, installed, and initialized as specified in Section 5 of the provided Security Policy. Section 5 also specifies the precise RPM file containing this module. The integrity of the RPM is automatically verified during the installation and the Crypto officer shall not install the RPM file if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major Internet security standards. NSS is available free of charge under a variety of open source compatible licenses. See http://www.mozilla.org/projects/security/pki/nss/ ." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1836", "Certificate Number": "1836", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-C Micro Edition for MFP SW Platform (pSOS)", "Module Type": "Software", "Validation Date": "11/08/201202/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1836.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1836", "detail_available": true, "module_name": "RSA BSAFE® Crypto-C Micro Edition for MFP SW Platform (pSOS)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "A software cryptographic library within the pSOS real-time operating system specifically for embedded systems based on the ARM9 CPU architecture." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1835", "Certificate Number": "1835", "Vendor Name": "Cavium Networks", "Module Name": "NITROX XL 1600-NFBE HSM Family", "Module Type": "Hardware", "Validation Date": "11/08/201210/18/201301/11/201703/29/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1835.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1835", "detail_available": true, "module_name": "NITROX XL 1600-NFBE HSM Family", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The NITROX XL 1600-NFBE HSM adapter family delivers the world's fastest FIPS 140-2 Level 3 Hardware Security Module (HSM) with PCIe Gen 2.0. The NITROX XL family of adapters offers up to 45,000 RSA operations per second and 5 Gbps of bulk crypto performance and is certified to the stringent US Government security standards. This FIPS family delivers an unmatched solution to the increasing performance, cryptographic and time to market requirements of the financial, government and healthcare vertical markets." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1834", "Certificate Number": "1834", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-200B [1], FortiGate-310B [2] and FortiGate-620B [3]", "Module Type": "Hardware", "Validation Date": "11/08/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1834.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1834", "detail_available": true, "module_name": "FortiGate-200B [1], FortiGate-310B [2] and FortiGate-620B [3]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FortiGate product family spans the full range of network environments, from SOHO to service provider, offering cost effective systems for any size of application. FortiGate appliances detect and eliminate the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1833", "Certificate Number": "1833", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Fusion 802.1x Authentication Supplicant", "Module Type": "Software", "Validation Date": "01/07/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1833.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1833", "detail_available": true, "module_name": "Fusion 802.1x Authentication Supplicant", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of module integrity when operating in non-FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Motorola Fusion 802.1x Authentication Supplicant is a component of Motorola Wireless Mobile Computing devices that are equipped with a WLAN radio. These devices are used for business process automation applications in a number of vertical markets like retail, manufacturing, transportation, health and government" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1832", "Certificate Number": "1832", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-60C [1], FortiGate-110C [2] and FortiGate-111C [3]", "Module Type": "Hardware", "Validation Date": "11/07/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1832.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1832", "detail_available": true, "module_name": "FortiGate-60C [1], FortiGate-110C [2] and FortiGate-111C [3]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FortiGate product family spans the full range of network environments, from SOHO to service provider, offering cost effective systems for any size of application. FortiGate appliances detect and eliminate the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1831", "Certificate Number": "1831", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "KMF CryptR", "Module Type": "Hardware", "Validation Date": "11/05/201212/07/201209/12/201401/30/201704/19/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1831.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1831", "detail_available": true, "module_name": "KMF CryptR", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The KMF CryptR provides encryption and decryption services for secure key management and Over-the-Air-Rekeying (OTAR) for Motorola's Key Management Facility (KMF). The KMF and KMF CryptR combine to provide these cryptographic services for Motorola's APCO-25 compliant Astro radio systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1830", "Certificate Number": "1830", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-5140 Chassis with FortiGate 5000 Series Blades", "Module Type": "Hardware", "Validation Date": "11/05/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1830.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1830", "detail_available": true, "module_name": "FortiGate-5140 Chassis with FortiGate 5000 Series Blades", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FortiGate product family spans the full range of network environments, from SOHO to service provider, offering cost effective systems for any size of application. FortiGate appliances detect and eliminate the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1829", "Certificate Number": "1829", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 5508 Wireless LAN Controller", "Module Type": "Hardware", "Validation Date": "11/05/201205/16/201307/12/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1829.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1829", "detail_available": true, "module_name": "Cisco 5508 Wireless LAN Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 5508 Series WLAN Controllers deliver centralized control and high capacity for small, medium and large-scale Enterprise wireless LAN networks. In FIPS 140-2 mode of operation, the Cisco WLAN Controllers support the IEEE 802.11i & 802.1x standards, IETF CAPWAP standard and support a Secure Wireless Architecture with WiFi Alliance certified WPA-2 security. The Cisco WLAN Controllers support voice, video and data services along with Cisco Clean Air technology, IPv6 mobility, intrusion protection and intelligent radio resource management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1828", "Certificate Number": "1828", "Vendor Name": "Aruba Networks, Inc.", "Module Name": "Aruba AP-134, AP-135 and Dell W-AP134, W-AP135 Wireless Access Points", "Module Type": "Hardware", "Validation Date": "11/05/201201/24/201307/26/201301/23/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1828.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1828", "detail_available": true, "module_name": "Aruba AP-134, AP-135 and Dell W-AP134, W-AP135 Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba's Wi-Fi access points serve as secure network on-ramps, aggregating wireless user traffic and forwarding it to Aruba's highly secure Mobility Controllers, where per-user role based access controls are applied through an integrated firewall. In FIPS 140-2 Mode, Aruba APs in conjunction with the Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also provide wireless intrusion detection/prevention services, support wireless mesh topologies, and have Wi-Fi Alliance certification for IEEE 802.11a/b/g/n." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1827", "Certificate Number": "1827", "Vendor Name": "Symantec Corporation", "Module Name": "Symantec Scanner Cryptographic Module", "Module Type": "Software", "Validation Date": "11/05/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1827.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1827", "detail_available": true, "module_name": "Symantec Scanner Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Symantec Scanner Cryptographic Module Version 1.0 provides cryptographic services to the Scanner component of the Symantec Messaging Gateway solution, a secure email gateway offering. The Scanner provides filtering services on inbound and outbound message flows and is responsible for taking actions on emails based on filtering verdicts.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1826", "Certificate Number": "1826", "Vendor Name": "Seagate Technology LLC", "Module Name": "Seagate Secure® TCG Opal SSC Self-Encrypting Drive", "Module Type": "Hardware", "Validation Date": "11/05/201206/14/201305/20/201409/25/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1826.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1826", "detail_available": true, "module_name": "Seagate Secure® TCG Opal SSC Self-Encrypting Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Seagate Secure® TCG Opal SSC Self-Encrypting Drive is embedded in Seagate Momentus® Thin Self-Encrypting Drives (SEDs). The cryptographic module (CM) provides a wide range of cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, instantaneous user data disposal with cryptographic erase, independently controlled and protected user data LBA ranges, and authenticated FW download. The services are provided through an industry-standard TCG Opal SSC interface.", "algorithms": [ "AES", "DRBG", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1825", "Certificate Number": "1825", "Vendor Name": "TIBCO LogLogic®, Inc.", "Module Name": "LogLogic Communications Cryptographic Module", "Module Type": "Software", "Validation Date": "01/25/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1825.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1825", "detail_available": true, "module_name": "LogLogic Communications Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The LogLogic Communications Cryptographic Module establishes a secure, encrypted tunnel between LogLogic products for the secure transmission of log data.", "algorithms": [ "AES", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1824", "Certificate Number": "1824", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Telepresence C20 Codec", "Module Type": "Hardware", "Validation Date": "11/14/201211/21/201212/03/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1824.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1824", "detail_available": true, "module_name": "Cisco Telepresence C20 Codec", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco TelePresence portfolio creates an immersive, face-to-face experience over the network, empowering you to collaborate with others like never before. Through a powerful combination of technologies and design that allows you and remote participants to feel as if you are all in the same room, the Cisco TelePresence portfolio has the potential to provide great productivity benefits and transform your business. Many organizations are already using it to control costs, make decisions faster, improve customer intimacy, scale scarce resources, and speed products to market." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1823", "Certificate Number": "1823", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Telepresence C40, C60, and C90 Codecs", "Module Type": "Hardware", "Validation Date": "11/05/201211/21/201212/03/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1823.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1823", "detail_available": true, "module_name": "Cisco Telepresence C40, C60, and C90 Codecs", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco TelePresence portfolio creates an immersive, face-to-face experience over the network, empowering you to collaborate with others like never before. Through a powerful combination of technologies and design that allows you and remote participants to feel as if you are all in the same room, the Cisco TelePresence portfolio has the potential to provide great productivity benefits and transform your business. Many organizations are already using it to control costs, make decisions faster, improve customer intimacy, scale scarce resources, and speed products to market." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1822", "Certificate Number": "1822", "Vendor Name": "Data-Pac Mailing Systems Corp.", "Module Name": "iButton Postal Security Device", "Module Type": "Hardware", "Validation Date": "11/01/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1822.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1822", "detail_available": true, "module_name": "iButton Postal Security Device", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Data-Pac MAXQ1959B-F50# Postal Security Device (PSD) is an embedded cryptographic module used for postage evidencing. The PSD complies with FIPS 140-2 standards and postal requirements to support the USPS IBI program, including strong cryptographic and physical security for the protection of postal funds." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1821", "Certificate Number": "1821", "Vendor Name": "Integral Memory PLC.", "Module Name": "Crypto Dual (Underlying Steel Chassis) [1] and Crypto Dual Plus (Underlying Steel Chassis) [2]", "Module Type": "Hardware", "Validation Date": "11/01/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1821.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1821", "detail_available": true, "module_name": "Crypto Dual (Underlying Steel Chassis) [1] and Crypto Dual Plus (Underlying Steel Chassis) [2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Crypto Dual (Underlying Steel Chassis) and Crypto Dual Plus (Underlying Steel Chassis) features Dual Password (User and Master) and works in both Windows & Mac operating Systems. Featuring Premium 256 bit AES security, it is one of the most secure and durable of all Integral USB Flash Drives. It has brute-force password attack protection, a 26 language interface and operates with a zero footprint." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1820", "Certificate Number": "1820", "Vendor Name": "Aruba Networks, Inc.", "Module Name": "Aruba AP-120 Series and Dell W-AP120 Series Wireless Access Points", "Module Type": "Hardware", "Validation Date": "12/05/201201/24/201311/14/201301/23/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1820.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1820", "detail_available": true, "module_name": "Aruba AP-120 Series and Dell W-AP120 Series Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba's Wi-Fi access points serve as secure network on-ramps, aggregating wireless user traffic and forwarding it to Aruba's highly secure Mobility Controllers, where per-user role based access controls are applied through an integrated firewall. In FIPS 140-2 Mode, Aruba APs in conjunction with the Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also provide wireless intrusion detection/prevention services, support wireless mesh topologies, and have Wi-Fi Alliance certification for IEEE 802.11a/b/g/n." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1819", "Certificate Number": "1819", "Vendor Name": "Symantec Corporation", "Module Name": "Symantec Control Center Cryptographic Module", "Module Type": "Software", "Validation Date": "10/12/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1819.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1819", "detail_available": true, "module_name": "Symantec Control Center Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with RSA BSAFE® Crypto-J JCE Provider Module validated to FIPS 140-2 under Cert. #1048 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1818", "Certificate Number": "1818", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco EX60 and EX90 TelePresence Systems", "Module Type": "Hardware", "Validation Date": "10/11/201211/21/201212/03/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1818.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1818", "detail_available": true, "module_name": "Cisco EX60 and EX90 TelePresence Systems", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco TelePresence portfolio creates an immersive, face-to-face experience over the network, empowering you to collaborate with others like never before. Through a powerful combination of technologies and design that allows you and remote participants to feel as if you are all in the same room, the Cisco TelePresence portfolio has the potential to provide great productivity benefits and transform your business. Many organizations are already using it to control costs, make decisions faster, improve customer intimacy, scale scarce resources, and speed products to market." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1817", "Certificate Number": "1817", "Vendor Name": "LogRhythm", "Module Name": "LogRhythm 6.0.4 or 6.3.4 Event Manager", "Module Type": "Software", "Validation Date": "10/11/201205/18/201505/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1817.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1817", "detail_available": true, "module_name": "LogRhythm 6.0.4 or 6.3.4 Event Manager", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module BCRYPTPRIMITIVES validated to FIPS 140-2 under Cert. #1336 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The LogRhythm 6.0.4 Event Manager cryptographic module provides cryptographic services to an Event Manager. In particular, these services support secure communication with supporting SQL Server databases.", "algorithms": [ "AES", "DRBG", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1816", "Certificate Number": "1816", "Vendor Name": "Kingston Technology Company, Inc.", "Module Name": "IronKey S250/D250", "Module Type": "Hardware", "Validation Date": "10/11/201201/04/201303/08/201605/26/201605/26/201605/26/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1816.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1816", "detail_available": true, "module_name": "IronKey S250/D250", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "Files distributed with the module mounted within the internal CD Drive are excluded from validation", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The IronKey S250/D250 Secure Flash Drives include a high-speed hardware-based 256 Bit AES cryptography engine for encrypting and decrypting NAND flash and RAM buffers via USB. It also includes RSA, HMAC, SHA, and DRBG algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1815", "Certificate Number": "1815", "Vendor Name": "Aruba Networks, Inc.", "Module Name": "Aruba RAP-5WN and Dell W-RAP-5WN Remote Access Points", "Module Type": "Hardware", "Validation Date": "10/11/201207/26/201301/23/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1815.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1815", "detail_available": true, "module_name": "Aruba RAP-5WN and Dell W-RAP-5WN Remote Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba's RAP-5WN access point aggregates wired and wireless user traffic and forwards it to an Aruba Mobility Controller through a secure IPsec tunnel, using the public Internet or an optional 3G/4G WWAN service for backhaul. In the FIPS 140-2 mode of operation, Aruba APs in conjunction with the Mobility Controller support the IEEE 802.11i/WPA2 standard along with optional Suite B cryptography for high-assurance applications. Aruba APs also provide wireless intrusion detection/prevention services, support wireless mesh topologies, and have Wi-Fi Alliance certification for IEEE 802.11a/b/g/n." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1814", "Certificate Number": "1814", "Vendor Name": "Websense, Inc.", "Module Name": "Crypto Module C", "Module Type": "Software", "Validation Date": "10/11/201201/22/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1814.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1814", "detail_available": true, "module_name": "Crypto Module C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Websense produces a family of web, e-mail and data security solutions that can be deployed on pre-configured, security hardened hardware or as customer installable software. The Websense Crypto Module C provides support for cryptographic and secure communications services for these solutions.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1813", "Certificate Number": "1813", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Junos-FIPS 10.4 L2 OS Cryptographic Module", "Module Type": "Firmware", "Validation Date": "10/11/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1813.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1813", "detail_available": true, "module_name": "Junos-FIPS 10.4 L2 OS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated only on the specific platforms specified on the reverse. The routing engine and chassis configured with tamper evident seals installed as indicated in the Security Policy.", "module_type": "Firmware", "embodiment": "Multi-chip embedded", "description": "Juniper Networks M, T and MX series routing platforms are complete routing systems that support a variety of high-speed interfaces for medium/large networks and network applications and numerous routing standards. All platforms are physically self-contained, housing software, firmware, and hardware necessary for routing. The router architecture provides for streamlined forwarding and routing control and the capability to run Internet-scale networks at high speeds. They are powered by the same JUNOS software, which provides both management and control functions as well as all IP routing." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1812", "Certificate Number": "1812", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise Control Center Virtual Appliance", "Module Type": "Software", "Validation Date": "10/11/201210/31/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1812.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1812", "detail_available": true, "module_name": "McAfee Firewall Enterprise Control Center Virtual Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise Control Center simplifies the management of multiple McAfee Firewall Enterprise appliances. Control Center enables centralized management and monitoring of the McAfee Firewall Enterprise solutions, allowing network administrators to centrally define firewall policy, deploy updates and inventory their firewall products.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1811", "Certificate Number": "1811", "Vendor Name": "IMS Health Inc.", "Module Name": "Diversinet Java Crypto Module", "Module Type": "Software", "Validation Date": "10/11/201202/20/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1811.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1811", "detail_available": true, "module_name": "Diversinet Java Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Diversinet Java SE Crypto Module is a JCA (Java Cryptography Architecture) Provider shipped with Diversinet MobiSecure Products. The Crypto Module implements several JCE (Java Cryptography Extension) algorithms including Triple DES, AES, SHA, HMAC and RSA. The Crypto Module is packaged in a signed Java Archive (JAR) file.", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1810", "Certificate Number": "1810", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-1240B [1] and FortiGate-3140B [2]", "Module Type": "Hardware", "Validation Date": "10/11/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1810.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1810", "detail_available": true, "module_name": "FortiGate-1240B [1] and FortiGate-3140B [2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FortiGate product family spans the full range of network environments, from SOHO to service provider, offering cost effective systems for any size of application. FortiGate appliances detect and eliminate the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1809", "Certificate Number": "1809", "Vendor Name": "Systematic Development Group, LLC", "Module Name": "LOK‐IT® 10 KEY (Series SDG003FM/SDG005M)", "Module Type": "Hardware", "Validation Date": "10/02/201201/22/201307/26/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1809.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1809", "detail_available": true, "module_name": "LOK‐IT® 10 KEY (Series SDG003FM/SDG005M)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "This module is a multi-chip standalone cryptographic module, as defined by FIPS 140-2 and consists of an Initio 1861 USB controller, NAND Flash memory and a Microchip PIC16LF1825 security controller. All components are encased in hard, opaque, production grade integrated circuit packaging. The cryptographic boundary is defined as the boundary of the module's PCB and hard epoxy coating. The module uses a NDRNG as input to a Hash_DRBG algorithm specified in NIST special publication SP800-90 to generate a random 256 bit encryption key. The AES key has 256 bits of entropy." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1808", "Certificate Number": "1808", "Vendor Name": "LogRhythm", "Module Name": "LogRhythm 6.0.4 or 6.3.4 Log Manager", "Module Type": "Software", "Validation Date": "10/02/201205/18/201505/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1808.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1808", "detail_available": true, "module_name": "LogRhythm 6.0.4 or 6.3.4 Log Manager", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module BCRYPTPRIMITIVES validated to FIPS 140-2 under Cert. #1336 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The LogRhythm 6.0.4 Log Manager cryptographic module provides cryptographic services to a Log Manager. In particular, these services support secure communication with other LogRhythm components (System Monitor Agents and AI Engine Servers) and SQL Server databases.", "algorithms": [ "AES", "DRBG", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1807", "Certificate Number": "1807", "Vendor Name": "LogRhythm", "Module Name": "LogRhythm 6.0.4 or 6.3.4 Console", "Module Type": "Software", "Validation Date": "10/02/201205/18/201505/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1807.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1807", "detail_available": true, "module_name": "LogRhythm 6.0.4 or 6.3.4 Console", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module BCRYPTPRIMITIVES validated to FIPS 140-2 under Cert. #1336 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The LogRhythm 6.0.4 Console cryptographic module provides cryptographic services to a Console. In particular, these services support secure communication with SQL Server databases in a LogRhythm deployment.", "algorithms": [ "AES", "DRBG", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1806", "Certificate Number": "1806", "Vendor Name": "LogRhythm", "Module Name": "LogRhythm 6.0.4 or 6.3.4 Windows System Monitor Agent", "Module Type": "Software", "Validation Date": "10/02/201205/18/201505/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1806.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1806", "detail_available": true, "module_name": "LogRhythm 6.0.4 or 6.3.4 Windows System Monitor Agent", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module BCRYPTPRIMITIVES validated to FIPS 140-2 under Cert. #1336 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The LogRhythm 6.0.4 Windows System Monitor Agent cryptographic module provides cryptographic services to a Windows System Monitor Agent. In particular, these services support secure communication with a LogRhythm Log Manager component.", "algorithms": [ "AES", "DRBG", "HMAC", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1805", "Certificate Number": "1805", "Vendor Name": "LogRhythm", "Module Name": "LogRhythm 6.0.4 or 6.3.4 AI Engine Server", "Module Type": "Software", "Validation Date": "10/02/201205/18/201505/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1805.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1805", "detail_available": true, "module_name": "LogRhythm 6.0.4 or 6.3.4 AI Engine Server", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module BCRYPTPRIMITIVES validated to FIPS 140-2 under Cert. #1336 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The LogRhythm 6.0.4 AI Engine Server cryptographic module provides cryptographic services to an AI Engine Server. In particular, these services support secure communication with LogRhythm Log Managers and Event Manager SQL Server databases.", "algorithms": [ "AES", "DRBG", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1804", "Certificate Number": "1804", "Vendor Name": "IMS Health Inc.", "Module Name": "Diversinet Java Crypto Module for Mobile", "Module Type": "Software", "Validation Date": "10/03/201202/20/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1804.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1804", "detail_available": true, "module_name": "Diversinet Java Crypto Module for Mobile", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Diversinet Java ME Crypto Module is shipped with Diversinet MobiSecure Client SDK for Java based run-time environments on Smartphones and tablets including, Android OS-, BlackBerry OS- and Java ME MIDP-based. The Crypto Module implements several cryptography algorithms including Triple DES, AES, SHA, HMAC and RSA.", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1803", "Certificate Number": "1803", "Vendor Name": "Websense, Inc.", "Module Name": "Crypto Module Java", "Module Type": "Software", "Validation Date": "09/25/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1803.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1803", "detail_available": true, "module_name": "Crypto Module Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Websense Crypto Module Java provides cryptographic and secure communication services for the Websense-developed family of web security, email security, and data loss prevention solutions, deployed on high-performance, pre-configured hardware or as fully-customizable \"ready-to-install\" software.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1802", "Certificate Number": "1802", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "VDX 6710, VDX 6720 and VDX 6730 with Network OS (NOS) v2.1.0 Firmware", "Module Type": "Hardware", "Validation Date": "09/07/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1802.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1802", "detail_available": true, "module_name": "VDX 6710, VDX 6720 and VDX 6730 with Network OS (NOS) v2.1.0 Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The VDX 6710, VDX 6720 and VDX 6730 are multiple-chip standalone cryptographic modules. The module is a Gigabit Ethernet routing switch that provides secure network services and network management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1801", "Certificate Number": "1801", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "µMACE", "Module Type": "Hardware", "Validation Date": "09/07/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1801.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1801", "detail_available": true, "module_name": "µMACE", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The µMACE cryptographic processor is used in security modules embedded in Motorola Solutions security products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1800", "Certificate Number": "1800", "Vendor Name": "SafeNet, Inc.", "Module Name": "eToken 4300", "Module Type": "Hardware", "Validation Date": "12/06/201202/06/201401/10/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1800.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1800", "detail_available": true, "module_name": "eToken 4300", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "eToken 4300 is a Cryptographic Module based on the Athena OS755 Java Card smart card operating system with 80KB of EEPROM. eToken 4300 is compliant with the latest Java Card 2.2.2 and GlobalPlatform 2.1.1 specifications and is validated to FIPS 140-2 Level 2. eToken 4300 supports FIPS approved DRBG, SHA-1 and all SHA-2, TDES, AES, RSA, ECDSA and ECC CDC, and RSA and ECC key generation. eToken 4300 exposes PKI and Biometric APIs and is designed for high-performance government and enterprise smart card applications.", "algorithms": [ "AES", "DRBG", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1799", "Certificate Number": "1799", "Vendor Name": "Certes Networks, Inc.", "Module Name": "CEP100, CEP100 VSE, CEP100-XSA, CEP1000, CEP1000-DP and CEP1000 VSE", "Module Type": "Hardware", "Validation Date": "09/04/201203/08/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1799.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1799", "detail_available": true, "module_name": "CEP100, CEP100 VSE, CEP100-XSA, CEP1000, CEP1000-DP and CEP1000 VSE", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Certes Networks CEP VSE encryptors are a family of high performance network encryption appliances that offer line rate multi-layer encryption at speeds from 10 Mbps up to 10 Gbps for Ethernet, IP, and MPLS networks. The CEP VSE family can be centrally managed with the simple drag-and-drop interface of Certes TrustNet Manager. TrustNet Manager provides centralized policy and key management, logging and auditing for the entire network. The CEP100 VSE and CEP1000 VSE provide data confidentiality, data integrity and data authentication for network traffic at bit rates from 75 Mbps to 1 Gbps." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1798", "Certificate Number": "1798", "Vendor Name": "Certes Networks, Inc.", "Module Name": "CEP10-R, CEP10 VSE and CEP10-C", "Module Type": "Hardware", "Validation Date": "09/06/201203/08/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1798.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1798", "detail_available": true, "module_name": "CEP10-R, CEP10 VSE and CEP10-C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Certes Networks CEP VSE encryptors are a family of high performance network encryption appliances that offer full line rate multi-layer encryption at speeds from 10 Mbps up to 10 Gbps for Ethernet, IP, and MPLS networks. The CEP VSE family can be centrally managed with the simple drag-and-drop interface of Certes TrustNet Manager. TrustNet Manager provides centralized policy and key management, logging and auditing for the entire network. The CEP10 VSE provides data confidentiality, data integrity and data authentication for network traffic at bit rates from 3 Mbps to 50 Mbps." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1797", "Certificate Number": "1797", "Vendor Name": "Certes Networks, Inc.", "Module Name": "CEP10G VSE", "Module Type": "Hardware", "Validation Date": "09/04/201203/08/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1797.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1797", "detail_available": true, "module_name": "CEP10G VSE", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Certes Networks CEP VSE encryptors are a family of high performance network encryption appliances that offer full line rate multi-layer encryption at speeds from 10 Mbps up to 10 Gbps for Ethernet, IP, and MPLS networks. The CEP VSE family can be centrally managed with the simple drag-and-drop interface of Certes TrustNet Manager. TrustNet Manager provides centralized policy and key management, logging and auditing for the entire network. The CEP10G VSE provides data confidentiality, data integrity and data authentication for network traffic at bit rates from 500 Mbps to 10 Gbps." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1796", "Certificate Number": "1796", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade DCX, DCX 8510-8, DCX-4S and DCX 8510-4 Backbones; 6510 FC Switch; and 7800 Extension Switch", "Module Type": "Hardware", "Validation Date": "08/31/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1796.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1796", "detail_available": true, "module_name": "Brocade DCX, DCX 8510-8, DCX-4S and DCX 8510-4 Backbones; 6510 FC Switch; and 7800 Extension Switch", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and when tamper evident labels are installed on the initially built configurations as indicated in the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Brocade« DCX, DCX 8510-8, DCX-4S and DCX 8510-4 Backbones and the 6510 Switch provide a reliable, scalable Fibre Channel switching infrastructure with market-leading 16 Gbps technology and capabilities that support demanding, enterprise-class private cloud storage and highly virtualized environments. The Brocade 7800 Extension Switch provides fast, reliable WAN/MAN connectivity for remote data replication, backup, and migration with Fibre Channel and advanced Fibre Channel over IP (FCIP) technology.", "algorithms": [ "AES", "DES", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1795", "Certificate Number": "1795", "Vendor Name": "Giesecke+Devrient Mobile Security America Inc.", "Module Name": "Sm@rtCafé Expert 6.0 FIPS", "Module Type": "Hardware", "Validation Date": "08/31/201207/14/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1795.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1795", "detail_available": true, "module_name": "Sm@rtCafé Expert 6.0 FIPS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Giesecke & Devrient (G&D) Smart Card Chip Operating System Sm@rtCafé Expert 6.0 is a Java Card 3 and Global Platform v2.1.1 compliant smart card module supporting both contact and contactless interfaces. It also supports, at a minimum, RSA up to 2048 bits(RSA and RSA-CRT) with on-card key generation, Hash algorithms(including SHA256), AES(up to 256 bits), ECDSA, and Triple-DES. The Sm@rtCafé Expert 6.0 is suitable for government and corporate identification, payment and banking, health care, and Web applications.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1794", "Certificate Number": "1794", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Secure Generic Sub-System (SGSS), Version 3.5 [1] and 3.6 [2]", "Module Type": "Hardware", "Validation Date": "08/28/201209/27/201212/10/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1794.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1794", "detail_available": true, "module_name": "Secure Generic Sub-System (SGSS), Version 3.5 [1] and 3.6 [2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Secure Generic Sub-System (SGSS) is a multi-chip embedded module used to provide secure cryptographic resources to a number of products in the Thales e-Security portfolio. This includes the Datacryptor® 2000, Datacryptor® Advanced Performance and Small Form Factor family (Link, Frame Relay, E1/T1, E3/T3, and IP models). The SGSS contains a secure bootstrap and authenticates application loading using the Digital Signature Algorithm (ECDSA) and SHA-384 hashing. This is a revalidation of the SGSS certified under FIPS Certificate #836, and does not affect the previous FIPS validation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1793", "Certificate Number": "1793", "Vendor Name": "HID Global", "Module Name": "HID Global Digital Identity Applet v2 on NXP JCOP 2.4.2", "Module Type": "Hardware", "Validation Date": "08/28/201202/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1793.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1793", "detail_available": true, "module_name": "HID Global Digital Identity Applet v2 on NXP JCOP 2.4.2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This version of the product can be used over contact and contactless interface (with some restrictions) and can be configured for use with HID Global JavaCard Applet Suite v2.7.1 for support of GSC-IS v2.1, NIST SP800-73-3 Transitional and End-Point Card Edge (for HSPD-12/PIV). The product allows issuance and post-issuance support for PIV End Point Card Edge and Data Model.", "algorithms": [ "AES", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1792", "Certificate Number": "1792", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 6.2 OpenSSH Server Cryptographic Module", "Module Type": "Software", "Validation Date": "08/24/201210/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1792.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1792", "detail_available": true, "module_name": "Red Hat Enterprise Linux 6.2 OpenSSH Server Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. This module contains the embedded module Red Hat Enterprise Linux 6.2 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #1758 operating in FIPS mode. When obtained, installed, and initialized as specified in Section 9.1 of the provided Security Policy. Section 1 of the provided Security Policy specifies the precise RPM file containing this module. The integrity of the RPM is automatically verified during the installation and the Crypto officer shall not install the RPM file if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The OpenSSH Server cryptographic module provides the server-side component for an SSH protocol version 2 protected communication channel. OpenSSH is the standard SSH implementation and shipped with RHEL 6.2. Its cryptographic mechanisms use the OpenSSL library in FIPS 140-2 mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1791", "Certificate Number": "1791", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 6.2 OpenSSH Client Cryptographic Module", "Module Type": "Software", "Validation Date": "08/24/201210/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1791.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1791", "detail_available": true, "module_name": "Red Hat Enterprise Linux 6.2 OpenSSH Client Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. This module contains the embedded module Red Hat Enterprise Linux 6.2 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #1758 operating in FIPS mode. When obtained, installed, and initialized as assumed by the Crypto Officer role and as specified in Section 9.1 of the provided Security Policy. Section 1 of the provided Security Policy specifies the precise RPM file containing this module. The integrity of the RPM is automatically verified during the installation and the Crypto officer shall not install the RPM file if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module. The module generates cryptographic keys whose strengths are modified by available entropy.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The OpenSSH Client cryptographic module provides the client-side component for an SSH protocol version 2 protected communication channel. OpenSSH is the standard SSH implementation and shipped with RHEL 6.2. Its cryptographic mechanisms use the OpenSSL library in FIPS 140-2 mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1790", "Certificate Number": "1790", "Vendor Name": "ARX (Algorithmic Research)", "Module Name": "PrivateServer", "Module Type": "Hardware", "Validation Date": "11/05/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1790.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1790", "detail_available": true, "module_name": "PrivateServer", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The PrivateServer is a high-performance cryptographic service provider. PrivateServer performs high-speed cryptographic operations while protecting sensitive data. Its features include Triple-DES, AES, Triple-DES MAC, CCM, HMAC, RSA, ECDSA, SHA-1, SHA-256, SHA-384, SHA-512, authenticated and encrypted communication with the module, secure storage of secret/private keys, software key medium and smartcard support, tamper-responsive enclosure, high level API requiring no cryptographic expertise, in-depth logging and auditing, and secure backup capability." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1789", "Certificate Number": "1789", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise S1104, S2008, S3008, S4016, S5032 and S6032", "Module Type": "Hardware", "Validation Date": "08/22/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1789.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1789", "detail_available": true, "module_name": "McAfee Firewall Enterprise S1104, S2008, S3008, S4016, S5032 and S6032", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1788", "Certificate Number": "1788", "Vendor Name": "Q1 Labs", "Module Name": "Cryptographic Security Kernel", "Module Type": "Software", "Validation Date": "08/22/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1788.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1788", "detail_available": true, "module_name": "Cryptographic Security Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Q1 Labs Cryptographic Security Kernel is multi-algorithm library providing general-purpose cryptographic services. The purpose of the module is to provide a single API for cryptographic functionality that can provide centralized control over FIPS-Approved mode status, provide availability of only FIPS-Approved algorithms or vendor-affirmed implementations of non FIPS-Approved algorithms, and provide for centralized logging and reporting of the cryptographic engine.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1787", "Certificate Number": "1787", "Vendor Name": "GDC Technology (USA), LLC", "Module Name": "IMB", "Module Type": "Hardware", "Validation Date": "08/22/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1787.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1787", "detail_available": true, "module_name": "IMB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "A digital cinema media block designed to be compliant with DCI specifications and SMPTE digital cinema standards. The supported features include JPEG2000 decoding, AES decryption, key management and logging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1786", "Certificate Number": "1786", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module", "Module Type": "Software", "Validation Date": "08/24/201201/24/201302/12/201605/03/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1786.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1786", "detail_available": true, "module_name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSA BSAFE® Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1785", "Certificate Number": "1785", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module", "Module Type": "Software", "Validation Date": "08/24/201201/24/201302/12/201605/03/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1785.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1785", "detail_available": true, "module_name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSA BSAFE® Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1784", "Certificate Number": "1784", "Vendor Name": "Hewlett-Packard Company", "Module Name": "HP Networking 5400 zl [1,2] and 8200 zl [3,4] Switch Series", "Module Type": "Hardware", "Validation Date": "08/15/201212/13/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1784.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1784", "detail_available": true, "module_name": "HP Networking 5400 zl [1,2] and 8200 zl [3,4] Switch Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The HP 5400 Switch series consists of Layer 2/3/4 switches which support integrated advanced capabilities in chassis (6-slot and 12-slot) form factor and offer maximum flexibility, life time warranty and lowered TCO. The HP 8200 zl Switch Series offers high performance, scalability, and a wide range of features in a high-availability platform that dramatically reduces complexity and provides reduced cost of ownership.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1783", "Certificate Number": "1783", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "08/08/201203/19/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1783.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1783", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "*" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1782", "Certificate Number": "1782", "Vendor Name": "SafeNet, Inc.", "Module Name": "ProtectServer Internal Express (PSI-e)", "Module Type": "Hardware", "Validation Date": "08/07/201211/05/201210/16/201401/27/201607/07/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1782.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1782", "detail_available": true, "module_name": "ProtectServer Internal Express (PSI-e)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The SafeNet PSI-e is a high-end intelligent PCI adapter card, used either standalone or in the SafeNet PSE appliance, that provides a wide range of cryptographic functions using firmware and dedicated hardware processors. The module provides key management (e.g., generation, storage, deletion, and backup), an extensive suite of cryptographic mechanisms, and process management including separation between operators. The PSI-e also features non-volatile tamper protected memory for key storage, a hardware random number generator, and an RTC." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1781", "Certificate Number": "1781", "Vendor Name": "Valid S/A", "Module Name": "IDflex V", "Module Type": "Hardware", "Validation Date": "08/07/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1781.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1781", "detail_available": true, "module_name": "IDflex V", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "IDflex V is a Cryptographic Module based on the Athena OS755 Java Card smart card operating system with 72KB of EEPROM. IDflex V is compliant with the latest Java Card 2.2.2 and GlobalPlatform 2.1.1 specifications and is validated to FIPS 140-2 Level 3. IDflex V supports FIPS approved DRBG, SHA-1 and all SHA-2, TDES, AES, RSA, ECDSA and ECC CDC, and RSA and ECC key generation. IDflex V exposes PKI and Biometric APIs and is designed for high-performance government and enterprise smart card applications.", "algorithms": [ "AES", "DRBG", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1780", "Certificate Number": "1780", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "08/07/201209/26/201207/10/201303/21/201406/18/201407/05/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1780.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1780", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1779", "Certificate Number": "1779", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "08/07/201209/26/201207/10/201303/21/201406/18/201407/05/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1779.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1779", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1778", "Certificate Number": "1778", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "08/07/201204/15/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1778.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1778", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1777", "Certificate Number": "1777", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Thales e-Security keyAuthority®", "Module Type": "Hardware", "Validation Date": "08/07/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1777.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1777", "detail_available": true, "module_name": "Thales e-Security keyAuthority®", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "This module contains the embedded module IBM Java JCE FIPS 140-2 Cryptographic Module validated to FIPS 140-2 under Cert. #1081 operating in FIPS mode using IBM JVM 1.6", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Thales keyAuthority® is a standards-based, FIPS-validated key management appliance that enables organizations to confidently manage encryption for multiple types of encrypting endpoints. The appliance manages encryption keys throughout their lifecycle to meet security policy and regulatory compliance requirements. A vendor-neutral approach ensures broad support for encryption devices." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1776", "Certificate Number": "1776", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® CA4", "Module Type": "Hardware", "Validation Date": "08/01/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1776.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1776", "detail_available": true, "module_name": "Luna® CA4", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Luna CA4 cryptographic module is a multi-chip standalone hardware cryptographic module in the form of a PCMCIA card that typically resides within a custom computing or secure communications appliance. It is contained in its own secure enclosure that provides physical resistance to tampering. The module provides secure key generation and storage for symmetric keys and asymmetric key pairs along with symmetric and asymmetric cryptographic services.", "algorithms": [ "AES", "DES", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1775", "Certificate Number": "1775", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCM Key Export (KE) Cryptographic Module", "Module Type": "Hardware", "Validation Date": "08/01/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1775.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1775", "detail_available": true, "module_name": "Luna® PCM Key Export (KE) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Luna PCM cryptographic module is a multi-chip standalone hardware cryptographic module in the form of a PCMCIA card that typically resides within a custom computing or secure communications appliance. It is contained in its own secure enclosure that provides physical resistance to tampering. The module provides secure key generation and storage for symmetric keys and asymmetric key pairs along with symmetric and asymmetric cryptographic services. Access to key material and cryptographic services for users and user application software is provided indirectly through the host appliance.", "algorithms": [ "AES", "DES", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1774", "Certificate Number": "1774", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCM", "Module Type": "Hardware", "Validation Date": "08/01/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1774.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1774", "detail_available": true, "module_name": "Luna® PCM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Luna PCM cryptographic module is a multi-chip standalone hardware cryptographic module in the form of a PCMCIA card that typically resides within a custom computing or secure communications appliance. It is contained in its own secure enclosure that provides physical resistance to tampering. The module provides secure key generation and storage for symmetric keys and asymmetric key pairs along with symmetric and asymmetric cryptographic services. Access to key material and cryptographic services for users and user application software is provided indirectly through the host appliance.", "algorithms": [ "AES", "DES", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1773", "Certificate Number": "1773", "Vendor Name": "Ciena® Corporation", "Module Name": "565 Advanced Services Platform [1], 5100 Advanced Services Platform [2] and 5200 Advanced Services Platform [3]", "Module Type": "Hardware", "Validation Date": "08/01/201202/06/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1773.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1773", "detail_available": true, "module_name": "565 Advanced Services Platform [1], 5100 Advanced Services Platform [2] and 5200 Advanced Services Platform [3]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The 565/5100/5200 Advanced Services Platform offers an integrated transport encryption solution providing an ultra-low latency and protocol-agnostic wirespeed encryption service for use in small to large enterprises or datacenters and also offered through service providers as a differentiated managed service.", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1772", "Certificate Number": "1772", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Junos-FIPS 10.4 L1 OS Cryptographic Module", "Module Type": "Firmware", "Validation Date": "07/31/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1772.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1772", "detail_available": true, "module_name": "Junos-FIPS 10.4 L1 OS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-chip embedded", "description": "Juniper Networks M7i and M10i routing platforms are complete routing systems that support a variety of high-speed interfaces for medium/large networks and network applications and numerous routing standards. All platforms are physically self-contained, housing software, firmware, and hardware necessary for routing. The router architecture provides for streamlined forwarding and routing control and the capability to run Internet-scale networks at high speeds. They are powered by the same JUNOS software which provides both management and control functions as well as all IP routing." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1771", "Certificate Number": "1771", "Vendor Name": "Blue Coat® Systems, Inc.", "Module Name": "ProxySG 510-5 [1], 510-10 [2], 510-20 [3], 510-25 [4], 810-5 [5], 810-10 [6], 810-20 [7] and 810-25 [8]", "Module Type": "Hardware", "Validation Date": "07/31/201208/07/201201/04/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1771.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1771", "detail_available": true, "module_name": "ProxySG 510-5 [1], 510-10 [2], 510-20 [3], 510-25 [4], 810-5 [5], 810-10 [6], 810-20 [7] and 810-25 [8]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and opacity baffles installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The foundation of Blue Coat's application delivery infrastructure, Blue Coat ProxySG appliances establish points of control that accelerate and secure business applications for users across the distributed organization. Blue Coat appliances serve as an Internet proxy and wide area network (WAN) optimizer. The purpose of the appliances is to provide a layer of security between an Internal and External Network (typically an office network and the Internet) and to provide acceleration and compression of transmitted data. ProxySG 510 and 810 are some of several appliance lines offered by Blue Coat", "algorithms": [ "AES", "DES", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1770", "Certificate Number": "1770", "Vendor Name": "Blue Coat® Systems, Inc.", "Module Name": "ProxySG 510-5 [1], 510-10 [2], 510-20 [3], 510-25 [4], 810-5 [5], 810-10 [6], 810-20 [7], 810-25 [8]", "Module Type": "Hardware", "Validation Date": "07/31/201208/07/201201/04/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1770.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1770", "detail_available": true, "module_name": "ProxySG 510-5 [1], 510-10 [2], 510-20 [3], 510-25 [4], 810-5 [5], 810-10 [6], 810-20 [7], 810-25 [8]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and the opacity baffle installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The foundation of Blue Coat's application delivery infrastructure, Blue Coat ProxySG appliances establish points of control that accelerate and secure business applications for users across the distributed organization. Blue Coat appliances serve as an Internet proxy and wide area network (WAN) optimizer. The purpose of the appliances is to provide a layer of security between an Internal and External Network (typically an office network and the Internet) and to provide acceleration and compression of transmitted data. ProxySG 510 and 810 are some of several appliance lines offered by Blue Coat", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1769", "Certificate Number": "1769", "Vendor Name": "Hewlett-Packard Development Company, L.P.", "Module Name": "HP 5406 zl [1], HP 5412 zl [2], HP 8206 zl [3] and HP 8212 zl [4] Switches with the HP MSM765zl Mobility Controller", "Module Type": "Hardware", "Validation Date": "07/27/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1769.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1769", "detail_available": true, "module_name": "HP 5406 zl [1], HP 5412 zl [2], HP 8206 zl [3] and HP 8212 zl [4] Switches with the HP MSM765zl Mobility Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The HP 5400/8200 zl Switch Series with the HP MSM765zl Mobility Controller provide centralized management and control of intelligent HP MSM APs for a wide range of deployments, from small Internet cafes and businesses, to large corporations and institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1768", "Certificate Number": "1768", "Vendor Name": "Blue Coat® Systems, Inc.", "Module Name": "ProxySG 9000-10 [1], 9000-20 [2] and 9000-20B [3]", "Module Type": "Hardware", "Validation Date": "07/27/201208/07/201201/04/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1768.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1768", "detail_available": true, "module_name": "ProxySG 9000-10 [1], 9000-20 [2] and 9000-20B [3]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and opacity baffles installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The foundation of Blue Coat's application delivery infrastructure, Blue Coat ProxySG appliances establish points of control that accelerate and secure business applications for users across the distributed organization. Blue Coat appliances serve as an Internet proxy and wide area network (WAN) optimizer. The purpose of the appliances is to provide a layer of security between an Internal and External Network (typically an office network and the Internet) and to provide acceleration and compression of transmitted data. ProxySG 9000 is one of several appliance lines offered by Blue Coat", "algorithms": [ "AES", "DES", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1767", "Certificate Number": "1767", "Vendor Name": "Blue Coat® Systems, Inc.", "Module Name": "ProxySG 900-10 [1], 900-10B [2], 900-20 [3], 900-30 [4], 900-45 [5] and 900-55 [6]", "Module Type": "Hardware", "Validation Date": "07/27/201208/07/201208/16/201201/04/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1767.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1767", "detail_available": true, "module_name": "ProxySG 900-10 [1], 900-10B [2], 900-20 [3], 900-30 [4], 900-45 [5] and 900-55 [6]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and opacity baffles installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The foundation of Blue Coat's application delivery infrastructure, Blue Coat ProxySG appliances establish points of control that accelerate and secure business applications for users across the distributed organization. Blue Coat appliances serve as an Internet proxy and wide area network (WAN) optimizer. The purpose of the appliances is to provide a layer of security between an Internal and External Network (typically an office network and the Internet) and to provide acceleration and compression of transmitted data. ProxySG 900 is one of several appliance lines offered by Blue Coat", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1766", "Certificate Number": "1766", "Vendor Name": "Blue Coat® Systems, Inc.", "Module Name": "ProxySG 9000-10 [1], 9000-20 [2], 9000-20B [3], 9000-30 [4] and 9000-40 [5]", "Module Type": "Hardware", "Validation Date": "07/27/201208/07/201208/16/201209/27/201201/04/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1766.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1766", "detail_available": true, "module_name": "ProxySG 9000-10 [1], 9000-20 [2], 9000-20B [3], 9000-30 [4] and 9000-40 [5]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and opacity baffles installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The foundation of Blue Coat's application delivery infrastructure, Blue Coat ProxySG appliances establish points of control that accelerate and secure business applications for users across the distributed organization. Blue Coat appliances serve as an Internet proxy and wide area network (WAN) optimizer. The purpose of the appliances is to provide a layer of security between an Internal and External Network (typically an office network and the Internet) and to provide acceleration and compression of transmitted data. ProxySG 9000 is one of several appliance lines offered by Blue Coat", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1765", "Certificate Number": "1765", "Vendor Name": "Research In Motion Ltd.", "Module Name": "BlackBerry Cryptographic Java Module", "Module Type": "Software", "Validation Date": "07/31/201210/10/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1765.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1765", "detail_available": true, "module_name": "BlackBerry Cryptographic Java Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-to-end solution. The BlackBerry® Cryptographic Java Module is a software module that provides cryptographic services to BlackBerry® products such as the BlackBerry® PlayBook Administration Service, and other BlackBerry® products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1764", "Certificate Number": "1764", "Vendor Name": "Athena Smartcard Inc.", "Module Name": "IDProtect Duo with PIV", "Module Type": "Hardware", "Validation Date": "08/23/201204/12/201302/06/201405/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1764.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1764", "detail_available": true, "module_name": "IDProtect Duo with PIV", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "IDProtect is a Cryptographic Module based on the Athena OS755 Java Card smart card operating system with 80KB of EEPROM. IDProtect is compliant with the latest Java Card 2.2.2 and GlobalPlatform 2.1.1 specifications and is validated to FIPS 140-2 Level 2. IDProtect supports FIPS approved DRBG, SHA-1 and all SHA-2, TDES, AES, RSA, ECDSA and ECC CDC and RSA and ECC key generation. IDProtect exposes PKI and Biometric APIs and is designed for high performance government and enterprise smart card applications.", "algorithms": [ "AES", "DRBG", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1763", "Certificate Number": "1763", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Motorola PTP 800 Series CMU Cryptographic Module", "Module Type": "Hardware", "Validation Date": "07/27/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1763.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1763", "detail_available": true, "module_name": "Motorola PTP 800 Series CMU Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Operating in the 6 to 38 GHz RF bands at up to 368 Mbps throughput (full duplex) and with user-configured channel bandwidths from 7 to 56 MHz, the Motorola Point-to-Point 800 Series of Licensed Ethernet Microwave solutions offer operators a highly reliable licensed band wireless solution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1762", "Certificate Number": "1762", "Vendor Name": "INSIDE Secure", "Module Name": "VaultIC420™, VaultIC440™ and VaultIC460™", "Module Type": "Hardware", "Validation Date": "07/27/201209/06/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1762.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1762", "detail_available": true, "module_name": "VaultIC420™, VaultIC440™ and VaultIC460™", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The VaultIC™ 420, VaultIC™ 440 and VaultIC™ 460 is an Application Specific Standard Product (ASSP) designed to secure various systems against counterfeiting, cloning or identity theft. It is a hardware security module that can be used in many applications such as IP protection, access control or hardware protection." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1761", "Certificate Number": "1761", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Motorola PTP 600 Series Point to Point Wireless Ethernet Bridges", "Module Type": "Hardware", "Validation Date": "07/27/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1761.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1761", "detail_available": true, "module_name": "Motorola PTP 600 Series Point to Point Wireless Ethernet Bridges", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "PTP 600 Series Ethernet bridges offer high performance connectivity and backhaul in challenging non-line-of-sight environments. With carrier-grade reliability, PTP 600 links have class-leading sensitivity and power output which enable links to go farther, while sustaining high throughput regardless of conditions. With data rates up to 300 Mbps and reaching distances up to 124 miles, this Series of high-performance and secure wireless bridges make cost-effective connectivity and backhaul a reality for a wide range of enterprises, service providers and public safety organizations." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1760", "Certificate Number": "1760", "Vendor Name": "Catbird Networks, Inc.", "Module Name": "Catbird vSecurity Crypto Module v1.0", "Module Type": "Software", "Validation Date": "07/27/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1760.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1760", "detail_available": true, "module_name": "Catbird vSecurity Crypto Module v1.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Catbird is the industry pioneer in security and compliance for virtualized environments, a four-time Best of Show Finalist at VMworld and a Gartner Group Cool Vendor 2011. Catbird's comprehensive protection includes monitoring and enforcement of PCI, NIST, HIPAA, FISMA, DIACAP and other requirements in virtual environments. Maintaining regulatory and corporate compliance in the new data center and eliminating uncertainty over secure virtualization, Catbird's protection keeps Tier-1 application deployment plans on track.", "algorithms": [ "ECDSA", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1759", "Certificate Number": "1759", "Vendor Name": "Cummings Engineering Consultants, Inc.", "Module Name": "Cummings Engineering's Secure Mobility Suite B Crypto Module", "Module Type": "Software", "Validation Date": "07/27/201204/19/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1759.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1759", "detail_available": true, "module_name": "Cummings Engineering's Secure Mobility Suite B Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Cummings Engineering is a leading provider of mobility innovation providing state-of-the art advanced cryptography and enterprise solutions in both commercial and government markets. Cummings Engineering has multiple patents/patents-pending in the secure communications domain and has made breakthroughs around MDM, Secure Smartphones, and more. Cummings Engineering is committed to providing best-in-class products and services to protect the privacy and data of US Citizens.", "algorithms": [ "ECDSA", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1758", "Certificate Number": "1758", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 6.2 OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "07/27/201210/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1758.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1758", "detail_available": true, "module_name": "Red Hat Enterprise Linux 6.2 OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and when obtained, installed, and initialized as specified in Section 9.1 of the provided Security Policy. The Security Policy specifies the precise RPM file containing this module. The integrity of the RPM is automatically verified during the installation and the Crypto officer shall not install the module if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The OpenSSL FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the OpenSSL library version 1.0.0-20.el6 delivered with RHEL 6.2." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1757", "Certificate Number": "1757", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 6.2 Libgcrypt Cryptographic Module", "Module Type": "Software", "Validation Date": "07/27/201210/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1757.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1757", "detail_available": true, "module_name": "Red Hat Enterprise Linux 6.2 Libgcrypt Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and when obtained, installed and initialized as assumed by the Crypto Officer role and specified in Section 9.1 of the provided Security Policy. The Security Policy specifies the precise RPM file containing this module. The integrity of the RPM is automatically verified during the installation and the Crypto officer shall not install the module if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module. The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The libgcrypt FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the libgcrypt library version 1.4.5-9.e16 delivered with RHEL 6.2.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1756", "Certificate Number": "1756", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "NetScreen-ISG 1000 [1] and NetScreen-ISG 2000 [2]", "Module Type": "Hardware", "Validation Date": "07/27/201212/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1756.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1756", "detail_available": true, "module_name": "NetScreen-ISG 1000 [1] and NetScreen-ISG 2000 [2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Juniper Networks integrated security devices are purpose-built to perform essential networking security functions designed on top of robust networking and security real-time operating systems, ScreenOS. These are high-performance platforms that deliver integrated security and LAN/WAN routing across high-density LAN/WAN interfaces, Juniper Networks integrated security devices address the needs of small to medium sized locations, large distributed enterprises, and service providers as well as large and co-located datacenters." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1755", "Certificate Number": "1755", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "NetScreen-5200 [1] and Netscreen-5400 [2]", "Module Type": "Hardware", "Validation Date": "07/27/201212/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1755.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1755", "detail_available": true, "module_name": "NetScreen-5200 [1] and Netscreen-5400 [2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Juniper Networks integrated security devices are purpose-built to perform essential networking security functions designed on top of robust networking and security real-time operating systems, ScreenOS. These are high-performance platforms that deliver integrated security and LAN/WAN routing across high-density LAN/WAN interfaces, Juniper Networks integrated security devices address the needs of small to medium sized locations, large distributed enterprises, and service providers as well as large and co-located datacenters." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1754", "Certificate Number": "1754", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiOS™", "Module Type": "Firmware", "Validation Date": "07/17/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1754.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1754", "detail_available": true, "module_name": "FortiOS™", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The FortiOS is a firmware based operating system that runs exclusively on Fortinet's FortiGate/FortiWiFi product family. The FortiOS provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering and traffic shaping and HA capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1753", "Certificate Number": "1753", "Vendor Name": "Utimaco® Safeware AG", "Module Name": "SafeGuard® CryptoServer Se", "Module Type": "Hardware", "Validation Date": "07/24/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1753.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1753", "detail_available": true, "module_name": "SafeGuard® CryptoServer Se", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "SafeGuard® CryptoServer Se is an encapsulated, protected hardware security module which provides secure cryptographic services like encryption or decryption (for various cryptographic algorithms like Triple-DES, RSA and AES), hashing, signing, and verification of data (RSA, ECDSA), random number generation, on-board secure key generation, key storage and further key management functions in a tamper-protected environment. The module is optionally available with or without RSA Crypto Accelerator." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1752", "Certificate Number": "1752", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Astro Subscriber Motorola Advanced Crypto Engine (MACE)", "Module Type": "Hardware", "Validation Date": "06/27/201207/18/201212/12/201201/10/201401/30/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1752.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1752", "detail_available": true, "module_name": "Astro Subscriber Motorola Advanced Crypto Engine (MACE)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and configured to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The MACE cryptographic processor is used in security modules embedded in Motorola's Astro family of radio systems products. It provides secure voice and data capabilities as well as APCO Over-The-Air-Rekeying and advanced key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1751", "Certificate Number": "1751", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Astro Subscriber Motorola Advanced Crypto Engine (MACE)", "Module Type": "Hardware", "Validation Date": "06/27/201207/18/201212/12/201201/10/201401/30/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1751.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1751", "detail_available": true, "module_name": "Astro Subscriber Motorola Advanced Crypto Engine (MACE)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and configured to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The MACE cryptographic processor is used in security modules embedded in Motorola's Astro family of radio system products. It provides secure voice and data capabilities as well as APCO Over-The-Air-Rekeying and advanced key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1750", "Certificate Number": "1750", "Vendor Name": "Athena Smartcard Inc.", "Module Name": "IDProtect Key with LASER PKI", "Module Type": "Hardware", "Validation Date": "07/17/201204/12/201305/28/201403/07/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1750.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1750", "detail_available": true, "module_name": "IDProtect Key with LASER PKI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "IDProtect is a Cryptographic Module based on the Athena OS755 Java Card smart card operating system with 72KB of EEPROM. IDProtect is compliant with the latest Java Card 2.2.2 and GlobalPlatform 2.1.1 specifications and is validated to FIPS 140-2 Level 3. IDProtect supports FIPS approved DRBG, SHA-1 and all SHA-2, TDES, AES, RSA, ECDSA and ECC CDC, and RSA and ECC key generation. IDProtect exposes PKI and Biometric APIs and is designed for high-performance government and enterprise smart card applications.", "algorithms": [ "DRBG", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1749", "Certificate Number": "1749", "Vendor Name": "Athena Smartcard Inc.", "Module Name": "IDProtect Duo with LASER PKI", "Module Type": "Hardware", "Validation Date": "07/17/201204/12/201305/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1749.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1749", "detail_available": true, "module_name": "IDProtect Duo with LASER PKI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "IDProtect is a Cryptographic Module based on the Athena OS755 Java Card smart card operating system with 80KB of EEPROM. IDProtect is compliant with the latest Java Card 2.2.2 and GlobalPlatform 2.1.1 specifications and is validated to FIPS 140-2 Level 3. IDProtect supports FIPS approved DRBG, SHA-1 and all SHA-2, TDES, AES, RSA, ECDSA and ECC CDC, and RSA and ECC key generation. IDProtect exposes PKI and Biometric APIs and is designed for high-performance government and enterprise smart card applications.", "algorithms": [ "AES", "DRBG", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1748", "Certificate Number": "1748", "Vendor Name": "Vocality International Ltd", "Module Name": "BASICS IP PC104", "Module Type": "Hardware", "Validation Date": "06/27/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1748.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1748", "detail_available": true, "module_name": "BASICS IP PC104", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When configured in FIPS mode as specified in Section 8 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The BASICS IP PC104 unit is a high-performance 10/100base-T Router which incorporates a cryptographic module. It provides 3 independently routable subnets; one for the uplink port, one for the downlink port and one for the four Ethernet switch ports which are also IEEE802.1q VLAN and Power-over-Ethernet (PoE) capable. It can also bridge network traffic to the uplink port from any IP device connected to its Downlink port. It may be used as a simple switch or a sophisticated secure multiprotocol IP router and can also power a group of SIP VoIP phones." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1747", "Certificate Number": "1747", "Vendor Name": "OpenSSL Software Services Inc.", "Module Name": "OpenSSL FIPS Object Module", "Module Type": "Software", "Validation Date": "06/27/201207/09/201207/18/201210/24/201201/22/201302/06/201302/22/201302/28/201303/28/201305/16/201306/14/201308/16/201308/23/201311/08/201312/20/201306/27/201407/03/201409/02/201409/12/201410/16/201412/31/201406/15/201509/04/201501/25/201601/10/201701/30/201712/18/201704/19/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1747.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1747", "detail_available": true, "module_name": "OpenSSL FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The OpenSSL FIPS Object Module 2.0 is a general purpose cryptographic module delivered as open source code. It is designed for ease of use with the popular OpenSSL cryptographic library and toolkit and is available for use without charge for a wide variety of platforms. The basic validation can also be extended quickly and affordably to accommodate new platforms and many types of modifications.", "algorithms": [ "AES", "CVL", "DRBG", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1746", "Certificate Number": "1746", "Vendor Name": "nCipher Security Limited", "Module Name": "nShield F3 4000 [1], nShield F3 2000 [2], nShield F3 2000 for NetHSM [3], nShield F3 500 [4] and nShield F3 500 for NetHSM [5]", "Module Type": "Hardware", "Validation Date": "06/25/201203/08/201308/16/201311/16/201501/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1746.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1746", "detail_available": true, "module_name": "nShield F3 4000 [1], nShield F3 2000 [2], nShield F3 2000 for NetHSM [3], nShield F3 500 [4] and nShield F3 500 for NetHSM [5]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nShield modules: nShield F3 4000, nShield F3 2000, nShield F3 2000 for netHSM, nShield F3 500, and nShield F3 500 for netHSM family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1745", "Certificate Number": "1745", "Vendor Name": "Vormetric, Inc.", "Module Name": "Vormetric Data Security Server Module", "Module Type": "Hardware", "Validation Date": "06/25/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1745.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1745", "detail_available": true, "module_name": "Vormetric Data Security Server Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Vormetric Data Security Server is a multi-chip standalone cryptographic module. The Vormetric Data Security Server is the central point of management for the Vormetric Data Security product. It manages keys and policies, and controls Vormetric Encryption Expert Agents. These agents contain the Vormetric Encryption Expert Cryptographic Module, which has been validated separately from this module." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1744", "Certificate Number": "1744", "Vendor Name": "nCipher Security Limited", "Module Name": "MiniHSM [1], MiniHSM for nShield Edge [2] and MiniHSM for Time Stamp Master Clock [3]", "Module Type": "Hardware", "Validation Date": "06/25/201208/16/201310/25/201310/31/201501/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1744.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1744", "detail_available": true, "module_name": "MiniHSM [1], MiniHSM for nShield Edge [2] and MiniHSM for Time Stamp Master Clock [3]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The MiniHSM, MiniHSM for nShield Edge and MiniHSM for Time Stamp Master Clock are fully featured HSMs supplied in a single chip package. The MiniHSM Modules offer all the security and key management features of other nShield modules - but with reduced processing speed. The MiniHSM modules are OEM parts and will be included within other appliances or products, for example switches or routers. The MiniHSM modules have a real time clock which also makes them suitable for use as a time-stamping engine." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1743", "Certificate Number": "1743", "Vendor Name": "nCipher Security Limited", "Module Name": "nShield F2 6000e [1], nShield F2 1500e [2], nShield F2 500e [3] and nShield F2 10e [4]", "Module Type": "Hardware", "Validation Date": "06/25/201203/08/201308/16/201311/16/201501/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1743.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1743", "detail_available": true, "module_name": "nShield F2 6000e [1], nShield F2 1500e [2], nShield F2 500e [3] and nShield F2 10e [4]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher modules: nShield F2 6000e, Shield F2 1500e, nShield F2 500e, and nShield 10e family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1742", "Certificate Number": "1742", "Vendor Name": "nCipher Security Limited", "Module Name": "nShield F3 6000e [1], nShield F3 1500e [2], nShield F3 500e [3], nShield F3 10e [4], nShield F3 6000e for nShield Connect [5], nShield F3 1500e for nShield Connect [6] and nShield F3 500e for nShield Connect [7]", "Module Type": "Hardware", "Validation Date": "06/25/201203/08/201308/16/201311/16/201501/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1742.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1742", "detail_available": true, "module_name": "nShield F3 6000e [1], nShield F3 1500e [2], nShield F3 500e [3], nShield F3 10e [4], nShield F3 6000e for nShield Connect [5], nShield F3 1500e for nShield Connect [6] and nShield F3 500e for nShield Connect [7]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nShield modules: nShield F3 6000e, nShield F3 1500e, nShield F3 500e, nShield F3 10e, nShield F3 6000e for nShield Connect, nShield F3 1500e for nShield Connect and nShield F3 500e for nShield Connect family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1741", "Certificate Number": "1741", "Vendor Name": "nCipher Security Limited", "Module Name": "nShield F3 500 [1], nShield F3 500 for NetHSM [2] and nShield F3 10 PCI [3]", "Module Type": "Hardware", "Validation Date": "06/25/201203/08/201308/16/201311/16/201501/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1741.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1741", "detail_available": true, "module_name": "nShield F3 500 [1], nShield F3 500 for NetHSM [2] and nShield F3 10 PCI [3]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nShield modules: nShield F3 500, Shield F3 500 for NetHSM, and nShield F3 10 family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1740", "Certificate Number": "1740", "Vendor Name": "nCipher Security Limited", "Module Name": "nShield F2 500 [1] and nShield F2 10 PCI [2]", "Module Type": "Hardware", "Validation Date": "06/25/201203/08/201308/16/201311/16/201501/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1740.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1740", "detail_available": true, "module_name": "nShield F2 500 [1] and nShield F2 10 PCI [2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nShield modules: nShield F2 500 & nShield F2 10 PCI family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1739", "Certificate Number": "1739", "Vendor Name": "nCipher Security Limited", "Module Name": "MiniHSM [1], MiniHSM for nShield Edge [2] and MiniHSM for Time Stamp Master Clock [3]", "Module Type": "Hardware", "Validation Date": "06/25/201208/16/201310/25/201310/28/201501/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1739.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1739", "detail_available": true, "module_name": "MiniHSM [1], MiniHSM for nShield Edge [2] and MiniHSM for Time Stamp Master Clock [3]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The MiniHSM, MiniHSM for nShield Edge and MiniHSM for Time Stamp Master Clock are fully featured HSMs supplied in a single chip package. The MiniHSM Modules offer all the security and key management features of other nShield modules - but with reduced processing speed. The MiniHSM modules are OEM parts and will be included within other appliances or products, for example switches or routers. The MiniHSM modules have a real time clock which also makes them suitable for use as a time-stamping engine." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1738", "Certificate Number": "1738", "Vendor Name": "nCipher Security Limited", "Module Name": "nToken", "Module Type": "Hardware", "Validation Date": "06/25/201211/24/201501/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1738.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1738", "detail_available": true, "module_name": "nToken", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nToken Hardware Security Module improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1737", "Certificate Number": "1737", "Vendor Name": "nCipher Security Limited", "Module Name": "nShield F2 4000 [1], nShield F2 2000 [2] and nShield F2 500 [3]", "Module Type": "Hardware", "Validation Date": "06/25/201203/08/201308/16/201311/16/201501/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1737.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1737", "detail_available": true, "module_name": "nShield F2 4000 [1], nShield F2 2000 [2] and nShield F2 500 [3]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nShield modules: nShield F2 4000, nShield F2 2000, and nShield F2 500 family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1736", "Certificate Number": "1736", "Vendor Name": "Blue Coat® Systems, Inc.", "Module Name": "ProxySG 600-10 [1], 600-20 [2] and 600-35 [3]", "Module Type": "Hardware", "Validation Date": "06/21/201207/24/201208/07/201201/04/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1736.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1736", "detail_available": true, "module_name": "ProxySG 600-10 [1], 600-20 [2] and 600-35 [3]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and opacity baffles installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The foundation of Blue Coat's application delivery infrastructure, Blue Coat ProxySG appliances establish points of control that accelerate and secure business applications for users across the distributed organization. Blue Coat appliances serve as an Internet proxy and wide area network (WAN) optimizer. The purpose of the appliances is to provide a layer of security between an Internal and External Network (typically an office network and the Internet) and to provide acceleration and compression of transmitted data. ProxySG 600 is one of several appliance lines offered by Blue Coat", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1735", "Certificate Number": "1735", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® z/VM® Version 6 Release 1 System SSL Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "06/25/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1735.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1735", "detail_available": true, "module_name": "IBM® z/VM® Version 6 Release 1 System SSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "z/VM System SSL provides cryptographic functions which allows z/VM to protect data using the SSL/TLS protocols. z/VM System SSL also enables administrators to create and manage X.509 V3 certificates and keys within key database files." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1734", "Certificate Number": "1734", "Vendor Name": "Kingston Technology Company, Inc.", "Module Name": "IronKey S250/D250", "Module Type": "Hardware", "Validation Date": "06/21/201203/08/201605/26/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1734.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1734", "detail_available": true, "module_name": "IronKey S250/D250", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "Files distributed with the module mounted within the internal CD Drive are excluded from validation", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The IronKey S250/D250 Secure Flash Drives include a high-speed hardware-based 256 Bit AES cryptography engine for encrypting and decrypting NAND flash and RAM buffers via USB. It also includes RSA, HMAC, SHA, and DRBG algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1733", "Certificate Number": "1733", "Vendor Name": "nCipher Security Limited", "Module Name": "nShield F3 6000e [1], nShield F3 1500e [2], nShield F3 500e [3], nShield F3 10e [4], nShield F3 6000e for nShield Connect [5], nShield F3 1500e for nShield Connect [6] and nShield F3 500e for nShield Connect [7]", "Module Type": "Hardware", "Validation Date": "06/20/201203/08/201308/16/201311/16/201501/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1733.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1733", "detail_available": true, "module_name": "nShield F3 6000e [1], nShield F3 1500e [2], nShield F3 500e [3], nShield F3 10e [4], nShield F3 6000e for nShield Connect [5], nShield F3 1500e for nShield Connect [6] and nShield F3 500e for nShield Connect [7]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nShield modules: nShield F3 6000e, nShield F3 1500e, nShield F3 500e, nShield F3 10e, nShield F3 6000e for nShield Connect, nShield F3 1500e for nShield Connect and nShield F3 500e for nShield Connect family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1732", "Certificate Number": "1732", "Vendor Name": "Symantec Corporation", "Module Name": "Symantec Enterprise Vault Cryptographic Module", "Module Type": "Software", "Validation Date": "06/20/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1732.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1732", "detail_available": true, "module_name": "Symantec Enterprise Vault Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Windows Server 2003 Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #1012 operating in FIPS mode or Windows Server 2008 R2 Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #1337 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Symantec Enterprise Vault Cryptographic Module is a multi-chip standalone physical embodiment. The module consists of a DLL which interfaces with the Microsoft Cryptographic API to provide the required cryptographic functionality. The Enterprise Vault Cryptographic Module may be used for encryption/decryption of Enterprise Vault passwords, hashing of indexes, and random number generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1731", "Certificate Number": "1731", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "SSG 320M and SSG 350M", "Module Type": "Hardware", "Validation Date": "06/12/201207/24/201212/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1731.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1731", "detail_available": true, "module_name": "SSG 320M and SSG 350M", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Juniper Networks integrated security devices are purpose-built to perform essential networking security functions designed on top of robust networking and security real-time operating systems, ScreenOS. These are high-performance platforms that deliver integrated security and LAN/WAN routing across high-density LAN/WAN interfaces, Juniper Networks integrated security devices address the needs of small to medium sized locations, large distributed enterprises, and service providers as well as large and co-located datacenters." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1730", "Certificate Number": "1730", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SSG 520M and SSG 550M", "Module Type": "Hardware", "Validation Date": "06/12/201207/24/201212/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1730.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1730", "detail_available": true, "module_name": "Juniper Networks SSG 520M and SSG 550M", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Juniper Networks integrated security devices are purpose-built to perform essential networking security functions designed on top of robust networking and security real-time operating systems, ScreenOS. These are high-performance platforms that deliver integrated security and LAN/WAN routing across high-density LAN/WAN interfaces, Juniper Networks integrated security devices address the needs of small to medium sized locations, large distributed enterprises, and service providers as well as large and co-located datacenters." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1729", "Certificate Number": "1729", "Vendor Name": "Certicom Corp.", "Module Name": "Security Builder® FIPS Module", "Module Type": "Software", "Validation Date": "06/08/201210/31/201412/31/201405/08/201512/03/201503/15/201605/25/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1729.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1729", "detail_available": true, "module_name": "Security Builder® FIPS Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Security Builder® FIPS Module is a standards-based cryptographic toolkit that supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into both mobile and server-based applications. The Security Builder FIPS Module is part of the Certicom Security Architecture, a comprehensive cross-platform security solution which supports multiple cryptographic software and hardware providers with a single common API." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1728", "Certificate Number": "1728", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with Wireless Services Modules-2 (WiSM2)", "Module Type": "Hardware", "Validation Date": "06/01/201206/21/201203/13/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1728.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1728", "detail_available": true, "module_name": "Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with Wireless Services Modules-2 (WiSM2)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and physical security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with WiSM WLAN Controller deliver centralized control and high capacity for medium to large-scale Enterprise wireless LAN networks. In FIPS 140-2 mode of operation, the Cisco WiSM2 Controller supports the IEEE 802.11i & 802.1x standards, IETF CAPWAP standard and supports a Secure Wireless Architecture with certified WiFi Alliance WPA-2 security. The Cisco WiSM2 Controller supports voice, video and data services along with Cisco Clean Air technology, IPv6 mobility, intrusion protection and intelligent radio resource management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1727", "Certificate Number": "1727", "Vendor Name": "Aruba Networks, Inc.", "Module Name": "Aruba 620, 650 and Dell W-620, W-650 Controllers with ArubaOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "07/24/201201/24/201307/26/201301/23/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1727.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1727", "detail_available": true, "module_name": "Aruba 620, 650 and Dell W-620, W-650 Controllers with ArubaOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba Networks' Mobility Controller system completely changes how 802.11 networks are deployed, secured, and managed. The only mobile security system with an integrated ICSA-certified stateful firewall and hardware-based encryption, the Aruba mobility controller is the industry's highest performing and most scalable enterprise mobility platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1726", "Certificate Number": "1726", "Vendor Name": "Voltage Security, Inc.", "Module Name": "Voltage IBE Cryptographic Module for z/OS", "Module Type": "Software-Hybrid", "Validation Date": "05/31/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1726.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1726", "detail_available": true, "module_name": "Voltage IBE Cryptographic Module for z/OS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "The Voltage IBE Cryptographic Module for z/OS Version 4.0 is a FIPS 140-2 Level 1 compliant software-hybrid module that provides encrypt/decrypt and cryptographic signature services for Internet Protocol (IP) traffic." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1725", "Certificate Number": "1725", "Vendor Name": "Francotyp-Postalia GmbH", "Module Name": "Postal mRevenector DE 2011", "Module Type": "Hardware", "Validation Date": "05/29/201201/22/201303/13/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1725.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1725", "detail_available": true, "module_name": "Postal mRevenector DE 2011", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Francotyp-Postalia Postal mRevenector DE 2011 employs strong encryption, decryption, and digital signature techniques for the protection of customer revenues in Francotyp-Postalia's mail handlers. The Postal mRevenector DE 2011 has been designed in compliance with the Deutsche Post (DPAG), FRANKIT Specification." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1724", "Certificate Number": "1724", "Vendor Name": "Hughes Network Systems, LLC", "Module Name": "Hughes SPACEWAY Crypto Kernel", "Module Type": "Firmware", "Validation Date": "05/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1724.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1724", "detail_available": true, "module_name": "Hughes SPACEWAY Crypto Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The HSCK v1.0 is a firmware library that provides cryptographic functionality for securing communications over the Hughes SPACEWAY Satellite communication systems. SPACEWAY enables a full-mesh digital network that interconnects with a wide range of end-user equipment and systems.", "algorithms": [ "AES", "DRBG", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1723", "Certificate Number": "1723", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "SSG 140", "Module Type": "Hardware", "Validation Date": "05/23/201207/24/201212/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1723.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1723", "detail_available": true, "module_name": "SSG 140", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Juniper Networks integrated security devices are purpose-built to perform essential networking security functions designed on top of robust networking and security real-time operating systems, ScreenOS. These are high-performance platforms that deliver integrated security and LAN/WAN routing across high-density LAN/WAN interfaces, Juniper Networks integrated security devices address the needs of small to medium sized locations, large distributed enterprises, and service providers as well as large and co-located datacenters." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1722", "Certificate Number": "1722", "Vendor Name": "Francotyp-Postalia GmbH", "Module Name": "Postal mRevenector US 2011", "Module Type": "Hardware", "Validation Date": "05/23/201201/22/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1722.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1722", "detail_available": true, "module_name": "Postal mRevenector US 2011", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Francotyp-Postalia Postal mRevenector US 2011 employs strong encryption, decryption, and digital signature techniques for the protection of customer revenues in Francotyp-Postalia's mail handlers. The Postal mRevenector US 2011 has been designed in compliance with the United States Postal Services (USPS), Information-Based Indicia Program (IBIP)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1721", "Certificate Number": "1721", "Vendor Name": "Vormetric, Inc.", "Module Name": "Vormetric Encryption Expert Cryptographic Module", "Module Type": "Software", "Validation Date": "05/23/201206/05/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1721.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1721", "detail_available": true, "module_name": "Vormetric Encryption Expert Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Vormetric Encryption Expert Cryptographic Module is a loadable kernel module also known as \"SECFS\" (SECure File System). This module is a file system layer that enforces an access and encryption policy upon selected data on end-user systems. The policy specifies a key to be used when writing data to disk and while reading data from disk. This module contains the Vormetric Encryption Expert Cryptographic Library, which provides all cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1720", "Certificate Number": "1720", "Vendor Name": "Francotyp-Postalia GmbH", "Module Name": "mRevenector 2011", "Module Type": "Hardware", "Validation Date": "05/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1720.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1720", "detail_available": true, "module_name": "mRevenector 2011", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "mRevenector2011 is an embedded security device that can enhance the security of various kinds of appliances and computerized devices. The hardware of the mRevenector2011 is designed to protect critical security parameters as well as application specific revenues. Its firmware enables hosting systems to load or update signed application specific firmware." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1719", "Certificate Number": "1719", "Vendor Name": "Green Hills Software", "Module Name": "INTEGRITY Security Services High Assurance Embedded Cryptographic Toolkit", "Module Type": "Software", "Validation Date": "05/22/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1719.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1719", "detail_available": true, "module_name": "INTEGRITY Security Services High Assurance Embedded Cryptographic Toolkit", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Green Hills Software, Integrity Security Services (ISS) High Assurance Embedded Cryptographic Toolkit (HA-ECT) is a standards-based, flexible cryptographic toolkit providing developers with a software framework to integrate encryption, digital signatures and other security mechanisms into a wide range of applications. The ISS HA-ECT FIPS Module is designed to support multiple cryptographic software and hardware providers with a single common API, easily targeted to a variety operating systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1718", "Certificate Number": "1718", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks LN1000 Mobile Secure Router", "Module Type": "Hardware", "Validation Date": "05/07/201212/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1718.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1718", "detail_available": true, "module_name": "Juniper Networks LN1000 Mobile Secure Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Juniper Networks LN1000 Mobile Secure Router is an edge access router that delivers a high-performance routing firewall and intrusion detection service (IDS). The LN1000 addresses the growing demand for a network access presence in military, first responder and transportation vehicles, mining and exploration equipment, unmanned aircraft, and power grids." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1717", "Certificate Number": "1717", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 6506-E [1], Catalyst 6509-E [2] and Catalyst 6513-E [3] Switches with Supervisor Cards (VS-S2T-10G or VS-S2T-10G-XL) and Line Cards (WS-X6908-10G or WS-X6908-10G-2TXL)", "Module Type": "Hardware", "Validation Date": "05/03/201212/21/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1717.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1717", "detail_available": true, "module_name": "Cisco Catalyst 6506-E [1], Catalyst 6509-E [2] and Catalyst 6513-E [3] Switches with Supervisor Cards (VS-S2T-10G or VS-S2T-10G-XL) and Line Cards (WS-X6908-10G or WS-X6908-10G-2TXL)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and when tamper evident labels and security devices are installed on the initially built configuration as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Catalyst 6500 series switches offer versatility, integration, and security to branch offices. With numerous network modules and service modules available, the modular architecture of the Cisco switches easily allows interfaces to be upgraded to accommodate network expansion. The Catalyst 6500 series switches provide a scalable, secure, manageable remote access server that meets FIPS 140-2 Level 2 requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1716", "Certificate Number": "1716", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "05/02/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1716.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1716", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1715", "Certificate Number": "1715", "Vendor Name": "Hewlett-Packard Development Company, L.P.", "Module Name": "HP MSM430 Dual Radio 802.11N TAA AP [1], HP MSM430 Dual Radio 802.11N AP (WW) [2], HP MSM430 Dual Radio 802.11N AP (JP) [3], HP MSM460 Dual Radio 802.11N TAA AP [4], HP MSM460 Dual Radio 802.11N AP (WW) [5], HP MSM460 Dual Radio 802.11N AP (JP) [6], HP MSM466 Dual Radio 802.11N TAA AP [7], HP MSM466 Dual Radio 802.11N AP (WW) [8] and HP MSM466 Dual Radio 802.11N AP (JP) [9]", "Module Type": "Hardware", "Validation Date": "05/03/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1715.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1715", "detail_available": true, "module_name": "HP MSM430 Dual Radio 802.11N TAA AP [1], HP MSM430 Dual Radio 802.11N AP (WW) [2], HP MSM430 Dual Radio 802.11N AP (JP) [3], HP MSM460 Dual Radio 802.11N TAA AP [4], HP MSM460 Dual Radio 802.11N AP (WW) [5], HP MSM460 Dual Radio 802.11N AP (JP) [6], HP MSM466 Dual Radio 802.11N TAA AP [7], HP MSM466 Dual Radio 802.11N AP (WW) [8] and HP MSM466 Dual Radio 802.11N AP (JP) [9]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The MSM430, MSM460 and MSM466 Access Points allow wireless devices to connect to a wired network using Wi-Fi 802.11abgn." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1714", "Certificate Number": "1714", "Vendor Name": "Honeywell Scanning and Mobility (HSM) - USA", "Module Name": "Scanning and Mobility FIPS Module", "Module Type": "Firmware", "Validation Date": "07/11/201207/12/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1714.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1714", "detail_available": true, "module_name": "Scanning and Mobility FIPS Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The Honeywell Scanning and Mobility FIPS Module is a standards-based cryptographic toolkit that supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into both mobile and server-based applications. The Honeywell Scanning and Mobility FIPS Module is part of the Honeywell Security Architecture, a comprehensive cross-platform security solution which supports multiple cryptographic software and hardware providers with a single common API." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1713", "Certificate Number": "1713", "Vendor Name": "Research In Motion Ltd.", "Module Name": "BlackBerry Cryptographic Library", "Module Type": "Software", "Validation Date": "05/03/201201/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1713.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1713", "detail_available": true, "module_name": "BlackBerry Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-to-end solution. The BlackBerry® Cryptographic Library is a software module that provides cryptographic services to many BlackBerry® desktop products such as the BlackBerry® Enterprise Server, BlackBerry® Desktop Software, and many other BlackBerry® products.", "algorithms": [ "AES", "DES", "ECDSA", "HMAC", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1712", "Certificate Number": "1712", "Vendor Name": "Kanguru Solutions", "Module Name": "Kanguru Defender 2000", "Module Type": "Hardware", "Validation Date": "05/03/201212/21/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1712.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1712", "detail_available": true, "module_name": "Kanguru Defender 2000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Kanguru Defender 2000 is a 256-bit AES hardware encrypted USB flash drive. It is used to securely store sensitive data housed on the device." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1711", "Certificate Number": "1711", "Vendor Name": "Athena Smartcard Inc.", "Module Name": "IDProtect with LASER PKI", "Module Type": "Hardware", "Validation Date": "04/30/201204/12/201305/28/201403/07/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1711.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1711", "detail_available": true, "module_name": "IDProtect with LASER PKI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "IDProtect is a Cryptographic Module based on the Athena OS755 Java Card smart card operating system with 72KB of EEPROM. IDProtect is compliant with the latest Java Card 2.2.2 and GlobalPlatform 2.1.1 specifications and is validated to FIPS 140-2 Level 3. IDProtect supports FIPS approved DRBG, SHA-1 and all SHA-2, TDES, AES, RSA, ECDSA and ECC CDC, and RSA and ECC key generation. IDProtect exposes PKI and Biometric APIs and is designed for high-performance government and enterprise smart card applications.", "algorithms": [ "DRBG", "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1710", "Certificate Number": "1710", "Vendor Name": "Red Hat®, Inc.", "Module Name": "NSS Freebl Cryptographic Module", "Module Type": "Software", "Validation Date": "04/30/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1710.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1710", "detail_available": true, "module_name": "NSS Freebl Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The NSS Freebl cryptographic module is an open-source, general-purpose cryptographic hash library. It is available for free under the Mozilla Public License, the GNU General Public License, and the GNU Lesser General Public License. The NSS Freebl cryptographic module is jointly developed by Red Hat and Oracle engineers and is used in the GNU glibc library. For more information, see http://www.mozilla.org/projects/security/pki/nss/" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1709", "Certificate Number": "1709", "Vendor Name": "Hewlett-Packard TippingPoint", "Module Name": "HP TippingPoint Intrusion Prevention System", "Module Type": "Hardware", "Validation Date": "04/27/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1709.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1709", "detail_available": true, "module_name": "HP TippingPoint Intrusion Prevention System", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Inserted transparently into the network, the HP TippingPoint Intrusion Prevention System (IPS) is an in-line security device that performs high-performance, deep packet inspection to protect customer networks from attack. The IPS blocks malicious and unwanted traffic, while allowing good traffic to pass unimpeded. In fact, the IPS optimizes the performance of good traffic by continually cleansing the network and prioritizing applications that are mission critical." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1708", "Certificate Number": "1708", "Vendor Name": "nCipher Security Limited", "Module Name": "nShield F3 4000 [1], nShield F3 2000 [2], nShield F3 2000 for NetHSM [3], nShield F3 500 [4] and nShield F3 500 for NetHSM [5]", "Module Type": "Hardware", "Validation Date": "04/27/201203/08/201308/16/201311/16/201501/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1708.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1708", "detail_available": true, "module_name": "nShield F3 4000 [1], nShield F3 2000 [2], nShield F3 2000 for NetHSM [3], nShield F3 500 [4] and nShield F3 500 for NetHSM [5]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nShield modules: nCipher 4000, nShield 2000, nShield 2000 for NetHSM, nShield 500, and nShield 500 for NetHSM family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1707", "Certificate Number": "1707", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiMail-3000C", "Module Type": "Hardware", "Validation Date": "04/12/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1707.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1707", "detail_available": true, "module_name": "FortiMail-3000C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FortiMail family of messaging security appliances provide an effective barrier against the ever-rising volume of spam, maximum protection against sophisticated message based attacks, and features designed to facilitate regulatory compliance. FortiMail appliances offer both inbound and outbound scanning, advanced antispam and antivirus filtering capabilities, IP address black/white listing functionality, and extensive quarantine and archiving capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1706", "Certificate Number": "1706", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiMail™ OS", "Module Type": "Firmware", "Validation Date": "04/12/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1706.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1706", "detail_available": true, "module_name": "FortiMail™ OS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "FortiMail OS is a firmware based operating system that runs exclusively on Fortinet’s FortiMail product family (PC-based, purpose built appliances). FortiMail offers both inbound and outbound scanning, advanced antispam and antivirus filtering capabilities, IP address black/white listing functionality, and extensive quarantine and archiving capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1705", "Certificate Number": "1705", "Vendor Name": "nCipher Security Limited", "Module Name": "nShield F3 500 PCI [1], nShield F3 500 for NetHSM [2] and nShield F3 10 PCI [3]", "Module Type": "Hardware", "Validation Date": "04/12/201203/08/201308/09/201311/16/201501/29/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1705.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1705", "detail_available": true, "module_name": "nShield F3 500 PCI [1], nShield F3 500 for NetHSM [2] and nShield F3 10 PCI [3]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nShield modules: nShield F3 500, F3 500 for NetHSM, & nShield F3 10 family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1704", "Certificate Number": "1704", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SRX650 Services Gateways", "Module Type": "Hardware", "Validation Date": "04/05/201212/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1704.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1704", "detail_available": true, "module_name": "Juniper Networks SRX650 Services Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "SRX650 Services Gateways are secure routers that provide essential capabilities that connect, secure, and manage work force locations sized from handfuls to hundreds of users. By consolidating fast, highly available switching, routing, security, and applications capabilities in a single device, enterprises can economically deliver new services, safe connectivity, and a satisfying end user experience. All SRX Series Services Gateways, including products scaled for the branch, campus and data center applications, are powered by Juniper Networks JUNOS the proven" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1703", "Certificate Number": "1703", "Vendor Name": "S&C Electric Company", "Module Name": "IntelliCom WAN 1720", "Module Type": "Hardware", "Validation Date": "04/03/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1703.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1703", "detail_available": true, "module_name": "IntelliCom WAN 1720", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "IntelliCom™ WAN Mesh Node, a wireless high-speed wide-area networking router that combines ultra-high throughput - up to 400 Mbps - with extremely low latencies of less than one millisecond. IntelliCom WAN Mesh Node features 802.11n mesh radio latencies of less than one millisecond. IntelliCom WAN Mesh Node features 802.11n mesh radio unlicensed bands as well as the 4.9-GHz municipal licensed band. This network architecture is selfforming and self-healing; communication is not inhibited by the loss of any single node." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1702", "Certificate Number": "1702", "Vendor Name": "Entrust, Inc.", "Module Name": "Entrust Authority™ Security Kernel", "Module Type": "Software", "Validation Date": "04/12/201210/18/201305/28/201401/08/201608/29/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1702.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1702", "detail_available": true, "module_name": "Entrust Authority™ Security Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "By managing the full lifecycles of digital certificate-based identities, Entrust Authority PKI enables encryption, digital signature and certificate authentication capabilities to be consistently and transparently applied across a broad range of applications and platforms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1701", "Certificate Number": "1701", "Vendor Name": "Apple Inc.", "Module Name": "Apple FIPS Cryptographic Module", "Module Type": "Software", "Validation Date": "03/30/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1701.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1701", "detail_available": true, "module_name": "Apple FIPS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Apple's OS X Lion (v10.7) security services are now built on a newer 'Next Generation Cryptography' platform and does not use the CDSA/CSP module previously validated. Apple is re-validating the same CDSA/CSP module under OS X Lion to provide validation solely for third-party applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1700", "Certificate Number": "1700", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 881W and Cisco 881GW Integrated Services Routers (ISRs)", "Module Type": "Hardware", "Validation Date": "03/28/201204/02/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1700.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1700", "detail_available": true, "module_name": "Cisco 881W and Cisco 881GW Integrated Services Routers (ISRs)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 881W and Cisco 881GW Integrated Services Routers (ISR) provide connectivity and security services in a single, secure device. These routers offer broadband speeds and simplified management to small businesses, and enterprise small branch and teleworkers. The module is also a wireless access point that provide secure wireless access to clients." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1699", "Certificate Number": "1699", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee EMM Cryptographic Module", "Module Type": "Software", "Validation Date": "03/28/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1699.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1699", "detail_available": true, "module_name": "McAfee EMM Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated with module Windows Server 2008 R2 Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #1337 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The McAfee EMM Cryptographic Module provides cryptographic operations for McAfee Enterprise Mobility Manager, an enterprise class security solution which provides centralized mobile device management, provisioning, security, support, and auditing." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1698", "Certificate Number": "1698", "Vendor Name": "Hitachi Solutions, Ltd.", "Module Name": "HIBUN Cryptographic Module for Pre-boot", "Module Type": "Software", "Validation Date": "03/28/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1698.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1698", "detail_available": true, "module_name": "HIBUN Cryptographic Module for Pre-boot", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "HIBUN Cryptographic Module for Pre-boot is the cryptographic library module which operates on the Pre-boot environment." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1697", "Certificate Number": "1697", "Vendor Name": "Hitachi Solutions, Ltd.", "Module Name": "HIBUN Cryptographic Module for Kernel-Mode", "Module Type": "Software", "Validation Date": "03/28/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1697.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1697", "detail_available": true, "module_name": "HIBUN Cryptographic Module for Kernel-Mode", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "HIBUN Cryptographic Module for Kernel-Mode is the cryptographic library module which operates on the Windows Kernel-Mode. Full listing of testing configuration: Windows XP Professional; Windows Vista Ultimate; Windows 7 Ultimate; Windows 7 Ultimate 64bit (single-user mode)" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1696", "Certificate Number": "1696", "Vendor Name": "Hitachi Solutions, Ltd.", "Module Name": "HIBUN Cryptographic Module for User-Mode", "Module Type": "Software", "Validation Date": "03/28/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1696.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1696", "detail_available": true, "module_name": "HIBUN Cryptographic Module for User-Mode", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "HIBUN Cryptographic Module for User-Mode is the cryptographic library module which operates on the Windows User-Mode and Linux User-Mode. Full testing configuration: Windows XP Professional; Windows Vista Ultimate; Windows 7 Ultimate; Windows 7 Ultimate 64bit; Linux Kernel 2.6 (Fedora 12) (single-user mode)" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1695", "Certificate Number": "1695", "Vendor Name": "NEC Corporation", "Module Name": "iPASOLINK MODEM AES Card", "Module Type": "Hardware", "Validation Date": "05/18/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1695.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1695", "detail_available": true, "module_name": "iPASOLINK MODEM AES Card", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "iPASOLINK is NEC's most advanced and comprehensive optical and radio converged transport product family, in which iPASOLINK MODEM AES Card is implemented as a cryptographic module. The module provides encryption/decryption services by AES-CTR." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1694", "Certificate Number": "1694", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI-e Cryptographic Module", "Module Type": "Hardware", "Validation Date": "03/30/201209/27/201201/10/201706/23/201706/23/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1694.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1694", "detail_available": true, "module_name": "Luna® PCI-e Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Luna PCI-e cryptographic module is a multi-chip embedded hardware cryptographic module in the form of a PCI-Express card that typically resides within a custom computing or secure communications appliance. The cryptographic module is contained in its own secure enclosure that provides physical resistance to tampering. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI-e card.", "algorithms": [ "AES", "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1693", "Certificate Number": "1693", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI-e Cryptographic Module", "Module Type": "Hardware", "Validation Date": "03/28/201209/27/201201/10/201706/23/201706/23/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1693.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1693", "detail_available": true, "module_name": "Luna® PCI-e Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Luna PCI-e cryptographic module is a multi-chip embedded hardware cryptographic module in the form of a PCI-Express card that typically resides within a custom computing or secure communications appliance. The cryptographic module is contained in its own secure enclosure that provides physical resistance to tampering. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI-e card.", "algorithms": [ "AES", "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1692", "Certificate Number": "1692", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® z/OS® Version 1 Release 13 System SSL Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "03/12/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1692.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1692", "detail_available": true, "module_name": "IBM® z/OS® Version 1 Release 13 System SSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "System SSL is a set of generic services provided in z/OS to protect TCP/IP communications using the SSL/TLS protocol. System SSL is exploited by many SSL enabled servers and clients in z/OS to meet the transport security constraints required in an On Demand environment. The System SSL APIs are also externalized to customer applications. System SSL has evolved through the latest releases of z/OS to support the new TLS (Transaction Layer Security) standard, to reach an unmatched level of performance and to extend the APIs available to applications to new functions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1691", "Certificate Number": "1691", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "03/09/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1691.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1691", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1690", "Certificate Number": "1690", "Vendor Name": "Gemalto", "Module Name": "Protiva PIV v1.55 on TOP DL v2", "Module Type": "Hardware", "Validation Date": "03/09/201202/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1690.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1690", "detail_available": true, "module_name": "Protiva PIV v1.55 on TOP DL v2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with module TOP DL v2 validated to FIPS 140-2 under Cert. #1450 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This module is based on a Java Card platform (TOP DL V2) with 128K EEPROM memory and the Protiva PIV Applet loaded on the Java Card platform. The Cryptographic Module provides dual interfaces (i.e. contact and contact-less) where the same security level is achieved." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1689", "Certificate Number": "1689", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Unified IP Phone 7906G, 7911G, 7931G, 7941G, 7942G, 7945G, 7961G, 7961GE, 7962G, 7965G, 7970G, 7971G, 7971GE and 7975G", "Module Type": "Hardware", "Validation Date": "03/09/201212/31/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1689.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1689", "detail_available": true, "module_name": "Cisco Unified IP Phone 7906G, 7911G, 7931G, 7941G, 7942G, 7945G, 7961G, 7961GE, 7962G, 7965G, 7970G, 7971G, 7971GE and 7975G", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Unified IP Phones 7900 Series deliver cost-effective, full-featured voice communication services in a clutter-free and earth-friendly, ergonomic design." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1688", "Certificate Number": "1688", "Vendor Name": "Seagate Technology LLC", "Module Name": "Momentus® FDE Attached Storage Drives FIPS 140 Module", "Module Type": "Hardware", "Validation Date": "03/09/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1688.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1688", "detail_available": true, "module_name": "Momentus® FDE Attached Storage Drives FIPS 140 Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. Files distributed with the module mounted within the CD Drive are excluded from the validation.", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Momentus® Attached Storage FDE Drives, FIPS 140 Modules are FIPS 140-2 Level 2 modules which provide full disk encryption with user authentication These products are designed to prevent data breaches due to loss or theft on the road, in the office. The cryptographic module provides a wide range of cryptographic services using FIPS approved algorithms in DriveTrust Security Mode. Services include hardware-based data encryption, instantaneous user data disposal with cryptographic erase, and authenticated FW download." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1687", "Certificate Number": "1687", "Vendor Name": "Mitsubishi Space Software Co., Ltd.", "Module Name": "Command Encryption Module", "Module Type": "Firmware", "Validation Date": "03/30/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1687.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1687", "detail_available": true, "module_name": "Command Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the Operational Environment configuration specified on the reverse with the Firewall configured per Section 11 in the Security Policy", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "Command Encryption Module is a firmware module designed to perform Triple DES CFB mode encryption functions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1686", "Certificate Number": "1686", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Endpoint Encryption Client Windows Cryptographic Module 1.0 [1] and McAfee Endpoint Encryption Client Preboot Cryptographic Module 1.0 [2]", "Module Type": "Software", "Validation Date": "03/09/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1686.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1686", "detail_available": true, "module_name": "McAfee Endpoint Encryption Client Windows Cryptographic Module 1.0 [1] and McAfee Endpoint Encryption Client Preboot Cryptographic Module 1.0 [2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1685", "Certificate Number": "1685", "Vendor Name": "ZyFLEX Technologies Incorporation", "Module Name": "ZyFLEX Crypto Module ZCM-100", "Module Type": "Hardware", "Validation Date": "03/09/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1685.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1685", "detail_available": true, "module_name": "ZyFLEX Crypto Module ZCM-100", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "ZyFLEX Crypto Module ZCM-100 is a hardware multichip embedded module that targets high speed data link layer (OSI layer 2) secure data transmission applications in an IP-based network. ZCM-100 implements AES-256 encryption/decryption algorithms and other Approved security functions by using both hardware FPGA circuitry and a 32-bit microcontroller. Its miniaturized size and low power consumption features make ZCM-100 suitably fit in a portable wireless communication device such as a handheld radio." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1684", "Certificate Number": "1684", "Vendor Name": "Symantec Corporation", "Module Name": "PGP Cryptographic Engine", "Module Type": "Software", "Validation Date": "02/24/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1684.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1684", "detail_available": true, "module_name": "PGP Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The PGP Cryptographic Engine includes a wide range of field-tested and standards-based encryption, and encoding algorithms used by PGP Whole Disk Encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1683", "Certificate Number": "1683", "Vendor Name": "UTC Fire & Security Americas Corporation, Inc.", "Module Name": "Lenel OnGuard Communication Server", "Module Type": "Software", "Validation Date": "02/15/201208/14/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1683.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1683", "detail_available": true, "module_name": "Lenel OnGuard Communication Server", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with [(Windows 7 Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #1330 operating in FIPS mode) or (Windows Server 2008 R2 Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #1337 operating in FIPS mode)]", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Lenel OnGuard Communication Server module's primary purpose is to provide secure communications with external access control devices. The module is part of the Lenel's advanced access control and alarm monitoring system. The Lenel advanced access control and alarm monitoring system is built on an open architecture platform, offers unlimited scalability, database segmentation, fault tolerance, and biometrics and smart card support. The Lenel advanced access control and alarm monitoring system is fully customizable, and can be seamlessly integrated into the OnGuard total security solution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1682", "Certificate Number": "1682", "Vendor Name": "Voltage Security, Inc.", "Module Name": "Voltage IBE Cryptographic Module", "Module Type": "Software", "Validation Date": "02/14/201202/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1682.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1682", "detail_available": true, "module_name": "Voltage IBE Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Voltage IBE Cryptographic Module implements the following algorithms: DSA; TDES; AES (ECB, CBC, CFB, OFB, FPE); DRNG; DRBG; SHS; HMAC; CMAC; RSA; DH; BF IBE; BB1 IBE; MD; DES" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1681", "Certificate Number": "1681", "Vendor Name": "Symantec Corporation", "Module Name": "PGP Software Developer's Kit (SDK) Cryptographic Module", "Module Type": "Software", "Validation Date": "02/28/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1681.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1681", "detail_available": true, "module_name": "PGP Software Developer's Kit (SDK) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The PGP Software Developer's Kit (SDK) Cryptographic Module is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for PGP products including: PGP Whole Disk Encryption, PGP NetShare, PGP Command Line, PGP Universal, and PGP Desktop. It includes a wide range of field-tested and standards-based encryption, digital signature, and encoding algorithms as well as a variety of secure network protocol implementations. The PGP SDK offers developers this same cryptographic library that is at the heart of PGP products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1680", "Certificate Number": "1680", "Vendor Name": "Absolute Software Corporation", "Module Name": "Absolute Encryption Engine", "Module Type": "Software", "Validation Date": "02/14/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1680.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1680", "detail_available": true, "module_name": "Absolute Encryption Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Absolute Software Corporation provides security products for the central management of all IT assets. The Absolute Encryption Engine is a dynamic-linked library (DLL) defined as the encryption module on the client and server callable by applications via an Application Programming Interface (API). The module is currently used by the Absolute Computrace product." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1679", "Certificate Number": "1679", "Vendor Name": "Senetas Corporation Ltd.", "Module Name": "CN1000 Fibre Channel Encryptor", "Module Type": "Hardware", "Validation Date": "02/14/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1679.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1679", "detail_available": true, "module_name": "CN1000 Fibre Channel Encryptor", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The CN1000 Fibre Channel Encryptor is a high-speed, standards based, encryptor specifically designed to secure data transmitted over Fibre Channel point-to-point networks at line rates up to 4.25Gb/s. Data privacy is provided by FIPS approved AES algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1678", "Certificate Number": "1678", "Vendor Name": "Giesecke & Devrient", "Module Name": "StarSign Crypto USB Token powered by Sm@rtCafé Expert 6.0", "Module Type": "Hardware", "Validation Date": "02/09/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1678.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1678", "detail_available": true, "module_name": "StarSign Crypto USB Token powered by Sm@rtCafé Expert 6.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Giesecke & Devrient (G&D) Smart Card Chip Operating System Sm@rtCafT Expert 6.0 is a Java Card 3 and Global Platform v2.1.1 compliant smart card module supporting both contact and contactless interfaces. It also supports, at a minimum, RSA up to 2048 bits(RSA and RSA-CRT) with on-card key generation, Hash algorithms(including SHA256), AES(up to 256 bits), ECDSA, and Triple-DES. The Sm@rtCafT Expert 6.0 is suitable for government and corporate identification, payment and banking, health care, and Web applications.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1677", "Certificate Number": "1677", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Endpoint Encryption Disk Driver Cryptographic Module 1.0", "Module Type": "Software", "Validation Date": "02/09/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1677.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1677", "detail_available": true, "module_name": "McAfee Endpoint Encryption Disk Driver Cryptographic Module 1.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1676", "Certificate Number": "1676", "Vendor Name": "Symantec Corporation", "Module Name": "Symantec Java Cryptographic Module Version 1.1", "Module Type": "Software", "Validation Date": "03/09/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1676.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1676", "detail_available": true, "module_name": "Symantec Java Cryptographic Module Version 1.1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module RSA BSAFE® Crypto-J Software Module validated to FIPS 140-2 under Cert. #1291 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Symantec Java Cryptographic Module Version 1.1 provides a comprehensive set of cryptographic services for Symantec products including, but not limited to, the Symantec Data Loss Prevention Suite.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1675", "Certificate Number": "1675", "Vendor Name": "Uplogix, Inc.", "Module Name": "Uplogix 430 [1] and 3200 [2]", "Module Type": "Hardware", "Validation Date": "02/06/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1675.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1675", "detail_available": true, "module_name": "Uplogix 430 [1] and 3200 [2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Uplogix is a network independent management platform that locates with - and directly connects to - managed devices. Standing alone or augmenting existing centralized management tools, Uplogix provides configuration, performance and security management actions that are best performed locally. Local Management reduces operational costs, speeds problem resolution, and improves security and compliance versus centralized-only management. Our local focus on network device automation enables the transition to more network sensitive cloud and virtual infrastructure technologies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1674", "Certificate Number": "1674", "Vendor Name": "Avaya, Inc.", "Module Name": "Secure Router 4134", "Module Type": "Hardware", "Validation Date": "02/06/201201/01/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1674.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1674", "detail_available": true, "module_name": "Secure Router 4134", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode, the tamper evident seals are installed as indicated in the Security Policy and with all interface card slots filled or covered", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Secure Router 4134 is a modular, multi-service branch router that combine IP routing, wide-area networking (WAN), voice/PSTN gateway and security services in a single platform. With advanced services - including IPv4/IPv6 routing, high-performance WAN, SIP survivable gateway, and IPSec VPN and firewall security - they are well-suited to address enterprise branch, regional and even headquarter WAN routing needs.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1673", "Certificate Number": "1673", "Vendor Name": "Avaya, Inc.", "Module Name": "Secure Router 2330", "Module Type": "Hardware", "Validation Date": "02/06/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1673.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1673", "detail_available": true, "module_name": "Secure Router 2330", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode, the tamper evident seals are installed as indicated in the Security Policy, with all interface card slots filled or covered", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Secure Router 2330 is a modular, multi-service branch router that combine IP routing, wide-area networking (WAN), voice/PSTN gateway and security services in a single platform. With advanced services - including IPv4/IPv6 routing, high-performance WAN, SIP survivable gateway, and IPSec VPN and firewall security - they are well-suited to address enterprise branch, regional and even headquarter WAN routing needs.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1672", "Certificate Number": "1672", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® z/OS® Version 1 Release 13 ICSF PKCS#11 Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "02/06/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1672.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1672", "detail_available": true, "module_name": "IBM® z/OS® Version 1 Release 13 ICSF PKCS#11 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "The ICSF PKCS #11 module consists of software-based cryptographic algorithms, as well as symmetric and hashing algorithms provided by the CP Assist for Cryptographic Function (CPACF) and RSA Hardware clear key modular math cryptography provided through the Crypto Express3 card (CEX3A). The RSA hardware support is accessed through auxiliary module CSFINPVT which acts as a pipe between ICSF PKCS #11 and the cryptographic cards." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1671", "Certificate Number": "1671", "Vendor Name": "Sensage, Inc.", "Module Name": "CryptoCore Module", "Module Type": "Software", "Validation Date": "02/06/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1671.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1671", "detail_available": true, "module_name": "CryptoCore Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Sensage’s purpose-built event data warehouse products enable users to easily collect and store large volumes of log and event data, while also providing an ability to query and perform analyses on the event data that are available. Their Private Encryption File System solution gives product administrators the ability to employ FIPS-validated encryption and decryption on stored data, providing protection of data-at-rest (log files, configuration files, and other stored data) within the product.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1670", "Certificate Number": "1670", "Vendor Name": "Dolby Laboratories, Inc.", "Module Name": "CAT862 Dolby JPEG 2000/MPEG-2 Media Block IDC", "Module Type": "Hardware", "Validation Date": "02/02/201202/09/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1670.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1670", "detail_available": true, "module_name": "CAT862 Dolby JPEG 2000/MPEG-2 Media Block IDC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The CAT862 Dolby JPEG2000/MPEG2 Media Block IDC performs all the cryptography, license management, and video decoding functions for the DSS200 Dolby Screen Server, which forms the nucleus of the Dolby Digital Cinema system. The system offers superb picture quality and outstanding reliability. It includes support for JPEG 2000 playback, as specified by DCI, and MPEG-2 for compatibility with alternative content such as preshow advertising. The system also meets DCI specifications for security, data rate, storage capacity, and redundancy." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1669", "Certificate Number": "1669", "Vendor Name": "Research In Motion Ltd.", "Module Name": "BlackBerry Cryptographic Kernel", "Module Type": "Firmware", "Validation Date": "01/19/201210/10/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1669.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1669", "detail_available": true, "module_name": "BlackBerry Cryptographic Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "BlackBerry is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry is a totally integrated package that includes hardware, software and service, providing a complete end-to-end solution. The BlackBerry Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1668", "Certificate Number": "1668", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Common Cryptographic Module (C3M)", "Module Type": "Software-Hybrid", "Validation Date": "01/19/201202/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1668.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1668", "detail_available": true, "module_name": "Cisco Common Cryptographic Module (C3M)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "The Cisco Common Cryptographic Module (C3M) is a software-hybrid that provides cryptographic services to a vast array of Cisco's networking and collaboration products. The module provides FIPS validated cryptographic algorithms for services such as sRTP, SSH, TLS, 802.1x etc. The module does not implement any of the protocols directly. Instead, it provides the cryptographic primitives and functions to allow a developer to implement various protocols.", "algorithms": [ "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1667", "Certificate Number": "1667", "Vendor Name": "Qube Cinema, Inc.", "Module Name": "Secure Media Block", "Module Type": "Hardware", "Validation Date": "01/11/201206/21/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1667.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1667", "detail_available": true, "module_name": "Secure Media Block", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Qube Secure Media Block is used in Digital Cinema applications, providing core functionality required to playback Digital Cinema Packages. The module performs essence decryption when processing encrypted content, it ensures link encryption downstream to a projector device, and it provides other features as to enable a fully capable Digital Cinema Server. Content owners and other stake holders rely upon the security features provided by the Qube Secure Media Block to protect their valuable content, and to perform secure logging of operations within a theatre auditorium." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1666", "Certificate Number": "1666", "Vendor Name": "Motorola Mobility, Inc.", "Module Name": "Motorola Mobility Cryptographic Suite B Module", "Module Type": "Software", "Validation Date": "01/25/201203/07/201203/14/201205/29/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1666.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1666", "detail_available": true, "module_name": "Motorola Mobility Cryptographic Suite B Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Motorola Mobility Cryptographic Suite B Module is used in Motorola Business Ready Android devices to encrypt sensitive application data. For details on Motorola Business Ready, see www.motorola.com/Business-Ready/US-EN/Home." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1665", "Certificate Number": "1665", "Vendor Name": "McAfee, Inc.", "Module Name": "Network Security Platform Sensor M-8000 S", "Module Type": "Hardware", "Validation Date": "01/10/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1665.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1665", "detail_available": true, "module_name": "Network Security Platform Sensor M-8000 S", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1664", "Certificate Number": "1664", "Vendor Name": "Certicom Corp.", "Module Name": "Security Builder® FIPS Module", "Module Type": "Firmware", "Validation Date": "01/10/201203/30/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1664.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1664", "detail_available": true, "module_name": "Security Builder® FIPS Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The Security Builder® FIPS Module is a standards-based cryptographic toolkit that supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into both mobile and server-based applications. The Security Builder FIPS Module is part of the Certicom Security Architecture, a comprehensive cross-platform security solution which supports multiple cryptographic software and hardware providers with a single common API." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1663", "Certificate Number": "1663", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "01/05/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1663.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1663", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1662", "Certificate Number": "1662", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise 4150F", "Module Type": "Hardware", "Validation Date": "12/29/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1662.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1662", "detail_available": true, "module_name": "McAfee Firewall Enterprise 4150F", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and opacity baffles installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1661", "Certificate Number": "1661", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise 2150F", "Module Type": "Hardware", "Validation Date": "12/29/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1661.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1661", "detail_available": true, "module_name": "McAfee Firewall Enterprise 2150F", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and opacity baffles installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1660", "Certificate Number": "1660", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise 1100F", "Module Type": "Hardware", "Validation Date": "12/29/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1660.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1660", "detail_available": true, "module_name": "McAfee Firewall Enterprise 1100F", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and opacity baffles installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee's Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1659", "Certificate Number": "1659", "Vendor Name": "A10 Networks, Inc.", "Module Name": "AX Series Advanced Traffic Manager AX2500, AX2600-GCF, AX3000-GCF, AX3000-11-GCF, AX5100, AX5200 and AX5200-11", "Module Type": "Hardware", "Validation Date": "12/29/201106/14/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1659.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1659", "detail_available": true, "module_name": "AX Series Advanced Traffic Manager AX2500, AX2600-GCF, AX3000-GCF, AX3000-11-GCF, AX5100, AX5200 and AX5200-11", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices. AX Series’ standard redundant components and high availability design ensure organizations non-stop service availability for all types of applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1658", "Certificate Number": "1658", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung SSD PM810 SED FIPS 140 Module", "Module Type": "Hardware", "Validation Date": "12/29/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1658.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1658", "detail_available": true, "module_name": "Samsung SSD PM810 SED FIPS 140 Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "SAMSUNG SSD PM810 SED FIPS 140 Module provides high-performance AES-256 cryptographic encryption and decryption of the data stored in NAND Flash via SATA interface. The PM810 encryption/decryption creates no degradation in performance compared to non-encrypted SSD. The PM810 supports both the ATA Security Feature Set and TCG Opal SSC. Security Functionalities include user authentication for access control via ISV TCG Opal support, user data encryption for data protection, and instantaneous sanitization of user drive data via cryptographic erase for repurposing or disposal." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1657", "Certificate Number": "1657", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 3560-X and 3750-X Switches", "Module Type": "Hardware", "Validation Date": "12/22/201102/23/201205/29/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1657.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1657", "detail_available": true, "module_name": "Cisco Catalyst 3560-X and 3750-X Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cisco Catalyst 3750-X and 3650-X Series Switches are enterprise-class stackable switches that provide high availability, scalability, security, energy efficiency, and ease of operation with innovative features such as Cisco StackPower, Power over Ethernet Plus (PoE+), optional network modules, redundant power supplies, and MAC security. The Catalyst 3750-X and 3650-X Series Switches meet FIPS 140-2 overall Level 2 requirements as multi-chip standalone modules. The switches include cryptographic algorithms implemented in IOS software as well as hardware ASICs. The module provides 802.1X-rev" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1656", "Certificate Number": "1656", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI Cryptographic Module for Luna® IS and RSS", "Module Type": "Hardware", "Validation Date": "12/22/201101/11/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1656.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1656", "detail_available": true, "module_name": "Luna® PCI Cryptographic Module for Luna® IS and RSS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Luna® PCI for Luna® IS offers hardware-based key management and cryptographic operations to protect sensitive keys. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI card.", "algorithms": [ "AES", "DES", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1655", "Certificate Number": "1655", "Vendor Name": "Concepteers, LLC", "Module Name": "Concepteers Teleconsole TCS6U4W", "Module Type": "Hardware", "Validation Date": "12/15/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1655.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1655", "detail_available": true, "module_name": "Concepteers Teleconsole TCS6U4W", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Teleconsole S6U4W is a small form factor network appliance providing Secure Remote Diagnostic Access (SRDA) to virtually any technology equipment (IT, Medical, Utilities (SCADA), Manufacturing, Retail (POS) and more). The unified, cross-platform solution is vendor independent and provides Authentication, Authorization, Access and Audit on a single platform to streamline access provisioning, security enforcement and user activity tracking for compliance.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1654", "Certificate Number": "1654", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade Mobility 7131N Dual-Radio 802.11n FIPS Access Point BR-AP7131N66040FGR and BR-AP7131N66040FWW", "Module Type": "Hardware", "Validation Date": "12/15/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1654.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1654", "detail_available": true, "module_name": "Brocade Mobility 7131N Dual-Radio 802.11n FIPS Access Point BR-AP7131N66040FGR and BR-AP7131N66040FWW", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Brocade Mobility 7131N Dual-radio 802.11n FIPS Access Point delivers the throughput, coverage and resiliency required to build an all-wireless enterprise. The design provides simultaneous support for high-speed wireless voice and data services, self-healing mesh networking and non-data applications such as Wireless IPS" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1653", "Certificate Number": "1653", "Vendor Name": "McAfee, Inc.", "Module Name": "Network Security Platform Sensor M-1250, M-1450, M-2750, M-2850, M-2950, M-3050, M-4050 and M-6050", "Module Type": "Hardware", "Validation Date": "12/15/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1653.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1653", "detail_available": true, "module_name": "Network Security Platform Sensor M-1250, M-1450, M-2750, M-2850, M-2950, M-3050, M-4050 and M-6050", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1652", "Certificate Number": "1652", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "SSG 5 and SSG 20", "Module Type": "Hardware", "Validation Date": "12/15/201107/24/201212/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1652.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1652", "detail_available": true, "module_name": "SSG 5 and SSG 20", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Juniper Networks integrated security devices are purpose-built to perform essential networking security functions designed on top of robust networking and security real-time operating systems, ScreenOS. These are high-performance platforms that deliver integrated security and LAN/WAN routing across high-density LAN/WAN interfaces, Juniper Networks integrated security devices address the needs of small to medium sized locations, large distributed enterprises, and service providers as well as large and co-located datacenters." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1651", "Certificate Number": "1651", "Vendor Name": "Nexgrid, LLC", "Module Name": "ecoNet smart grid gateways: ecoNet SL and ecoNet MSA", "Module Type": "Hardware", "Validation Date": "01/05/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1651.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1651", "detail_available": true, "module_name": "ecoNet smart grid gateways: ecoNet SL and ecoNet MSA", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "ecoNet smart grid gateways provide the central link between intelligent endpoint devices and the Utility's backhaul or WAN enabling real time network control and monitoring." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1650", "Certificate Number": "1650", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Unified IP Phone 6921, 6941, 6945 and 6961", "Module Type": "Hardware", "Validation Date": "12/14/201102/23/201212/31/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1650.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1650", "detail_available": true, "module_name": "Cisco Unified IP Phone 6921, 6941, 6945 and 6961", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Unified IP Phones 6921, 6941, 6945, and 6961 deliver cost-effective, full-featured voice communication services in a clutter-free and earth-friendly, ergonomic design." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1649", "Certificate Number": "1649", "Vendor Name": "AirTight Networks, Inc.", "Module Name": "SpectraGuard® Enterprise Server", "Module Type": "Firmware", "Validation Date": "12/14/201101/31/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1649.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1649", "detail_available": true, "module_name": "SpectraGuard® Enterprise Server", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The implementation performs wireless intrusion detection and prevention. It monitors radio channels to ensure conformance of wireless activity to security policy. It mitigates various types of wireless security violations such as rogue wireless networks, unauthorized wireless connections, network mis-configurations and denial of service attacks" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1648", "Certificate Number": "1648", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "12/14/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1648.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1648", "detail_available": true, "module_name": "Samsung Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and only on the specific platforms specified on the reverse", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Provides general purpose cryptographic services to services in the Linux kernel and user-space applications, intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1647", "Certificate Number": "1647", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Unified IP Phone 6901 and 6911", "Module Type": "Hardware", "Validation Date": "12/22/201102/23/201212/31/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1647.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1647", "detail_available": true, "module_name": "Cisco Unified IP Phone 6901 and 6911", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Unified IP Phones 6901 and 6911deliver cost-effective, full-featured voice communication services in a clutter-free and earth-friendly, ergonomic design." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1646", "Certificate Number": "1646", "Vendor Name": "McAfee, Inc.", "Module Name": "Network Security Platform Sensor M-8000 P", "Module Type": "Hardware", "Validation Date": "12/06/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1646.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1646", "detail_available": true, "module_name": "Network Security Platform Sensor M-8000 P", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1645", "Certificate Number": "1645", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Web Gateway WG5000 and WG5500 Appliances", "Module Type": "Hardware", "Validation Date": "12/15/201101/17/201208/24/201208/24/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1645.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1645", "detail_available": true, "module_name": "McAfee Web Gateway WG5000 and WG5500 Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals and opacity baffles installed and initializing the module as specified in Section 3.1 of the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The McAfee Web Gateway is a high-performance, enterprise-strength proxy security appliance family that provides the caching, authentication, administration, authorization controls and deep-level content security filtering required by today’s most demanding enterprises. McAfee Web Gateway WG5000 and WG5500 Appliances deliver scalable deployment flexibility and performance. McAfee Web Gateway WG5000 and WG5500 Appliances deliver comprehensive security for all aspects of Web 2.0 traffic." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1644", "Certificate Number": "1644", "Vendor Name": "VMware, Inc.", "Module Name": "PCoIP Cryptographic Module for VMware View", "Module Type": "Software", "Validation Date": "12/06/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1644.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1644", "detail_available": true, "module_name": "PCoIP Cryptographic Module for VMware View", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The PCoIP Cryptographic module for VMware View is a multi-chip standalone cryptographic module evaluated for use on a standard General Purpose Computer (GPC) platform. The overal security level is Level 2. The module consists of a single shared library which is used by both the PCoIP server and the PCoIP client applications.", "algorithms": [ "AES", "HMAC", "RSA", "SHA", "SHS", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1643", "Certificate Number": "1643", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Common Cryptographic Module (C3M)", "Module Type": "Software", "Validation Date": "11/29/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1643.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1643", "detail_available": true, "module_name": "Cisco Common Cryptographic Module (C3M)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Cisco Common Cryptographic Module (C3M) is a software library that provides cryptographic services to a vast array of Cisco's networking and collaboration products. The module provides FIPS validated cryptographic algorithms for services such as sRTP, SSH, TLS, 802.1x etc. The module does not implement any of the protocols directly. Instead, it provides the cryptographic primitives and functions to allow a developer to implement various protocols.", "algorithms": [ "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1642", "Certificate Number": "1642", "Vendor Name": "U.S. Department of State", "Module Name": "PKI BLADE Cosmo", "Module Type": "Hardware", "Validation Date": "11/21/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1642.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1642", "detail_available": true, "module_name": "PKI BLADE Cosmo", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the fingerprint authentication mechanism parameters configured as indicated in the Security Policy Section 8.6", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The PKI/BLADE applet is based on ISO 7816 and GSC-IS commands interface. The applet is designed to be loaded on any Java card compliant with JavaCard v2.2.1 and Global Platform v2.1.1 specifications including PIV certified Java cards. It is designed to provide services for PKI based logical access applications and to provide strong two factor authentication using fingerprint biometrics." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1641", "Certificate Number": "1641", "Vendor Name": "Mocana Corporation", "Module Name": "Mocana Cryptographic Suite B Module", "Module Type": "Software", "Validation Date": "11/17/201105/29/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1641.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1641", "detail_available": true, "module_name": "Mocana Cryptographic Suite B Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Mocana Cryptographic Module is the engine of Mocana's Device Security Framework - a software framework that secures all aspects of a system. The Device Security Framework helps applications and device designers reduce development costs and dramatically enhance cryptographic performance. For details see www.mocana.com." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1640", "Certificate Number": "1640", "Vendor Name": "Watchdata Technologies Pte Ltd", "Module Name": "WatchKey USB Token", "Module Type": "Hardware", "Validation Date": "11/17/201110/11/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1640.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1640", "detail_available": true, "module_name": "WatchKey USB Token", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The WatchKey USB token provides digital signature generation and verification for online authentication of online transactions and data encryption/decryption to online service users." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1639", "Certificate Number": "1639", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 5940 Embedded Services Routers", "Module Type": "Hardware", "Validation Date": "11/16/201102/23/201207/18/201202/08/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1639.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1639", "detail_available": true, "module_name": "Cisco 5940 Embedded Services Routers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Cisco 5940 is a high-performance, ruggedized router. With onboard hardware encryption, the Cisco 5940 offloads encryption processing from the router to provide highly secure yet scalable video, voice, and data services for mobile and embedded outdoor networks. The Cisco 5940 Embedded Services Routers provide a scalable, secure, manageable remote access server that meets FIPS 140-2 Level 1 requirements. The Cisco 5940 Router Card uses industrial-grade components and is optimized for harsh environments that require Cisco IOS Software routing technology.", "algorithms": [ "AES", "DES", "DRBG", "HMAC", "RSA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1638", "Certificate Number": "1638", "Vendor Name": "Chunghwa Telecom Co., Ltd.", "Module Name": "HiKey - Flash and HiKey PKI Token", "Module Type": "Hardware", "Validation Date": "11/16/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1638.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1638", "detail_available": true, "module_name": "HiKey - Flash and HiKey PKI Token", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The HiKey Flash and HiKey PKI Token modules are multi-chip standalone implementations of a cryptographic module. The Hikey - Flash and HiKey PKI Token modules are USB tokens that adhere to ISO/IEC specifications for Integrated Circuit Chip (ICC) based identification cards. The HiKey - Flash and HiKey PKI Token cryptographic modules contain an implementation of the Global Platform (GP) Version 2.1.1 specification defining a secure infrastructure for post-issuance programmable smart cards." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1637", "Certificate Number": "1637", "Vendor Name": "Certicom Corp.", "Module Name": "Security Builder® FIPS Java Module", "Module Type": "Software", "Validation Date": "11/16/201108/24/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1637.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1637", "detail_available": true, "module_name": "Security Builder® FIPS Java Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Security Builder FIPS Java Module is a standards-based cryptographic toolkit written in Java. It supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into Java-based applications. The Security Builder FIPS Java Module is intended for use by developers who want government level security and can also be used in conjunction with other Certicom developer toolkits including Security Builder PKI and Security Builder SSL." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1636", "Certificate Number": "1636", "Vendor Name": "Seagate Technology LLC", "Module Name": "Seagate Secure Constellation® ES [26-39] and Constellation®.2 [1-25] Self-Encrypting Drives FIPS 140 Module", "Module Type": "Hardware", "Validation Date": "11/10/201103/14/201206/21/201210/17/201212/12/201201/25/201302/20/201409/26/201410/23/201411/14/201605/09/201703/25/201907/07/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1636.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1636", "detail_available": true, "module_name": "Seagate Secure Constellation® ES [26-39] and Constellation®.2 [1-25] Self-Encrypting Drives FIPS 140 Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Seagate Secure Enterprise Self-Encrypting Drives FIPS 140 Module is embodied in Seagate Constellation®.2 and Constellation® ES SED model disk drives. These products meet the performance requirements of the most demanding Enterprise applications. The cryptographic module (CM) provides a wide range of cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, instantaneous user data disposal with cryptographic erase, independently controlled and protected user data LBA bands and authenticated FW download.", "algorithms": [ "AES", "DRBG", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1635", "Certificate Number": "1635", "Vendor Name": "Seagate Technology LLC", "Module Name": "Seagate Secure Constellation® ES.2 [48-76], Savvio® 10K.5 [1-29] and Savvio® 15K.3 [30-47] Self-Encrypting Drives FIPS 140 Module", "Module Type": "Hardware", "Validation Date": "11/10/201111/17/201103/14/201206/21/201210/17/201212/12/201201/25/201310/18/201302/20/201406/05/201409/26/201410/23/201412/10/201504/04/201605/09/201703/25/201907/07/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1635.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1635", "detail_available": true, "module_name": "Seagate Secure Constellation® ES.2 [48-76], Savvio® 10K.5 [1-29] and Savvio® 15K.3 [30-47] Self-Encrypting Drives FIPS 140 Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Seagate Secure Enterprise Self-Encrypting Drives FIPS 140 Module 2 is embodied in Seagate Constellation® ES.2, Savvio® 15K.3, and Savvio® 10K.5 SED model disk drives. These products meet the performance requirements of the most demanding Enterprise applications. The cryptographic module (CM) provides a wide range of cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, instantaneous user data disposal with cryptographic erase, independently controlled and protected user data LBA bands and authenticated FW download.", "algorithms": [ "AES", "DRBG", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1634", "Certificate Number": "1634", "Vendor Name": "Pierson Capital Technology LLC", "Module Name": "MIIKOO", "Module Type": "Hardware", "Validation Date": "11/10/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1634.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1634", "detail_available": true, "module_name": "MIIKOO", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "MIIKOO combines fingerprint recognition and additional cryptography capabilities to generate Dynamic PINs. It is compatible with any type of bank cards by seamlessly providing the added biometrical triggering of dynamic PIN security over the existing financial transaction network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1633", "Certificate Number": "1633", "Vendor Name": "Doremi Labs", "Module Name": "Dolphin DCI 1.2", "Module Type": "Hardware", "Validation Date": "11/10/201106/07/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1633.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1633", "detail_available": true, "module_name": "Dolphin DCI 1.2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Dolphin DCI 1.2 is a PCI-card that provides a standard definition/high definition serial digital interface. This is a Doremi decoder hardware card that contains a JPEG-2000 decoder hardware and BNC serial digital interface connectors used in Doremi Digital Cinema Servers like the DCP-2000. The Dolphin DCI 1.2 utilizes a dual-link encoded serial digital interface for output of DCI compliant resolutions up to 2040x1080p24 (2K-film). It can also operate single link for lower resolution material (i.e. trailers, advertisement, etc.)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1632", "Certificate Number": "1632", "Vendor Name": "Samsung Electronics Co., Ltd.", "Module Name": "Samsung Key Management Module", "Module Type": "Software", "Validation Date": "11/10/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1632.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1632", "detail_available": true, "module_name": "Samsung Key Management Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Provides general purpose key management services to user-space applications on the mobile platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1631", "Certificate Number": "1631", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "01/24/201205/03/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1631.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1631", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1630", "Certificate Number": "1630", "Vendor Name": "Advantor Systems, LLC", "Module Name": "Infraguard Processor Module", "Module Type": "Hardware", "Validation Date": "11/10/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1630.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1630", "detail_available": true, "module_name": "Infraguard Processor Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Infraguard Processor Module (IPM) is a multi-chip, embedded, plug-in encryption module coated with an opaque, tamper evident material. The IPM is used to provide secure LAN and telephone modem communications for Advantor Systems' physical security systems. The IPM is embedded in multiple products, including an alarm panel and an alarm panel receiving product." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1629", "Certificate Number": "1629", "Vendor Name": "Protected Mobility LLC", "Module Name": "PMCryptolib", "Module Type": "Software", "Validation Date": "11/16/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1629.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1629", "detail_available": true, "module_name": "PMCryptolib", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "PMCryptolib is a dynamic linked library software module. The module provides cryptographic services through a Application Programming Interface (API)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1628", "Certificate Number": "1628", "Vendor Name": "NAL Research Corporation", "Module Name": "XM Crypto Module", "Module Type": "Firmware", "Validation Date": "11/07/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1628.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1628", "detail_available": true, "module_name": "XM Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "A3LA-XM is a modem comprised of the XM Crypto Module encryption board and a communication board. It is designed to transmit AES 256-bit encrypted data via a communication network. The A3LA-XM has an internal micro-controller programmed to monitor the modems connectivity status to prevent hardware lock-up. Similar to a standard landline modem, the A3LA-XM can be controlled by any DTE (data terminal equipment) capable of sending standard AT commands via an RS232 serial or a USB 2.0 port." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1627", "Certificate Number": "1627", "Vendor Name": "Communication Devices, Inc.", "Module Name": "Port Authority Series", "Module Type": "Hardware", "Validation Date": "11/01/201108/24/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1627.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1627", "detail_available": true, "module_name": "Port Authority Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. The protocols SSH and SNMP shall not be used when operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Secure Out of Band Management appliance with network port, internal modem, and up to 9 serial ports. Allows Secure Out of Band Access to Firewalls, Routers, Network appliances etc.. Supports up to 256 bit AES CFB encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1626", "Certificate Number": "1626", "Vendor Name": "ViaSat UK Ltd.", "Module Name": "FlagStone Core", "Module Type": "Hardware", "Validation Date": "10/31/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1626.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1626", "detail_available": true, "module_name": "FlagStone Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The FlagStone Core is a multi-chip embedded cryptographic module used within the Eclypt ranges of drives. The FlagStone Core, and subsequently the Eclypt ranges of drives utilising the FlagStone Core, provide access control and data encryption services to protect access to data stored on a connected HDD/SSD (Hard Disk Drive/Solid Data Drive). All accessible sectors on a drive connected to a FlagStone Core are encrypted. The Eclypt range of drives includes Eclypt, Eclypt Freedom and Eclypt Nano." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1625", "Certificate Number": "1625", "Vendor Name": "Mocana Corporation", "Module Name": "Mocana Cryptographic Suite B Module", "Module Type": "Software", "Validation Date": "11/30/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1625.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1625", "detail_available": true, "module_name": "Mocana Cryptographic Suite B Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Mocana Cryptographic Module is the engine of Mocana's Device Security Framework - a software framework that secures all aspects of a system. The Device Security Framework helps applications and device designers reduce development costs and dramatically enhance cryptographic performance. For details see www.mocana.com." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1624", "Certificate Number": "1624", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "10/24/201112/21/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1624.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1624", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 4, "module_type": "Hardware", "embodiment": "Multi-chip embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1623", "Certificate Number": "1623", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "10/24/201112/21/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1623.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1623", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 4, "module_type": "Hardware", "embodiment": "Multi-chip embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1622", "Certificate Number": "1622", "Vendor Name": "Certes Networks, Inc.", "Module Name": "CEP10-R, CEP10 VSE and CEP10-C", "Module Type": "Hardware", "Validation Date": "10/24/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1622.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1622", "detail_available": true, "module_name": "CEP10-R, CEP10 VSE and CEP10-C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Certes Networks CEP encryptors are high performance, integrated encryption appliances that offers full line rate Ethernet Frame encryption for 10Mbps Ethernet transports. Housed in a tamper evident chassis, the Certes Networks CEP10-R and CEP10 VSE has two functional 10BaseT Ethernet ports used for traffic. Traffic on the CEP's local port is received from and transmitted to the trusted network in the clear, while traffic on the CEP's remote port has security processing applied to it. Security processing can be data confidentiality, data integrity and data authentication." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1621", "Certificate Number": "1621", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 7606-S and 7609-S Routers with Supervisor SUP720-3B", "Module Type": "Hardware", "Validation Date": "10/28/201102/09/201202/23/201207/09/201208/16/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1621.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1621", "detail_available": true, "module_name": "Cisco 7606-S and 7609-S Routers with Supervisor SUP720-3B", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident labels and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 7606-S and 7609-S routers are designed for deployment at the network edge, where robust performance and IP/Multiprotocol Label Switching services are necessary to meet the requirements of both enterprises and service providers. It enables Carrier Ethernet service providers to deploy an advanced network infrastructure that supports a range of IP video and triple-play (voice, video, and data) system applications in both the residential and business services markets. They also deliver WAN and metropolitan-area network networking solutions at the enterprise edge.", "algorithms": [ "RSA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1620", "Certificate Number": "1620", "Vendor Name": "Klas Ltd", "Module Name": "KlasRouter", "Module Type": "Hardware", "Validation Date": "10/19/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1620.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1620", "detail_available": true, "module_name": "KlasRouter", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "KlasRouter is a low-power router that provides Virtual Private Networking (including Suite-B algorithms), WAN Acceleration, VLAN and a host of other networking features in a compact package. KlasRouter is standards-based and hence is interoperable with any infastructure and the perfect solution for establishing a remote office in a secure environment." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1619", "Certificate Number": "1619", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "FIPS Multi Service PIC", "Module Type": "Hardware", "Validation Date": "10/19/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1619.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1619", "detail_available": true, "module_name": "FIPS Multi Service PIC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The FIPS Multiple Service PIC supports compressed real time protocol (CRTP), high-speed Network Address Translation (NAT), stateful firewall, tunnel services, IPSec encryption and J-Flow accounting today while having built-in headroom to support additional services in the future." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1618", "Certificate Number": "1618", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "10/18/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1618.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1618", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1617", "Certificate Number": "1617", "Vendor Name": "Dell, Inc.", "Module Name": "Dell PowerConnect J-Series J-SRX100, J-SRX210 and J-SRX240 Services Gateways", "Module Type": "Hardware", "Validation Date": "10/06/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1617.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1617", "detail_available": true, "module_name": "Dell PowerConnect J-Series J-SRX100, J-SRX210 and J-SRX240 Services Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Dell Inc. J-SRX100, J-SRX210, and J-SRX240 Services Gateways are secure routers that provide essential capabilities that connect, secure, and manage work force locations. By consolidating fast, highly available switching, routing, security, and applications capabilities in a single device, enterprises can economically deliver new services, safe connectivity, and a satisfying end user experience. Supports Firewall, Ipsec VPN and IPS." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1616", "Certificate Number": "1616", "Vendor Name": "Concepteers, LLC", "Module Name": "Concepteers Teleconsole E", "Module Type": "Hardware", "Validation Date": "10/05/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1616.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1616", "detail_available": true, "module_name": "Concepteers Teleconsole E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Teleconsole E is an enterprise network appliance providing Secure Remote Diagnostic Access (SRDA) to virtually any technology equipment (IT, Medical, Utilities (SCADA), Manufacturing, Retail (POS) and more). The unified, cross-platform solution is vendor independent and provides Authentication, Authorization, Access and Audit on a single platform to streamline access provisioning, security enforcement and user activity tracking for compliance.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1615", "Certificate Number": "1615", "Vendor Name": "Symantec Corporation", "Module Name": "Symantec Java Cryptographic Module", "Module Type": "Software", "Validation Date": "09/30/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1615.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1615", "detail_available": true, "module_name": "Symantec Java Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "This module contains the embedded module RSA BSAFE® Crypto-J JCE Provider Module validated to FIPS 140-2 under Cert. #1048 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Symantec Java Cryptographic Module provides a comprehensive set of cryptographic services for Symantec products including, but not limited to, the Symantec Data Loss Prevention Suite.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1614", "Certificate Number": "1614", "Vendor Name": "Mocana Corporation", "Module Name": "Mocana Cryptographic Suite B Module", "Module Type": "Software", "Validation Date": "09/30/201110/26/201111/08/201104/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1614.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1614", "detail_available": true, "module_name": "Mocana Cryptographic Suite B Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Mocana Cryptographic Suite B Module is the engine of Mocana's Device Security Framework - a software framework that secures all aspects of a system. The Device Security Framework helps applications and device designers reduce development costs and dramatically enhance cryptographic performance. For details see www.mocana.com." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1613", "Certificate Number": "1613", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SRX100, SRX210, SRX220, SRX240 and SRX650 Services Gateways", "Module Type": "Hardware", "Validation Date": "10/06/201111/08/201112/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1613.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1613", "detail_available": true, "module_name": "Juniper Networks SRX100, SRX210, SRX220, SRX240 and SRX650 Services Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "SRX100, SRX210, SRX220, SRX240 and SRX650 Services Gateways are secure routers that provide essential capabilities that connect, secure, and manage work force locations sized from handfuls to hundreds of users. By consolidating fast, highly available switching, routing, security, and applications capabilities in a single device, enterprises can economically deliver new services, safe connectivity, and a satisfying end user experience. All SRX Series Services Gateways, including products scaled for the branch, campus and data center applications, are powered by Juniper Networks JUNOS the proven" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1612", "Certificate Number": "1612", "Vendor Name": "Mocana Corporation", "Module Name": "Mocana Cryptographic Loadable Kernel Module", "Module Type": "Software", "Validation Date": "09/29/201110/26/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1612.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1612", "detail_available": true, "module_name": "Mocana Cryptographic Loadable Kernel Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Mocana Cryptographic Loadable Kernel Module is the engine of Mocana's Device Security Framework - a software framework that secures all aspects of a system. The Device Security Framework helps applications and device designers reduce development costs and dramatically enhance cryptographic performance. For details see www.mocana.com." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1611", "Certificate Number": "1611", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SRX3400 and SRX3600 Services Gateways", "Module Type": "Hardware", "Validation Date": "10/06/201111/08/201112/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1611.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1611", "detail_available": true, "module_name": "Juniper Networks SRX3400 and SRX3600 Services Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Juniper Networks SRX3000 Series line of services gateways is the next generation solution for securing the ever increasing network infrastructure and applications requirements for both enterprise and service provider environments. Designed from the ground up to provide flexible processing scalability, I/O scalability, and services integration, the SRX3000 Series line can meet the network and security requirements of data center hyper-consolidation, rapid managed services deployments, and aggregation of security solutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1610", "Certificate Number": "1610", "Vendor Name": "EMC Corporation", "Module Name": "4 Gb/s FC I/O Module with Encryption", "Module Type": "Hardware", "Validation Date": "09/26/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1610.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1610", "detail_available": true, "module_name": "4 Gb/s FC I/O Module with Encryption", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Data at Rest Encryption provides hardware-based, back-end encryption for EMC storage systems. Back-end encryption protects information from unauthorized access when drives are physically removed from the system. It also offers a convenient means of decommissioning all drives in the system at once. EMC 4Gb/s Fibre Channel I/O modules implement AES-XTS 256-bit encryption on all drives in the system. These modules encrypt/decrypt data as it is written to and read from a drive. The drives need not be self-encrypting because the I/O module encrypts. All back end drive types are thus supported." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1609", "Certificate Number": "1609", "Vendor Name": "AirTight Networks, Inc.", "Module Name": "SpectraGuard® Enterprise Sensor", "Module Type": "Hardware", "Validation Date": "09/26/201109/16/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1609.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1609", "detail_available": true, "module_name": "SpectraGuard® Enterprise Sensor", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with tamper evident seals installed over the ventilation openings as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The module performs wireless intrusion detection and prevention. It monitors radio channels to ensure conformance of wireless activity to security policy. It mitigates various types of wireless security violations such as rogue wireless networks, unauthorized wireless connections, network mis-configurations and denial of service attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1608", "Certificate Number": "1608", "Vendor Name": "Hewlett-Packard Company", "Module Name": "NonStop Volume Level Encryption (NSVLE)", "Module Type": "Software", "Validation Date": "09/26/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1608.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1608", "detail_available": true, "module_name": "NonStop Volume Level Encryption (NSVLE)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1607", "Certificate Number": "1607", "Vendor Name": "Verdasys, Inc.", "Module Name": "Verdasys Secure Cryptographic Module", "Module Type": "Software", "Validation Date": "09/26/201108/24/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1607.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1607", "detail_available": true, "module_name": "Verdasys Secure Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Verdasys FIPS Kernel Mode Cryptographic Module, VSEC.SYS, is a software module that provides cryptographic services for Digital Guardian's server and endpoint products. The Verdasys FIPS Kernel Mode Cryptographic Module is leveraged in a variety of functions including securing communication, protecting agent components, and file encryption.", "algorithms": [ "AES", "DRBG", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1606", "Certificate Number": "1606", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "Fortress Mesh Points", "Module Type": "Hardware", "Validation Date": "09/26/201105/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1606.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1606", "detail_available": true, "module_name": "Fortress Mesh Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and glue installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Fortress Mesh Point is an all-in-one network access device housed in a rugged compact chassis, with the most stringent security available today built in. It can serve as a wireless bridge, a WLAN access point, and an eight-port LAN switch, while performing all the functions of a Fortress controller device: encrypting wireless traffic and providing Multi-factor Authentication for devices on the network it protects." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1605", "Certificate Number": "1605", "Vendor Name": "Certes Networks, Inc.", "Module Name": "CEP100, CEP100 VSE, CEP100-XSA, CEP1000, CEP1000-DP and CEP1000 VSE", "Module Type": "Hardware", "Validation Date": "09/26/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1605.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1605", "detail_available": true, "module_name": "CEP100, CEP100 VSE, CEP100-XSA, CEP1000, CEP1000-DP and CEP1000 VSE", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Certes Networks CEP encryptors are high performance, integrated encryption appliances that offers full line rate Ethernet Frame encryption for 10Mbps Ethernet transports. Housed in a tamper evident chassis, the Certes Networks CEP has two functional 10BaseT Ethernet ports used for traffic. Traffic on the CEP local port is received from and transmitted to the trusted network in the clear, while traffic on the CEP's remote port has security processing applied to it. Security processing can be data confidentiality, data integrity and data authentication." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1604", "Certificate Number": "1604", "Vendor Name": "Centrify Corporation", "Module Name": "Centrify Cryptographic Module", "Module Type": "Software", "Validation Date": "09/20/201112/01/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1604.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1604", "detail_available": true, "module_name": "Centrify Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Centrify Cryptographic Module is a general purpose cryptographic library. The Centrify Cryptographic Module provides the cryptographic services for all Centrify products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1603", "Certificate Number": "1603", "Vendor Name": "Ciena® Corporation", "Module Name": "Optical Metro 5130", "Module Type": "Hardware", "Validation Date": "09/20/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1603.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1603", "detail_available": true, "module_name": "Optical Metro 5130", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The OM 5130 cost effectively simplifies and secures data file mobility between data centers. The OM 5130 increases WAN efficiency, natively consolidates data and storage networks onto a common encrypted WAN link and delivers definable time-of-day bandwidth management that allocates bandwidth to the required application at the required time of day." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1602", "Certificate Number": "1602", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SRX5600 and SRX5800 Services Gateways", "Module Type": "Hardware", "Validation Date": "09/20/201111/08/201112/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1602.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1602", "detail_available": true, "module_name": "Juniper Networks SRX5600 and SRX5800 Services Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Juniper Networks SRX5000 line of services gateways is the next generation solution for securing the ever increasing network infrastructure and applications requirements for both enterprise and service provider environments. Designed from the ground up to provide flexible processing scalability, I/O scalability, and services integration, the SRX5000 line can meet the network and security requirements of data center hyper-consolidation, rapid managed services deployments, and aggregation of security solutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1601", "Certificate Number": "1601", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Endpoint Encryption for PCs", "Module Type": "Software", "Validation Date": "09/08/201110/04/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1601.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1601", "detail_available": true, "module_name": "McAfee Endpoint Encryption for PCs", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "McAfee Endpoint Encryption for PCs is a Software Only Module which resides on general purpose computer systems. The module is used for whole disk encryption that enables users to secure sensitive data stored on hard disk drives in the event of a lost or stolen workstation or laptop computer. McAfee Endpoint Encryption for PCs is an enterprise class software product that is centrally managed and can be deployed to large heterogeneous enterprise environments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1600", "Certificate Number": "1600", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® z/OS® Version 1 Release 12 System SSL Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "09/08/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1600.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1600", "detail_available": true, "module_name": "IBM® z/OS® Version 1 Release 12 System SSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "System SSL is a set of generic services provided in z/OS to protect TCP/IP communications using the SSL/TLS protocol. System SSL is exploited by many SSL enabled servers and clients in z/OS to meet the transport security constraints required in an On Demand environment. The System SSL APIs are also externalized to customer applications. System SSL has evolved through the latest releases of z/OS to support the new TLS (Transaction Layer Security) standard, to reach an unmatched level of performance and to extend the APIs available to applications to new functions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1599", "Certificate Number": "1599", "Vendor Name": "STMicroelectronics, Inc.", "Module Name": "HardCache™-SL3/PC v2.1", "Module Type": "Hardware", "Validation Date": "09/20/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1599.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1599", "detail_available": true, "module_name": "HardCache™-SL3/PC v2.1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The STMicroelectronics HardCache™-SL3/PC v2.1 Cryptographic Module (HW rev STM7007) is a single chip cryptographic module designed as a hardware accelerated encryption engine for computer and peripheral applications. The cryptographic module is targeted for PC applications including desktop client, laptop, and server systems. Benefits compared to competing hardware and software solutions include better overall system performance, low power, and tamper resistant hardware security." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1598", "Certificate Number": "1598", "Vendor Name": "Symantec Corporation", "Module Name": "Symantec Cross-Platform Cryptographic Module", "Module Type": "Software", "Validation Date": "09/02/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1598.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1598", "detail_available": true, "module_name": "Symantec Cross-Platform Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Symantec Cross-Platform Cryptographic Module (SymCPM) is a software module with a multi-chip standalone embodiment. The overall security level of the module is 1. SymCPM is implemented in the C programming language and consists of three components. It is designed to execute on a host system with a General Purpose Computer (GPC) hardware platform.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1597", "Certificate Number": "1597", "Vendor Name": "Bomgar Corporation", "Module Name": "B200™ and B300™ Remote Support Appliances", "Module Type": "Hardware", "Validation Date": "08/31/201110/26/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1597.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1597", "detail_available": true, "module_name": "B200™ and B300™ Remote Support Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals applied as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Bomgar Remote Support Appliances provide technicians secure remote control of devices over the internet/LAN/WAN. Bomgar allows collaborative remote support to various operating systems, including desktops, servers, mobile and network devices. In addition, Bomgar provides extensive auditing and recording of support sessions.", "algorithms": [ "AES", "DES", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1596", "Certificate Number": "1596", "Vendor Name": "Bomgar Corporation", "Module Name": "B400™ Remote Support Appliance", "Module Type": "Hardware", "Validation Date": "08/31/201110/26/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1596.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1596", "detail_available": true, "module_name": "B400™ Remote Support Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals applied as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Bomgar Remote Support Appliances provide technicians secure remote control of devices over the internet/LAN/WAN. Bomgar allows collaborative remote support to various operating systems, including desktops, servers, mobile and network devices. In addition, Bomgar provides extensive auditing and recording of support sessions.", "algorithms": [ "AES", "DES", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1595", "Certificate Number": "1595", "Vendor Name": "Symantec Corporation", "Module Name": "Symantec Enterprise Vault Cryptographic Module", "Module Type": "Software", "Validation Date": "08/31/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1595.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1595", "detail_available": true, "module_name": "Symantec Enterprise Vault Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module Windows Server 2003 Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #1012 operating in FIPS mode or Windows Server 2008 R2 Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #1337 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Symantec Enterprise Vault Cryptographic Module is a multi-chip standalone physical embodiment. The module consists of a DLL which interfaces with the Microsoft Cryptographic API to provide the required cryptographic functionality. The Enterprise Vault Cryptographic Module may be used for encryption/decryption of Enterprise Vault passwords, hashing of indexes, and random number generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1594", "Certificate Number": "1594", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet Ethernet Encryptor, Branch Office", "Module Type": "Hardware", "Validation Date": "09/27/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1594.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1594", "detail_available": true, "module_name": "SafeNet Ethernet Encryptor, Branch Office", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. Refer to the cryptographic module's security policy for the details on the letter v designations.", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeNet Ethernet Encryptor Branch Office provides data privacy and access control for connections between vulnerable public and private networks. It employs a FIPS-approved AES algorithm and can be deployed in 10 Megabit Ethernet networks. The encryptor can be centrally controlled or managed across multiple remote stations using SafeNet's Security Management Center (SMC), a SNMPv3-based security management system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1593", "Certificate Number": "1593", "Vendor Name": "Mxtran Inc.", "Module Name": "Mxtran Payeeton Solution", "Module Type": "Hardware", "Validation Date": "08/22/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1593.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1593", "detail_available": true, "module_name": "Mxtran Payeeton Solution", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Mxtran Payeeton Solution (MPS, hereafter referred to as the module) of Mxtran Inc. acts as a flexible platform for diversified mobile commerce services, allowing Mxtran clients to support both proximity payment and mobile payment via SMS for prepaid, online paid and post-paid services including e-ticketing, e-coupons, access control, membership management and more. Mxtran leverages extensive integrated circuit expertise to deliver highly customizable, portable applications and payment services in a single handset." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1591", "Certificate Number": "1591", "Vendor Name": "Symantec Corporation", "Module Name": "Symantec Cryptographic Module", "Module Type": "Software", "Validation Date": "08/12/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1591.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1591", "detail_available": true, "module_name": "Symantec Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Symantec Cryptographic Module is a software module with a multi-chip standalone embodiment. The overall security level of the module is 1. SymCrypt is implemented in the C programming language and consists of a shared library that is linked with SSIM application components. It is designed to execute on a host system with a General Purpose Computer (GPC) hardware platform.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "KDF", "RSA", "SHA", "SHS", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1590", "Certificate Number": "1590", "Vendor Name": "BAE Systems", "Module Name": "STOP OS 7 Kernel Cryptographic Module", "Module Type": "Software", "Validation Date": "08/10/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1590.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1590", "detail_available": true, "module_name": "STOP OS 7 Kernel Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The STOP 7 Kernel Cryptographic Module is a library that is distributed as part of the monolithic kernel. The module provides the general purpose cryptographic functionality used by the kernel and kernel modules." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1589", "Certificate Number": "1589", "Vendor Name": "ZTE Corporation", "Module Name": "UEP Cryptographic Module", "Module Type": "Software", "Validation Date": "08/10/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1589.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1589", "detail_available": true, "module_name": "UEP Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "UEP cryptographic mpdule provides general purpose cryptographic services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1588", "Certificate Number": "1588", "Vendor Name": "McAfee, Inc.", "Module Name": "Agent Cryptographic Module", "Module Type": "Software", "Validation Date": "08/05/201104/26/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1588.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1588", "detail_available": true, "module_name": "Agent Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module RSA BSAFE Crypto-C Micro Edition validated to FIPS 140-2 under Cert. #828 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "McAfee Agent Cryptographic Module provides cryptographic operations for McAfee Agent, a software agent used in conjunction with McAfee ePolicy Orchestrator (ePO) to manage and monitor numerous end-point security products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1587", "Certificate Number": "1587", "Vendor Name": "McAfee, Inc.", "Module Name": "ePO Cryptographic Module", "Module Type": "Software", "Validation Date": "08/05/201111/17/201104/02/201208/16/201201/04/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1587.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1587", "detail_available": true, "module_name": "ePO Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with module RSA BSAFE® Crypto-J validated to FIPS 140-2 under Cert. #1047 operating in FIPS mode and with module RSA BSAFE® Crypto-C Micro Edition validated to FIPS 140-2 under Cert. #1092 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "McAfee ePO Cryptographic Module provides cryptographic operations for McAfee ePolicy Orchestrator (ePO), a security management software that allows enterprises to unify the management of numerous end-point, network, and data security products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1586", "Certificate Number": "1586", "Vendor Name": "ZTE Corporation", "Module Name": "Unified Platform Cryptographic Library", "Module Type": "Software", "Validation Date": "08/09/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1586.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1586", "detail_available": true, "module_name": "Unified Platform Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Unified Platform Cryptographic Library provides general purpose cryptographic services intended to protect data in transit and at rest." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1585", "Certificate Number": "1585", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-80C [1], FortiGate-110C [2] and FortiGate-111C [3]", "Module Type": "Hardware", "Validation Date": "07/27/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1585.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1585", "detail_available": true, "module_name": "FortiGate-80C [1], FortiGate-110C [2] and FortiGate-111C [3]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "FortiGate Multi-Threat Security Solutions are dedicated, hardware-based devices that deliver complete content protection against blended threats at the network perimeter or within the internal network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1584", "Certificate Number": "1584", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-1240B [1], FortiGate-3016B [2], FortiGate-3600A [3] and FortiGate-3810A-E4 [4]", "Module Type": "Hardware", "Validation Date": "07/27/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1584.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1584", "detail_available": true, "module_name": "FortiGate-1240B [1], FortiGate-3016B [2], FortiGate-3600A [3] and FortiGate-3810A-E4 [4]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "FortiGate Multi-Threat Security Solutions are dedicated, hardware-based devices that deliver complete content protection against blended threats at the network perimeter or within the internal network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1583", "Certificate Number": "1583", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-200B [1], FortiGate-300A [2], FortiGate-300A-HD [3], FortiGate-310B [4], FortiGate-311B [5], FortiGate-620B [6] and FortiGate-800 [7]", "Module Type": "Hardware", "Validation Date": "07/27/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1583.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1583", "detail_available": true, "module_name": "FortiGate-200B [1], FortiGate-300A [2], FortiGate-300A-HD [3], FortiGate-310B [4], FortiGate-311B [5], FortiGate-620B [6] and FortiGate-800 [7]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "FortiGate Multi-Threat Security Solutions are dedicated, hardware-based devices that deliver complete content protection against blended threats at the network perimeter or within the internal network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1582", "Certificate Number": "1582", "Vendor Name": "Motorola, Inc.", "Module Name": "IPCryptR2", "Module Type": "Hardware", "Validation Date": "07/27/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1582.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1582", "detail_available": true, "module_name": "IPCryptR2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The IPCryptR2 provides secure key management and data encryption in Astro, Dimetra and Broadband Systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1581", "Certificate Number": "1581", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "Check Point IP Appliance", "Module Type": "Hardware", "Validation Date": "10/11/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1581.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1581", "detail_available": true, "module_name": "Check Point IP Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Check Point IP Applicances are full-featured enterprise systems designed for small to medium enterprises, with Service Provider flexibility and rapid serviceability option in a single rack space. When combined with Check Point VPN-1 these platforms provide reliable, easy to manage distributed security and access." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1580", "Certificate Number": "1580", "Vendor Name": "Hewlett-Packard TippingPoint", "Module Name": "HP TippingPoint Security Management System", "Module Type": "Firmware", "Validation Date": "08/10/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1580.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1580", "detail_available": true, "module_name": "HP TippingPoint Security Management System", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The HP Security Management System Appliance Series delivers enterprise-class security management capabilities that are simple to use and extremely powerful. The Security Management System Appliance is a hardened appliance that provides both global vision and security policy control for large-scale deployments of all HP products, including HP Intrusion Prevention Systems (IPS), Core Controllers, and SSL Appliances. The appliance is responsible for discovering, monitoring, configuring, diagnosing, remediating, and reporting for global IPS deployments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1579", "Certificate Number": "1579", "Vendor Name": "Certicom Corp.", "Module Name": "Security Builder FIPS Module", "Module Type": "Software", "Validation Date": "07/21/201106/05/201208/16/201203/13/201501/26/201607/05/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1579.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1579", "detail_available": true, "module_name": "Security Builder FIPS Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Security Builder FIPS Module is a standards-based cryptographic toolkit that supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into both mobile and server-based applications. The Security Builder FIPS Module is part of the Certicom Security Architecture, a comprehensive cross-platform security solution which supports multiple cryptographic software and hardware providers with a single common API." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1578", "Certificate Number": "1578", "Vendor Name": "BlackBerry", "Module Name": "BlackBerry OS Cryptographic Library", "Module Type": "Software", "Validation Date": "07/21/201106/05/201208/16/201201/24/201302/22/201304/11/201401/24/201606/21/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1578.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1578", "detail_available": true, "module_name": "BlackBerry OS Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The BlackBerry OS Cryptographic Library is a software module that provides the cryptographic functionality required for secure operation of the BlackBerry® PlayBook™ and devices running the BlackBerry® 10 OS ." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1577", "Certificate Number": "1577", "Vendor Name": "Futurex", "Module Name": "EXP9000 Hardware Security Module", "Module Type": "Hardware", "Validation Date": "08/05/201102/01/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1577.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1577", "detail_available": true, "module_name": "EXP9000 Hardware Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The EXP9000 cryptographic module provides secure encryption, storage, and transmission of sensitive data used in a wide variety of applications including Futurex Hardware Security Modules (HSM) and Key Management Servers (KMS)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1576", "Certificate Number": "1576", "Vendor Name": "Teledyne Webb Research", "Module Name": "MiniCrypt", "Module Type": "Software", "Validation Date": "07/21/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1576.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1576", "detail_available": true, "module_name": "MiniCrypt", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "MiniCrypt is a small, low resource utilization, software library for use in embedded systems, providing encryption, decrypting, hashing and message authentication functions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1575", "Certificate Number": "1575", "Vendor Name": "Research In Motion Ltd.", "Module Name": "BlackBerry Smartcard Reader", "Module Type": "Hardware", "Validation Date": "07/15/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1575.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1575", "detail_available": true, "module_name": "BlackBerry Smartcard Reader", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The BlackBerry Smart Card Reader for BlackBerry devices is an accessory that, when used in proximity to certain Bluetooth® enabled BlackBerry devices and computers, integrates smart card use with the BlackBerry Enterprise Solution, letting users authenticate with their smart cards to log in to Bluetooth enabled BlackBerry devices and computers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1574", "Certificate Number": "1574", "Vendor Name": "McAfee, Inc.", "Module Name": "Endpoint Encryption Manager", "Module Type": "Software", "Validation Date": "07/15/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1574.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1574", "detail_available": true, "module_name": "Endpoint Encryption Manager", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "McAfee Endpoint Encryption Manager (EEMgr) is the central management console for McAfee Endpoint Encryption for PC clients and users. The EEMgr allows authorized administrators to manage system users and computers, configure and apply security policies, recover user credentials, and create custom login tokens to be used with smart cards and PKI systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1573", "Certificate Number": "1573", "Vendor Name": "U.S. Department of State", "Module Name": "PKI BLADE Applet and Protiva PIV DL Card", "Module Type": "Hardware", "Validation Date": "07/15/201102/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1573.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1573", "detail_available": true, "module_name": "PKI BLADE Applet and Protiva PIV DL Card", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the fingerprint authentication mechanism parameters configured as indicated in the Security Policy Section 12", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The PKI/BLADE applet is based on ISO 7816 and GSC-IS commands interface. The applet is designed to be loaded on any Java card compliant with JavaCard v2.2.1 and Global Platform v2.1.1 specifications including PIV certified Java cards. It is designed to provide services for PKI based logical access applications and to provide strong two factor authentication using passwords and fingerprints biometrics." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1572", "Certificate Number": "1572", "Vendor Name": "Harris Corporation", "Module Name": "Harris AES Software Load Module", "Module Type": "Software", "Validation Date": "07/13/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1572.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1572", "detail_available": true, "module_name": "Harris AES Software Load Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Harris AES Software Load Module is a single software component which provides cryptographic services directly to a Digital Signal Processor (DSP) application on Harris terminals." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1571", "Certificate Number": "1571", "Vendor Name": "Thales - nCipher", "Module Name": "nShield Connect 6000 [1], nShield Connect 1500 [2] and nShield Connect 500 [3]", "Module Type": "Hardware", "Validation Date": "07/13/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1571.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1571", "detail_available": true, "module_name": "nShield Connect 6000 [1], nShield Connect 1500 [2] and nShield Connect 500 [3]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode with nShield PCIe validated to FIPS 140-2 under Cert. #1063", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Thales nShield Connect is a network-attached hardware security module for business continuity of always-on, mission-critical systems in shared infrastructures, providing high availability, scalability and remote management for cryptographic infrastructures. Part of the nCipher product line, nShield Connect is the world's first HSM with redundant, hot-swappable power supplies, and enables organizations to build reliable, large-scale cryptographic services for their infrastructures." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1570", "Certificate Number": "1570", "Vendor Name": "SanDisk Corporation", "Module Name": "Cruzer Enterprise FIPS Edition", "Module Type": "Hardware", "Validation Date": "08/12/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1570.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1570", "detail_available": true, "module_name": "Cruzer Enterprise FIPS Edition", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The SanDisk Cruzer Enterprise FIPS Edition secure USB flash drive offers on-the-fly hardware encryption for enterprises and government agencies that helps IT professionals within those organizations to effectively protect information on company-issued USB flash drives. It is specially designed to meet the unique USB security, compliance, and manageability needs of large organizations. With FIPS 140-2 level 2 certification inside, the Cruzer Enterprise FIPS Edition caters to the ultra-sensitive security requirements of government agencies and enterprises." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1569", "Certificate Number": "1569", "Vendor Name": "Doremi Labs", "Module Name": "IMB", "Module Type": "Hardware", "Validation Date": "07/11/201108/16/201206/07/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1569.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1569", "detail_available": true, "module_name": "IMB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The IMB (Integrated Media Block) is a card that utilizes Doremi’s patented 4K media block technology. The IMB can be installed in a DLP Series-II 4K-ready projector along with Doremi’s external ShowVault™, allowing to perform 4K content playback. The customer can still choose to project in 2K using the IMB." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1568", "Certificate Number": "1568", "Vendor Name": "McAfee, Inc.", "Module Name": "Endpoint Encryption Manager", "Module Type": "Software", "Validation Date": "06/30/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1568.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1568", "detail_available": true, "module_name": "Endpoint Encryption Manager", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "McAfee Endpoint Encryption Manager (EEMgr) is the central management console for McAfee Endpoint Encryption for PC clients and users. The EEMgr allows authorized administrators to manage system users and computers, configure and apply security policies, recover user credentials, and create custom login tokens to be used with smart cards and PKI systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1567", "Certificate Number": "1567", "Vendor Name": "Lumension Security, Inc.", "Module Name": "Lumension Cryptographic Kernel", "Module Type": "Software", "Validation Date": "06/27/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1567.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1567", "detail_available": true, "module_name": "Lumension Cryptographic Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Lumension Cryptographic Kernel (LCK) v1.0 provides the cryptographic functions for certain Lumension products, including Application and Device Control. These products secure endpoints from malware and unauthorized software execution, and from malicious or accidental data loss through the use of removable devices and media." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1566", "Certificate Number": "1566", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® CNG Cryptographic Primitives Library", "Module Type": "Software", "Validation Date": "06/27/201101/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1566.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1566", "detail_available": true, "module_name": "RSA BSAFE® CNG Cryptographic Primitives Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSA BSAFE® CNG Cryptographic Primitives Library is a drop-in replacement for the Microsoft user-mode CNG (Cryptograpy, Next Generation) provider. It supports a wide range of industry standard encryption algorithms. Software applications written against the Microsoft CNG framework, that do not explicitly request a specific provider, will automatically use the BSAFE CNG cryptographic implementations without modification once the BSAFE CNG Primitive Provider is installed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1565", "Certificate Number": "1565", "Vendor Name": "Xceedium, Inc.", "Module Name": "Xceedium Xsuite", "Module Type": "Hardware", "Validation Date": "06/23/201112/03/201210/23/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1565.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1565", "detail_available": true, "module_name": "Xceedium Xsuite", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Xceedium's GateKeeper is a hardened appliance that functions as a secure centralized management platform that enables IT operations to remotely manage data centers as one integrated system. A standardized security model can be developed to mitigate the risks of \"untrusted\" users; provide centralized access and policy, compartmentalize down to the port, define good and bad behavior, alert and restrict access to applications or commands. GateKeeper provides touch free support and includes all access methods and tools for in-band, out-of-band and power control." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1564", "Certificate Number": "1564", "Vendor Name": "Schweitzer Engineering Laboratories, Inc.", "Module Name": "SEL-3044", "Module Type": "Hardware", "Validation Date": "06/23/201102/15/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1564.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1564", "detail_available": true, "module_name": "SEL-3044", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SEL-3044 SEL Encryption Card provides strong cryptographic security to a variety of communications networks. It protects point-to-point, multi-drop, and many-to-many networks. The SEL-3044 secures all byte oriented serial protocols including popular SCADA or PCS protocols like DNP and MODBUS common to PLC, IED, and RTU products. It quickly integrates into serial communication networks including modem and data radio." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1563", "Certificate Number": "1563", "Vendor Name": "3e Technologies International, Inc.", "Module Name": "3e-030-2 Security Server Cryptographic Core", "Module Type": "Software", "Validation Date": "06/20/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1563.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1563", "detail_available": true, "module_name": "3e-030-2 Security Server Cryptographic Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The 3e-030-2 Security Server Cryptographic Core (Version 4.0) provides FIPS 140-2 validated cryptographic functionality for the 3eTI Security Server product, a RADIUS based Authentication Server, capable of EAP-TLS authentication of wireless client, support of JITC DoD-signed certificates for PKI usage, and full 802.11i support. The 3e-030-2 provides the following FIPS-approved cryptographic algorithms: AES, SHA-1, SHA-2, HMAC, RSA DSA ECDSA sign/verify, FIPS 186-2 PRNG. The 3e-030-2 also supports the following non-FIPS cryptographic algorithms: Diffie Hellman, ECDH and MD5" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1562", "Certificate Number": "1562", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Datacryptor® Gig Ethernet [1] and 10 Gig Ethernet [2]", "Module Type": "Hardware", "Validation Date": "06/20/201102/13/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1562.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1562", "detail_available": true, "module_name": "Datacryptor® Gig Ethernet [1] and 10 Gig Ethernet [2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When configured with the Multi-Point license as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Datacryptor® Gig Ethernet and 10 Gig Ethernet are rack-mountable multi-chip standalone cryptographic modules designed to secure data transmissions across public Ethernet Layer 2 networks. The Gig Ethernet uses an SFP transceiver and the 10 Gig Ethernet uses a higher-speed XFP transceiver. The Datacryptor® employs an automatic key generation and exchange mechanism using X.509 v3 certificates and the Diffie-Hellman key agreement scheme. The algorithm used for securing data transmission is AES-256 GCM." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1561", "Certificate Number": "1561", "Vendor Name": "Oracle Corporation", "Module Name": "StorageTek™ T10000C Tape Drive", "Module Type": "Hardware", "Validation Date": "06/17/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1561.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1561", "detail_available": true, "module_name": "StorageTek™ T10000C Tape Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The StorageTek™ T10000C Tape Drive provides 5 TB native capacity and 240 MB/sec throughput using BaFe media and with backward read compatibility to the T10000A/B. Designed for maximum security and performance, the T10000C provides AES-256 encryption to protect and authenticate customer data and to provide secure, authenticated transmission of key material. Designed for maximum performance, the drive allows the use of multiple keys per tape with a cache memory to minimize the overhead of key transmission. Works seamlessly with the Oracle OKM to provide a secure end-to-end management solution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1560", "Certificate Number": "1560", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 3925E and Cisco 3945E Integrated Services Routers (ISRs)", "Module Type": "Hardware", "Validation Date": "06/14/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1560.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1560", "detail_available": true, "module_name": "Cisco 3925E and Cisco 3945E Integrated Services Routers (ISRs)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 3925E and 3945E Integrated Services Routers are routing platforms that provide comprehensive security services including VPN for small businesses, enterprise small branch and teleworkers. The new platforms are architected to enable the next phase of branch-office evolution, providing rich media collaboration and virtualization to the branch while offering a wide-range of connectivity options." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1559", "Certificate Number": "1559", "Vendor Name": "Utimaco Inc.", "Module Name": "Atalla Cryptographic Subsystem (ACS)", "Module Type": "Hardware", "Validation Date": "06/14/201109/19/201101/25/201602/09/201612/21/201712/04/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1559.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1559", "detail_available": true, "module_name": "Atalla Cryptographic Subsystem (ACS)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Atalla Cryptographic Subsystem (ACS) is a multi-chip embedded cryptographic module that provides secure cryptographic processing. The ACS features secure key management and storage capabilities, and also provides high performance AES processing." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1558", "Certificate Number": "1558", "Vendor Name": "Sony Corporation", "Module Name": "Gemini", "Module Type": "Hardware", "Validation Date": "06/14/201107/19/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1558.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1558", "detail_available": true, "module_name": "Gemini", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The primary purpose of the Gemini is to provide decryption, decoding/encoding of audio/video data for the digital cinema projector system in which it is being employed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1557", "Certificate Number": "1557", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise 2150E", "Module Type": "Hardware", "Validation Date": "06/09/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1557.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1557", "detail_available": true, "module_name": "McAfee Firewall Enterprise 2150E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1556", "Certificate Number": "1556", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise 1100E", "Module Type": "Hardware", "Validation Date": "06/09/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1556.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1556", "detail_available": true, "module_name": "McAfee Firewall Enterprise 1100E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee's Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1555", "Certificate Number": "1555", "Vendor Name": "BlockMaster AB", "Module Name": "BM-C1000", "Module Type": "Hardware", "Validation Date": "06/07/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1555.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1555", "detail_available": true, "module_name": "BM-C1000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The BlockMaster microcontroller BM9931 powers FIPS secure USB flash drives. All data stored is encrypted transparently on the fly within the hardware in accordance with the specification of the Federal Information Processing Standard (FIPS 140-2)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1554", "Certificate Number": "1554", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Firewall Enterprise 4150E", "Module Type": "Hardware", "Validation Date": "06/07/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1554.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1554", "detail_available": true, "module_name": "McAfee Firewall Enterprise 4150E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1553", "Certificate Number": "1553", "Vendor Name": "Comtech EF Data Corporation", "Module Name": "SLM-5650A TRANSEC Module", "Module Type": "Hardware", "Validation Date": "06/07/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1553.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1553", "detail_available": true, "module_name": "SLM-5650A TRANSEC Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The SLM-5650 satellite modem includes a single FIPS card called the SLM-5650A TRANSEC Module that will perform bulk encryption of all packets for transmission over the satellite regardless of the protocol, the format of data, or existing encryption on the incoming data. The SLM-5650A TRANSEC Module uses 256-bit AES in CBC mode for bulk encryption of all data requiring encryption. The module is managed using a proprietary graphical user interface (GUI) over TLS, referred to as the Management & Control Console, and a command line management interface over SSH.", "algorithms": [ "AES", "DES", "ECDSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1552", "Certificate Number": "1552", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "Check Point IP Appliance", "Module Type": "Hardware", "Validation Date": "06/07/201110/04/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1552.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1552", "detail_available": true, "module_name": "Check Point IP Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Nokia VPN Applicances are full-featured enterprise systems designed for small to medium enterprises, with Service Provider flexibility and rapid serviceability option in a single rack space. When combined with Check Point VPN-1 these platforms provide reliable, easy to manage distributed security and access." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1551", "Certificate Number": "1551", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "Check Point IP Appliance", "Module Type": "Hardware", "Validation Date": "07/21/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1551.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1551", "detail_available": true, "module_name": "Check Point IP Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Nokia VPN Applicances are full-featured enterprise systems designed for small to medium enterprises, with Service Provider flexibility and rapid serviceability option in a single rack space. When combined with Check Point VPN-1 these platforms provide reliable, easy to manage distributed security and access." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1550", "Certificate Number": "1550", "Vendor Name": "SafeNet, Inc.", "Module Name": "ProtectServer Internal Express (PSI-e)", "Module Type": "Hardware", "Validation Date": "06/07/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1550.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1550", "detail_available": true, "module_name": "ProtectServer Internal Express (PSI-e)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The SafeNet PSI-e is a high-end intelligent PCI adapter card that provides a wide range of cryptographic functions using firmware and dedicated hardware processors. The module provides key management (e.g., generation, storage, deletion, and backup), an extensive suite of cryptographic mechanisms, and process management including separation between operators. The PSI-e also features non-volatile tamper protected memory for key storage, a hardware random number generator, and an RTC." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1549", "Certificate Number": "1549", "Vendor Name": "Sophos Ltd.", "Module Name": "SafeGuard Cryptographic Engine", "Module Type": "Software", "Validation Date": "05/27/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1549.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1549", "detail_available": true, "module_name": "SafeGuard Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SafeGuard Cryptographic Engine is the core cryptographic component of Sophos' encryption products SafeGuard Enterprise, SafeGuard PrivateDisk, SafeGuard LAN Crypt and SafeGuard PrivateCrypto. It provides a solid implementation of standard algorithms used for disk and file encryption, key generation, key management, and integrity protection." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1548", "Certificate Number": "1548", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Motorola Network Router (MNR) S2500", "Module Type": "Hardware", "Validation Date": "05/23/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1548.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1548", "detail_available": true, "module_name": "Motorola Network Router (MNR) S2500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "MNR S2500 routers are versatile, secure-capable devices that can ensure timely delivery of delay-sensitive traffic. Supporting secure integrated voice and data applications as well as high-speed site-to-site WAN connections, S2500 routers perform simultaneous functions - including compression and data prioritization - without compromising their ability to accomplish additional packet-handling functions as needed. In addition to the normal routing functions, the MNR S2500 supports data encryption and authentication over Ethernet and Frame Relay links using the IPSec and FRF.17 protocols." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1547", "Certificate Number": "1547", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Motorola Network Router (MNR) S6000", "Module Type": "Hardware", "Validation Date": "05/23/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1547.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1547", "detail_available": true, "module_name": "Motorola Network Router (MNR) S6000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "MNR S6000 routers are versatile, secure-capable devices that can ensure timely delivery of delay-sensitive traffic. Supporting secure integrated voice and data applications as well as high-speed site-to-site WAN connections, S6000 routers perform simultaneous functions - including compression and data prioritization - without compromising their ability to accomplish additional packet-handling functions as needed. In addition to the normal routing functions, the MNR S6000 supports data encryption and authentication over Ethernet and Frame Relay links using the IPSec and FRF.17 protocols." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1546", "Certificate Number": "1546", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Motorola GGM 8000 Gateway", "Module Type": "Hardware", "Validation Date": "06/09/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1546.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1546", "detail_available": true, "module_name": "Motorola GGM 8000 Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "GGM 8000 devices are versatile, secure-capable devices that can ensure timely delivery of delay-sensitive traffic. Supporting secure integrated voice and data applications as well as high-speed site-to-site WAN connections, GGM 8000 perform simultaneous functions - including compression and data prioritization - without compromising their ability to accomplish additional packet-handling functions as needed. In addition to the normal packet forwarding functions, the GGM 8000 supports data encryption and authentication over Ethernet and Frame Relay links using the IPSec and FRF.17 protocols." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1545", "Certificate Number": "1545", "Vendor Name": "Hewlett-Packard TippingPoint", "Module Name": "HP TippingPoint Intrusion Prevention System", "Module Type": "Hardware", "Validation Date": "05/27/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1545.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1545", "detail_available": true, "module_name": "HP TippingPoint Intrusion Prevention System", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Inserted transparently into the network, the HP TippingPoint Intrusion Prevention System (IPS) is an in-line security device that performs high-performance, deep packet inspection to protect customer networks from attack. The IPS blocks malicious and unwanted traffic, while allowing good traffic to pass unimpeded. In fact, the IPS optimizes the performance of good traffic by continually cleansing the network and prioritizing applications that are mission critical." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1544", "Certificate Number": "1544", "Vendor Name": "LaserCard Corporation", "Module Name": "LaserCard LCCIDProtect", "Module Type": "Hardware", "Validation Date": "05/10/201107/27/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1544.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1544", "detail_available": true, "module_name": "LaserCard LCCIDProtect", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "FIPS Approved algorithms (relies on loaded applications): AES (Cert. #1412); RSA (Cert. #688); SHS (Cert. #1282) LaserCard LCCIDProtect is a cryptographic module based on the Athena OS755 Java Card smart card operating system with 72Kbyte of EEPROM. LCCIDProtect is compliant with the latest Java Card 2.2.2 and GlobalPlatform 2.1.1 specifications. LCCIDProtect exposes PKI and biometric APIs and is designed for high performance government and enterprise smart card applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1543", "Certificate Number": "1543", "Vendor Name": "CareFusion", "Module Name": "Alaris™ PC Unit Model 8015", "Module Type": "Hardware", "Validation Date": "05/27/201101/11/201209/27/201206/05/201402/13/201507/23/201508/07/201506/07/201607/10/201710/26/201703/26/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1543.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1543", "detail_available": true, "module_name": "Alaris™ PC Unit Model 8015", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The CareFusion Alaris™ PC Unit Model 8015 is a point-of-care unit, which is the main component of the Alaris System. The Alaris System is a modular system intended for adult, pediatric, and neonatal care in a professional healthcare environment. The Alaris System brings a higher level of medication error prevention to the point of patient care." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1542", "Certificate Number": "1542", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "05/05/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1542.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1542", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1541", "Certificate Number": "1541", "Vendor Name": "3e Technologies International, Inc.", "Module Name": "3e-523-3 Secure Multi-function Wireless Data Point", "Module Type": "Hardware", "Validation Date": "04/29/201108/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1541.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1541", "detail_available": true, "module_name": "3e-523-3 Secure Multi-function Wireless Data Point", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The 3e-523-3 operates as either a gateway connecting a local area network to wide area network (WAN), an access point within a wireless local area network (WLAN), a client within a WLAN, or a wireless bridging device. 3eTI software provides the following major services in FIPS mode: Wireless 802.11a/b/g Access Point functionality; Wireless 802.11a/b/g Client functionality; Wireless 802.11a/b/g Bridge functionality; Wireless 802.11a/b/g Mesh functionality (auto-forming, self-healing wireless capability); IEEE 802.11i." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1540", "Certificate Number": "1540", "Vendor Name": "XYPRO® Technology Corporation", "Module Name": "XYGATE /ESDK", "Module Type": "Software", "Validation Date": "04/28/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1540.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1540", "detail_available": true, "module_name": "XYGATE /ESDK", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The XYGATE Encryption Software Development Kit [XESDK] is a dynamically linked software library that supplies: symmetric key encryption including the approved AES and TripleDES; hashing algorithms including the approved SHA-1 and SHA-256; public key encryption including RSA; signature algorithms including the approved RSA and DSA; secure session protocols such as SSH, SSL and TLS and e-mail protocols such as PGP and S/MIME. Based on cryptlib by Peter Gutmann, the XESDK, written in C, provides encryption services for applications, communications and databases across multiple computer platforms.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1539", "Certificate Number": "1539", "Vendor Name": "Xirrus, Inc.", "Module Name": "Xirrus Wi-Fi Array XN4, XN8, XN12 and XN16", "Module Type": "Hardware", "Validation Date": "05/05/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1539.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1539", "detail_available": true, "module_name": "Xirrus Wi-Fi Array XN4, XN8, XN12 and XN16", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with tamper evident seals and security straps installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Xirrus Wi-Fi Array consists of 4, 8, 12, or 16 802.11abgn access points coupled to a directional antenna system, and integrated together with a multi-gigabit switch, controller, firewall, threat sensor, and spectrum analyzer into a single, easy-to-install device." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1538", "Certificate Number": "1538", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Datacryptor® 100M Ethernet", "Module Type": "Hardware", "Validation Date": "04/28/201105/12/201105/09/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1538.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1538", "detail_available": true, "module_name": "Datacryptor® 100M Ethernet", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When configured with the Multi-Point license as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Datacryptor® 100 Mbps Ethernet Layer 2 is a rack-mountable multi-chip standalone cryptographic module designed to secure data in transmissions across public Ethernet Layer 2 networks. The Datacryptor® uses 100BaseT ports to connect the host and public sides of the network. The Datacryptor® employs an automatic key generation and exchange mechanism using X.509 v3 certificates and the Diffie-Hellman key agreement scheme. The algorithm used for securing data transmission is AES-256 GCM." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1537", "Certificate Number": "1537", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade Mobility RFS7000 Controller", "Module Type": "Hardware", "Validation Date": "04/28/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1537.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1537", "detail_available": true, "module_name": "Brocade Mobility RFS7000 Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Brocade Mobility RFS7000 Controller provides robust, highly scalable support for seamless mobility for government agencies. The innovative architecture simplifies network deployment and management, provides superior performance, security and scalability. The Brocade Mobility RFS7000 enables campus-wide roaming across subnets, and offers powerful failover capabilities, exceptional quality of service and increased voice capacity. Integrated security features include intrusion detection and protection, secure guest access and protection against denial of service attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1536", "Certificate Number": "1536", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Astro Subscriber Motorola Advanced Crypto Engine (MACE)", "Module Type": "Hardware", "Validation Date": "04/28/201107/27/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1536.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1536", "detail_available": true, "module_name": "Astro Subscriber Motorola Advanced Crypto Engine (MACE)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and configured to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The MACE cryptographic processor is used in security modules embedded in Motorola's Astro family of radio systems products. It provides secure voice and data capabilities as well as APCO Over-The-Air-Rekeying and advanced key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1535", "Certificate Number": "1535", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Astro Subscriber Motorola Advanced Crypto Engine (MACE)", "Module Type": "Hardware", "Validation Date": "04/28/201107/27/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1535.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1535", "detail_available": true, "module_name": "Astro Subscriber Motorola Advanced Crypto Engine (MACE)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and configured to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The MACE cryptographic processor is used in security modules embedded in Motorola's Astro family of radio system products. It provides secure voice and data capabilities as well as APCO Over-The-Air-Rekeying and advanced key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1534", "Certificate Number": "1534", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Nexus 7000 18 Slot", "Module Type": "Hardware", "Validation Date": "04/28/201102/23/201207/18/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1534.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1534", "detail_available": true, "module_name": "Nexus 7000 18 Slot", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Nexus 7000 Series is capable of more than 15 terabits per second (Tbps) of switching capacity and offers market-leading Gigabit Ethernet and 10 Gigabit Ethernet density. Built on a zero-service-loss hardware and software architecture, the Cisco Nexus 7000 Series offers the kind of high availability needed in a next-generation data center, in which virtualization increases the scope of downtime and Unified Fabric demands Fibre Channel-like availability to properly support storage services. The Cisco Nexus 7000 Series was built with manageability in mind and incorporate." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1533", "Certificate Number": "1533", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Nexus 7000 10 Slot", "Module Type": "Hardware", "Validation Date": "04/15/201102/23/201207/18/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1533.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1533", "detail_available": true, "module_name": "Nexus 7000 10 Slot", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Nexus 7000 Series is capable of more than 15 terabits per second (Tbps) of switching capacity and offers market-leading Gigabit Ethernet and 10 Gigabit Ethernet density. Built on a zero-service-loss hardware and software architecture, the Cisco Nexus 7000 Series offers the kind of high availability needed in a next-generation data center, in which virtualization increases the scope of downtime and Unified Fabric demands Fibre Channel-like availability to properly support storage services. The Cisco Nexus 7000 Series was built with manageability in mind and incorporate." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1532", "Certificate Number": "1532", "Vendor Name": "NetLib®", "Module Name": "NetLib® Encryptionizer® DE/FIPS", "Module Type": "Software", "Validation Date": "04/12/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1532.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1532", "detail_available": true, "module_name": "NetLib® Encryptionizer® DE/FIPS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The NetLib® Encryptionizer® DE/FIPS versions 2010.201.10.0 and 2010.501.10.0 provide encryption of data stored in server-based and desktop-based databases and files, including MS SQL Server databases and backups . It can be deployed without programming and without adding any administrative overhead. The purpose of whole database encryption is to make a database or file unusable if it is stolen, copied, downloaded, lost, or otherwise improperly accessed. It supports both 32-bit and 64-bit applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1531", "Certificate Number": "1531", "Vendor Name": "Motorola, Inc.", "Module Name": "RFS7000 RF Switch", "Module Type": "Hardware", "Validation Date": "04/12/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1531.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1531", "detail_available": true, "module_name": "RFS7000 RF Switch", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "RFS7000-GR Wireless Switch from Motorola provides robust, highly scalable support for seamless mobility for government agencies. Motorola's architecture simplifies network deployment and management, provides superior performance, security and scalability, and supports emerging RF technologies. The RFS7000-GR enables campus-wide roaming across subnets, and offers powerful failover capabilities, exceptional quality of service and increased voice capacity. Integrated security features include intrusion detection and protection, secure guest access and protection against denial of service attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1530", "Certificate Number": "1530", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "04/04/201110/10/201205/13/201312/13/201307/11/201403/20/201507/24/201508/13/201509/28/201511/18/201503/18/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1530.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1530", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1529", "Certificate Number": "1529", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 881, Cisco 881G and Cisco 891 Integrated Services Routers (ISRs)", "Module Type": "Hardware", "Validation Date": "04/01/201107/27/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1529.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1529", "detail_available": true, "module_name": "Cisco 881, Cisco 881G and Cisco 891 Integrated Services Routers (ISRs)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cisco 880, and Cisco 890 series ISRs provide Internet, VPN, voice, data, and backup capability to corporate teleworkers and remote and small offices of fewer than 20 users. These routers are capable of bridging and multiprotocol routing between LAN and WAN ports, and provide advanced features such as antivirus protection." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1528", "Certificate Number": "1528", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "03/30/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1528.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1528", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1527", "Certificate Number": "1527", "Vendor Name": "Systematic Development Group, LLC", "Module Name": "LOK-IT™ 10 KEY (Series SDG003FM) and LOK-IT™ 5 KEY (Series SDG004FP)", "Module Type": "Hardware", "Validation Date": "03/28/201110/04/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1527.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1527", "detail_available": true, "module_name": "LOK-IT™ 10 KEY (Series SDG003FM) and LOK-IT™ 5 KEY (Series SDG004FP)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "LOK-IT™ is a USB Flash drive with a multi-chip embedded cryptographic module architecture as defined by FIPS 140-2. It consists of an Initio 1861 USB controller, NAND Flash memory and a Microchip PIC16F688 security controller. The product supports 256 bit AES encryption of data stored in NAND Flash memory. The drive provides self-contained user authentication without the need for host computer applications. Two derivations of the product exist differing in the number of numeric buttons; the SDG003FM has 10 numeric buttons and the SDG004FP has 5 numeric buttons." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1526", "Certificate Number": "1526", "Vendor Name": "Lexmark International, Inc.", "Module Name": "Lexmark PrintCryption™", "Module Type": "Firmware", "Validation Date": "03/24/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1526.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1526", "detail_available": true, "module_name": "Lexmark PrintCryption™", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "Requires Option P/N 57X9000 to enable the PrintCryption firmware", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The Lexmark PrintCryption™ is an option for the Lexmark printers that enables the transfer and printing of encrypted print jobs. With the Lexmark PrintCryption™ module installed, the printer is capable of decrypting print jobs encrypted with the AES (FIPS 197) algorithm. The Lexmark PrintCryption™ analyzes the encrypted data stream, determines if the correct key was used to encrypt the data, decrypts the data and allows the document to be printed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1525", "Certificate Number": "1525", "Vendor Name": "Xirrus, Inc.", "Module Name": "Xirrus Wi-Fi Array XS4 and XS8", "Module Type": "Hardware", "Validation Date": "04/01/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1525.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1525", "detail_available": true, "module_name": "Xirrus Wi-Fi Array XS4 and XS8", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with tamper evident seals and security straps installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Xirrus Wi-Fi Array consists of 4, 8, 12, or 16 802.11abgn access points coupled to a directional antenna system, and integrated together with a multi-gigabit switch, controller, firewall, threat sensor, and spectrum analyzer into a single, easy-to-install device." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1524", "Certificate Number": "1524", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet Luna EFT", "Module Type": "Hardware", "Validation Date": "03/23/201110/04/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1524.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1524", "detail_available": true, "module_name": "SafeNet Luna EFT", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "SafeNet Luna EFT is designed for Electronic Funds Transfer (EFT) and payment system processing environments, providing powerful end-to-end security for online banking transactions and applications for credit, debit, and chip cards." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1523", "Certificate Number": "1523", "Vendor Name": "Athena Smartcard Inc.", "Module Name": "Athena IDProtect", "Module Type": "Hardware", "Validation Date": "04/05/201104/27/201106/09/201104/12/201305/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1523.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1523", "detail_available": true, "module_name": "Athena IDProtect", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "FIPS Approved algorithms (relies on loaded applications): AES (Cert. #1412); RSA (Cert. #688); SHS (Cert. #1282) IDProtect is a cryptographic module based on the Athena OS755 Java Card smart card operating system with 72Kbyte of EEPROM. IDProtect is compliant with the latest Java Card 2.2.2 and GlobalPlatform 2.1.1 specifications. IDProtect exposes PKI and biometric APIs and is designed for high performance government and enterprise smart card applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1522", "Certificate Number": "1522", "Vendor Name": "IBM® Corporation", "Module Name": "IBM LTO Generation 5 Encrypting Tape Drive", "Module Type": "Hardware", "Validation Date": "03/23/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1522.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1522", "detail_available": true, "module_name": "IBM LTO Generation 5 Encrypting Tape Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The IBM LTO Generation 5 Encrypting Tape Drive provides AES-GCM encryption of customer data recorded to tape. Both encryption and compression are implemented in the hardware for optimum performance. Two different host interface types of the LTO Generation 5 \"brick\" unit are FIPS certified as a multi-chip, standalone cryptographic module. In customer operation the \"brick\" unit may be embedded in bridge box or in a canister package for operation in a library." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1521", "Certificate Number": "1521", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 2951, Cisco 3925 and Cisco 3945 Integrated Services Routers (ISRs)", "Module Type": "Hardware", "Validation Date": "03/18/201104/04/201107/27/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1521.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1521", "detail_available": true, "module_name": "Cisco 2951, Cisco 3925 and Cisco 3945 Integrated Services Routers (ISRs)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 2951, 3925 and 3945 Integrated Services Routers are routing platforms that provide comprehensive security services including VPN for small businesses, enterprise small branch and teleworkers. The new platforms are architected to enable the next phase of branch-office evolution, providing rich media collaboration and virtualization to the branch while offering a wide-range of connectivity options." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1520", "Certificate Number": "1520", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 1905, Cisco 1921, Cisco 1941, Cisco 2901, Cisco 2911 and Cisco 2921 Integrated Services Routers (ISRs)", "Module Type": "Hardware", "Validation Date": "03/11/201104/04/201107/27/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1520.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1520", "detail_available": true, "module_name": "Cisco 1905, Cisco 1921, Cisco 1941, Cisco 2901, Cisco 2911 and Cisco 2921 Integrated Services Routers (ISRs)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident labels and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 1905, 1921, 1941, 2901, 2911 and 2921 Integrated Services Routers are routing platforms that provide comprehensive security services including VPN for small businesses, enterprise small branch and teleworkers. The new platforms are architected to enable the next phase of branch-office evolution, providing rich media collaboration and virtualization to the branch while offering a wide-range of connectivity options." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1519", "Certificate Number": "1519", "Vendor Name": "Code Corporation", "Module Name": "Code Reader 2500 FIPS and Code Reader 3500 FIPS", "Module Type": "Hardware", "Validation Date": "03/11/201104/04/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1519.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1519", "detail_available": true, "module_name": "Code Reader 2500 FIPS and Code Reader 3500 FIPS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Code Corporation’s Code Reader 2500 FIPS or Code Reader 3500 FIPS bar code readers, when used in conjunction with a CodeXML® FIPS Bluetooth® Modem, provide an encrypted wireless bar code reading solution with a working range of up to 300 feet. Code Corporation’s FIPS bar code readers employ a FIPS approved AES-256 algorithm to generate per session keys to encrypt data and a separate key to encrypt overhead communications ensure that the connection between modem and bar code reader is highly secure. The FIPS code has been optimized to provide line speed communications over the wireless link." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1518", "Certificate Number": "1518", "Vendor Name": "GDC Technology (USA), LLC", "Module Name": "IMB", "Module Type": "Hardware", "Validation Date": "03/11/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1518.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1518", "detail_available": true, "module_name": "IMB", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "A digital cinema media block designed to be compliant with DCI specifications and SMPTE digital cinema standards. The supported features include JPEG2000 decoding, AES decryption, key management, ASM communications and logging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1517", "Certificate Number": "1517", "Vendor Name": "Aruba Networks, Inc.", "Module Name": "Aruba 3000 and 6000/M3 Mobility Controllers with ArubaOS Firmware", "Module Type": "Hardware", "Validation Date": "03/11/201107/19/201102/06/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1517.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1517", "detail_available": true, "module_name": "Aruba 3000 and 6000/M3 Mobility Controllers with ArubaOS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba Networks' Mobility Controller system completely changes how 802.11 networks are deployed, secured, and managed. The only mobile security system with an integrated ICSA-certified stateful firewall and hardware-based encryption, the Aruba mobility controller is the industry's highest performing and most scalable enterprise mobility platform on the market today. Aruba offers the industry's only modular and stackable mobility controllers from every enterprise environment. Now, administrators are freed from the costly and time-consuming process of managing individual APs. And as security stan" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1516", "Certificate Number": "1516", "Vendor Name": "Utimaco Inc.", "Module Name": "Enterprise Secure Key Manager", "Module Type": "Hardware", "Validation Date": "03/11/201109/19/201101/25/201612/21/201712/04/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1516.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1516", "detail_available": true, "module_name": "Enterprise Secure Key Manager", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Enterprise Secure Key Manager (ESKM) automates key generation and management. It is a hardened security appliance delivering identity-based access, administration, and logging. Additionally, the ESKM provides reliable lifetime key archival with automatic multi-site key replication and failover capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1515", "Certificate Number": "1515", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Motorola PTP 600 Series", "Module Type": "Hardware", "Validation Date": "03/09/201103/28/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1515.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1515", "detail_available": true, "module_name": "Motorola PTP 600 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "PTP 600 Series Ethernet bridges offer high performance connectivity and backhaul in challenging non-line-of-sight environments. With carrier-grade reliability, PTP 600 links have class-leading sensitivity and power output which enable links to go farther, while sustaining high throughput regardless of conditions. With data rates up to 300 Mbps and reaching distances up to 124 miles, this Series of high-performance and secure wireless bridges make cost-effective connectivity and backhaul a reality for a wide range of enterprises, service providers and public safety organizations." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1514", "Certificate Number": "1514", "Vendor Name": "Apple Inc.", "Module Name": "Apple FIPS Cryptographic Module", "Module Type": "Software", "Validation Date": "03/09/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1514.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1514", "detail_available": true, "module_name": "Apple FIPS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Mac OS X's security services are built using the open source Common Data Security Architecture. CDSA is a set of layered security services in which the AppleCSP provides the cryptography for services such as FileVault, Encrypted Disk Images, Keychains, Safari, Mail, etc." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1513", "Certificate Number": "1513", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet Encryptor, Model 600", "Module Type": "Hardware", "Validation Date": "03/04/201106/21/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1513.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1513", "detail_available": true, "module_name": "SafeNet Encryptor, Model 600", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. Refer to the cryptographic module's security policy for the details on the letter i, p and x designations.", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeNet Encryptor provides data privacy and access control for connections between vulnerable public and private SONET/SDH or Ethernet networks. It employs FIPS approved AES and Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in SONET 155 MB (OC-3), 622 MB (OC-12), 1.0 GB, and 2.4 GB (OC-48) networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1512", "Certificate Number": "1512", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet Encryptor, Model 650", "Module Type": "Hardware", "Validation Date": "03/04/201106/21/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1512.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1512", "detail_available": true, "module_name": "SafeNet Encryptor, Model 650", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode. Refer to the cryptographic module’s security policy for the details on the letter p designations.", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeNet Encryptor provides data privacy and access control for connections between vulnerable public and private SONET/SDH networks or 10G Ethernet networks. It employs federally endorsed AES and Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in a SONET OC-192 network or 10G Ethernet network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1511", "Certificate Number": "1511", "Vendor Name": "Cavium Networks", "Module Name": "NITROX XL 1600-NFBE HSM Family", "Module Type": "Hardware", "Validation Date": "03/04/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1511.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1511", "detail_available": true, "module_name": "NITROX XL 1600-NFBE HSM Family", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The NITROX XL 1600-NFBE HSM adapter family delivers the world’s fastest FIPS 140-2 Level 3 Hardware Security Module (HSM) with PCIe Gen 2.0. The NITROX XL family of adapters offers up to 45,000 RSA operations per second and 5 Gbps of bulk crypto performance and is certified to the stringent US Government security standards. This FIPS family delivers an unmatched solution to the increasing performance, cryptographic and time to market requirements of the financial, government and healthcare vertical markets" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1510", "Certificate Number": "1510", "Vendor Name": "F-Secure Corporation", "Module Name": "F-Secure Kernel Mode Cryptographic Driver for Linux", "Module Type": "Software", "Validation Date": "03/02/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1510.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1510", "detail_available": true, "module_name": "F-Secure Kernel Mode Cryptographic Driver for Linux", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The F-Secure Cryptographic Library is a software module for Red Hat Enterprise Linux v5 . The module provides an assortment of cryptographic services accessible for clients through a C/C++ Application Programming Interface. The modules are designed and implemented to meet the Level 1 requirements of FIPS publication 140-2 when running on a GPC under Red Hat Enterprise Linux v5 ." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1509", "Certificate Number": "1509", "Vendor Name": "Code Corporation", "Module Name": "CodeXML® FIPS Bluetooth® Modem", "Module Type": "Hardware", "Validation Date": "03/02/201104/04/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1509.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1509", "detail_available": true, "module_name": "CodeXML® FIPS Bluetooth® Modem", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Code Corporation’s CodeXML® FIPS Bluetooth® Modem, when used in conjunction with the Code Reader 2500 FIPS or Code Reader 3500 FIPS bar code readers, provides an encrypted wireless bar code reading solution with a working range of up to 300 feet. The CodeXML® FIPS Bluetooth® Modem employs a FIPS approved AES-256 algorithm with per session keys to ensure that the connection between modem and bar code reader is highly secure. The FIPS code has been optimized to provide line speed communications over the wireless link." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1508", "Certificate Number": "1508", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "ASTRO CDEM Motorola Advanced Crypto Engine (MACE)", "Module Type": "Hardware", "Validation Date": "03/02/201101/30/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1508.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1508", "detail_available": true, "module_name": "ASTRO CDEM Motorola Advanced Crypto Engine (MACE)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The ASTRO CDEM MACE provides secure key management and data encryption for the Astro System." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1507", "Certificate Number": "1507", "Vendor Name": "F-Secure Corporation", "Module Name": "F-Secure Kernel Mode Cryptographic Driver", "Module Type": "Software", "Validation Date": "03/02/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1507.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1507", "detail_available": true, "module_name": "F-Secure Kernel Mode Cryptographic Driver", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The F-Secure Kernel Mode Cryptographic Driver is a FIPS 140-2 Level 1 validated software module, implemented as a 32-bit Windows Server 2008, 2008 R2, and Windows 7 compatible export driver. When loaded into computing system memory, it resides at the kernel mode level of the Windows OS and provides an assortment of cryptographic services that are accessible by other kernel mode drivers through a C-language Application Program Interface." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1506", "Certificate Number": "1506", "Vendor Name": "", "Module Name": "", "Module Type": "Software", "Validation Date": "02/28/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1506.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1506", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "module_type": "Software", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1505", "Certificate Number": "1505", "Vendor Name": "IBM® Corporation", "Module Name": "IBM 4765 Cryptographic Coprocessor Security Module", "Module Type": "Hardware", "Validation Date": "02/24/201112/21/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1505.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1505", "detail_available": true, "module_name": "IBM 4765 Cryptographic Coprocessor Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 4, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The IBM 4765 Cryptographic Coprocessor Security Module, is a tamper responding, programmable, cryptographic PCIe card, containing CPU, encryption hardware, RAM, persistant memory, hardware random number generator, time of day clock, firmware, and software. The Coprocessor is designed as a feature in the IBM System z server." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1504", "Certificate Number": "1504", "Vendor Name": "DataLocker Inc.", "Module Name": "DataLocker Enterprise, V2.0 (DataLocker DL2)", "Module Type": "Hardware", "Validation Date": "02/24/201103/01/201106/10/201607/05/201608/01/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1504.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1504", "detail_available": true, "module_name": "DataLocker Enterprise, V2.0 (DataLocker DL2)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The DataLocker Enterprise (also named DataLocker DL2) is a fully platform independent, portable encrypted hard drive. Compatible with MAC, Windows and Linux systems, the DataLocker operates without any host based software or drivers. It utilizes an embedded LCD touch screen interface for all authentication and administrative functions. The device is fully 256bit AES CBC Mode encrypted via a dedicated crypto engine." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1503", "Certificate Number": "1503", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module", "Module Type": "Software", "Validation Date": "02/24/201103/28/201109/19/201101/23/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1503.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1503", "detail_available": true, "module_name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS140_MODE or FIPS140_SSL_MODE and initialized with Level 2 Authentication", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSA BSAFE® Crypto-J security software is designed to help protect sensitive data as it is stored using encryption techniques to provide a persistent level of protection. RSA BSAFE® Crypto-J supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1502", "Certificate Number": "1502", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module", "Module Type": "Software", "Validation Date": "02/24/201103/28/201109/19/201101/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1502.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1502", "detail_available": true, "module_name": "RSA BSAFE® Crypto-J JSAFE and JCE Software Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS140_MODE or FIPS140_SSL_MODE", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSA BSAFE® Crypto-J security software is designed to help protect sensitive data as it is stored using encryption techniques to provide a persistent level of protection. RSA BSAFE® Crypto-J supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1501", "Certificate Number": "1501", "Vendor Name": "ActivIdentity, Inc.", "Module Name": "Cryptographic Module for F5 and C5", "Module Type": "Software", "Validation Date": "02/24/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1501.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1501", "detail_available": true, "module_name": "Cryptographic Module for F5 and C5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "ActivIdentity F5 and C5 software development kits are designed to enable vendors to incorporate cryptographic-based technologies into their physical access control applications. The F5 SDK enables physical access strong authentication using FIPS 201 PIV smart cards, in compliance with the authentication modes described in NIST Special Publication 800-116. The C5 SDK enables strong authentication in the case of standalone electronic locks and physical access control systems, by writing digitally signed privileges to and from smart cards.", "algorithms": [ "AES", "DES", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1500", "Certificate Number": "1500", "Vendor Name": "Pragma Systems, Inc.", "Module Name": "Pragma Systems Cryptographic Module", "Module Type": "Software", "Validation Date": "02/10/201108/29/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1500.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1500", "detail_available": true, "module_name": "Pragma Systems Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Microsoft Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Certs. #1012, #1010 and #1002 operating in FIPS mode and Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) validated to FIPS 140-2 under Certs. #1009, #1003 and #875 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Pragma Systems Cryptographic Module is a dynamically linked library that provides the cryptographic abstraction used in the Pragma Fortress Secure Shell (SSH) products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1499", "Certificate Number": "1499", "Vendor Name": "Palo Alto Networks", "Module Name": "PA-500, PA-2000 Series and PA-4000 Series Firewalls", "Module Type": "Hardware", "Validation Date": "02/10/201106/21/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1499.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1499", "detail_available": true, "module_name": "PA-500, PA-2000 Series and PA-4000 Series Firewalls", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Palo Alto Network's next-generation firewalls provide network security by enabling enterprises to see and control applications, users, and content - not just ports, IP addresses, and packets - using three unique identification technologies: App-ID, User-ID, and Content-ID. These identification technologies, found in Palo Alto Networks' enterprise firewalls, enable enterprises to create business-relevant security policies - safely enabling organizations to adopt new applications, instead of the traditional \"all-or-nothing\" approach offered by traditional port-blocking firewalls." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1498", "Certificate Number": "1498", "Vendor Name": "SafeNet, Inc.", "Module Name": "DataSecure Appliance i150 and i450", "Module Type": "Hardware", "Validation Date": "04/01/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1498.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1498", "detail_available": true, "module_name": "DataSecure Appliance i150 and i450", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeNet DataSecure Appliance is a dedicated hardware product designed specifically for security and cryptographic processing, allowing organizations to protect structured and unstructured data, from within the data center out to remote locations, and ensure compliance with legislative and policy mandates for security. With its capabilities for granular encryption, seamless integration, and centralized key and policy management, DataSecure enables organizations to guard against a range of security threats, with unparalleled ease and cost effectiveness." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1497", "Certificate Number": "1497", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Secure Access Control Server (ACS) FIPS module (NSS)", "Module Type": "Software", "Validation Date": "02/10/201102/23/201204/05/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1497.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1497", "detail_available": true, "module_name": "Cisco Secure Access Control Server (ACS) FIPS module (NSS)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Cisco Secure Access Control Server (ACS) FIPS module (NSS) Version 3.12.5 is a software cryptographic library that provides cryptographic services to the Cisco Access Control Server (ACS) application. The Cisco ACS FIPS module (NSS) is a general-purpose cryptographic library, with an API based on the industry standard PKCS #11 version 2.20." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1496", "Certificate Number": "1496", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Secure Access Control Server (ACS) FIPS module (cryptolib)", "Module Type": "Software", "Validation Date": "02/10/201104/27/201102/23/201206/21/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1496.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1496", "detail_available": true, "module_name": "Cisco Secure Access Control Server (ACS) FIPS module (cryptolib)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Cisco Secure ACS FIPS Module Version 1.1 is a software cryptographic library that provides cryptographic services to the Cisco Access Control Server (ACS) application. The Secure ACS FIPS module provides FIPS compliant cryptography supporting AAA for IEEE 802.11i security (WPA2) with EAP protocols like EAP-TLS, EAP-FAST, PEAP with RADIUS Key Wrap functionalities, Cisco TrustSec (CTS), and 802.1x-rev." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1495", "Certificate Number": "1495", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "02/28/201106/08/201210/15/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1495.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1495", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1494", "Certificate Number": "1494", "Vendor Name": "Sony Corporation", "Module Name": "Sony Security Module", "Module Type": "Hardware", "Validation Date": "03/21/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1494.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1494", "detail_available": true, "module_name": "Sony Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Sony Security Module (SSM) is cryptographic module to provide decryption, decoding/encoding of audio/video data for the digital cinema projector system in which it is being employed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1493", "Certificate Number": "1493", "Vendor Name": "Sony Corporation", "Module Name": "Sony Security Module", "Module Type": "Hardware", "Validation Date": "03/21/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1493.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1493", "detail_available": true, "module_name": "Sony Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Sony Security Module (SSM) is cryptographic module to provide decryption, decoding/encoding of audio/video data for the digital cinema projector system in which it is being employed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1492", "Certificate Number": "1492", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® z/OS® Version 1 Release 11 System SSL Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "02/04/201104/12/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1492.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1492", "detail_available": true, "module_name": "IBM® z/OS® Version 1 Release 11 System SSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "System SSL is a set of generic services provided in z/OS to protect TCP/IP communications using the SSL/TLS protocol. System SSL is exploited by many SSL enabled servers and clients in z/OS to meet the transport security constraints required in an On Demand environment. The System SSL APIs are also externalized to customer applications. System SSL has evolved through the latest releases of z/OS to support the new TLS (Transaction Layer Security) standard, to reach an unmatched level of performance and to extend the APIs available to applications to new functions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1491", "Certificate Number": "1491", "Vendor Name": "Hughes Network Systems, LLC", "Module Name": "HX280 Broadband Satellite Router", "Module Type": "Hardware", "Validation Date": "01/28/201108/09/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1491.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1491", "detail_available": true, "module_name": "HX280 Broadband Satellite Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Hughes HX280 Mesh/Star Broadband Router is a high-performance satellite router that enables carrier-grade broadband Internet Protocol services with enhanced security protecting all data, management, and signaling traffic over the satellite network, while still enabling the use of all Hughes satellite acceleration features, as well as Hughes' advanced routing, prioritization, and access control capabilities.", "algorithms": [ "AES", "DSA", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1490", "Certificate Number": "1490", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Key Variable Loader (KVL) 4000 PIKE2", "Module Type": "Hardware", "Validation Date": "01/28/201106/01/201103/14/201212/07/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1490.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1490", "detail_available": true, "module_name": "Key Variable Loader (KVL) 4000 PIKE2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The KVL 4000 PIKE2 provides security services for the KVL 4000. The KVL 4000 is a portable key distribution device that consists of a Personal Digital Assistant (PDA) and Security Adapter that connects to the PDA." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1489", "Certificate Number": "1489", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Key Variable Loader (KVL) 4000 PIKE2", "Module Type": "Hardware", "Validation Date": "01/28/201106/01/201103/14/201212/07/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1489.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1489", "detail_available": true, "module_name": "Key Variable Loader (KVL) 4000 PIKE2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The KVL 4000 PIKE2 provides security services for the KVL 4000. The KVL 4000 is a portable key distribution device that consists of a Personal Digital Assistant (PDA) and Security Adapter that connects to the PDA." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1488", "Certificate Number": "1488", "Vendor Name": "Schweitzer Engineering Laboratories, Inc.", "Module Name": "SEL-3045", "Module Type": "Hardware", "Validation Date": "01/28/201102/06/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1488.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1488", "detail_available": true, "module_name": "SEL-3045", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SEL-3045 Secure SCADA Card provides strong cryptographic security to a variety of communications networks. It protects point-to-point, multi-drop, and many-to-many networks. The SEL-3045 secures all byte oriented serial protocols including popular SCADA or PCS protocols like DNP and MODBUS common to PLC, IED and RTU products. It quickly integrates into serial communication networks including modem and data radio." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1487", "Certificate Number": "1487", "Vendor Name": "Athena Smartcard Inc.", "Module Name": "Athena IDProtect Duo PIV", "Module Type": "Hardware", "Validation Date": "01/28/201104/12/201302/06/201405/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1487.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1487", "detail_available": true, "module_name": "Athena IDProtect Duo PIV", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The Athena IDProtect Duo PIV cryptographic module is compliant with FIPS 201 as an end point compliant card. The PIV application is hosted by the Athena IDProtect dual interface smart card operating system compliant with the Java Card 2.2.2 and GlobalPlatform 2.1.1 specifications and FIPS 140-2 Level 3 (Level 4 for physical security). IDProtect supports FIPS approved Random Number Generator, TDES, AES, SHA-1, SHA-256, and RSA up to 2048 bits including on board key generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1486", "Certificate Number": "1486", "Vendor Name": "Hewlett-Packard Company", "Module Name": "HP LTO-5 Tape Drive", "Module Type": "Hardware", "Validation Date": "01/28/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1486.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1486", "detail_available": true, "module_name": "HP LTO-5 Tape Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "HP LTO-5 Tape Drive sets new standards for capacity, performance, and manageability. The HP LTO-5 represents HP's fifth-generation of LTO tape drive technology capable of storing up to 3TB per cartridge while providing enterprise tape drive monitoring and management capabilities with HP TapeAssure and AES 256-bit hardware data encryption, easy-to-enable security to protect the most sensitive data and prevent unauthorized access of tape cartridges. Capable of data transfer rates up to 280MB/sec, HP's exclusive Data Rate Matching feature further optimizes performance by matching speed of host to" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1485", "Certificate Number": "1485", "Vendor Name": "Hughes Network Systems, LLC", "Module Name": "Hughes Crypto Kernel - Firmware", "Module Type": "Firmware", "Validation Date": "01/11/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1485.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1485", "detail_available": true, "module_name": "Hughes Crypto Kernel - Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The Hughes Crypto Kernel (HCK) is a FIPS 140-2 Level 1 cryptographic module available for the Hughes HN and HX systems. The HCK enables the use of end-to-end bidirectional encryption between a remote site and the enterprise data center, while still enabling the use of all Hughes satellite acceleration features, as well as Hughes' advanced routing, prioritization and access control capabilities. The HCK uses AES 256 bit encryption to encrypt user traffic, uses IKE to dynamically generate session keys used for encryption, and ensures message authentication and integrity using HMAC-SHA-256.", "algorithms": [ "AES", "DSA", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1484", "Certificate Number": "1484", "Vendor Name": "Hughes Network Systems, LLC", "Module Name": "Hughes Crypto Kernel", "Module Type": "Software", "Validation Date": "01/11/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1484.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1484", "detail_available": true, "module_name": "Hughes Crypto Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Hughes Crypto Kernel (HCK) is a FIPS 140-2 Level 1 cryptographic module available for the Hughes HN and HX systems. The HCK enables the use of end-to-end bidirectional encryption between a remote site and the enterprise data center, while still enabling the use of all Hughes satellite acceleration features, as well as Hughes' advanced routing, prioritization and access control capabilities. The HCK uses AES 256 bit encryption to encrypt user traffic, uses IKE to dynamically generate session keys used for encryption, and ensures message authentication and integrity using HMAC-SHA-256.", "algorithms": [ "AES", "DSA", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1483", "Certificate Number": "1483", "Vendor Name": "Riverbed Technology, Inc.", "Module Name": "Steelhead 3020, Steelhead 3520, Steelhead 5520 and Steelhead 6020 Appliances", "Module Type": "Hardware", "Validation Date": "01/11/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1483.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1483", "detail_available": true, "module_name": "Steelhead 3020, Steelhead 3520, Steelhead 5520 and Steelhead 6020 Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and security panels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Steelhead family of appliances provides application acceleration and accelerated data transfer over a wide area network (WAN), overcoming bandwidth and geographical limitations to improve productivity and enable global collaboration." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1482", "Certificate Number": "1482", "Vendor Name": "Riverbed Technology, Inc.", "Module Name": "Steelhead 5050 and Steelhead 6050 Appliances", "Module Type": "Hardware", "Validation Date": "01/11/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1482.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1482", "detail_available": true, "module_name": "Steelhead 5050 and Steelhead 6050 Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and security panels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Steelhead family of appliances provides application acceleration and accelerated data transfer over a wide area network (WAN), overcoming bandwidth and geographical limitations to improve productivity and enable global collaboration." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1481", "Certificate Number": "1481", "Vendor Name": "Riverbed Technology, Inc.", "Module Name": "Steelhead 520, Steelhead 1020, Steelhead 1520 and Steelhead 2020 Appliances", "Module Type": "Hardware", "Validation Date": "01/11/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1481.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1481", "detail_available": true, "module_name": "Steelhead 520, Steelhead 1020, Steelhead 1520 and Steelhead 2020 Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and security panels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Steelhead family of appliances provides application acceleration and accelerated data transfer over a wide area network (WAN), overcoming bandwidth and geographical limitations to improve productivity and enable global collaboration." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1480", "Certificate Number": "1480", "Vendor Name": "Riverbed Technology, Inc.", "Module Name": "Steelhead 1050 and Steelhead 2050 Appliances", "Module Type": "Hardware", "Validation Date": "01/11/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1480.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1480", "detail_available": true, "module_name": "Steelhead 1050 and Steelhead 2050 Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and security panels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Steelhead family of appliances provides application acceleration and accelerated data transfer over a wide area network (WAN), overcoming bandwidth and geographical limitations to improve productivity and enable global collaboration." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1479", "Certificate Number": "1479", "Vendor Name": "Imation Corp.", "Module Name": "Imation S200/D200", "Module Type": "Hardware", "Validation Date": "01/07/201108/09/201109/19/201110/04/201110/26/201104/24/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1479.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1479", "detail_available": true, "module_name": "Imation S200/D200", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "Files distributed with the module mounted within the internal CD Drive are excluded from validation", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The IronKey Secure Flash Drives include a high-speed hardware-based 256 Bit AES cryptography engine for encrypting and decrypting NAND flash and RAM buffers via USB. It also includes RSA, HMAC, SHA-256, SHA-1, and RNG algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1478", "Certificate Number": "1478", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SRX100, SRX210, SRX240 and SRX650 Services Gateways", "Module Type": "Hardware", "Validation Date": "01/05/201101/20/201112/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1478.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1478", "detail_available": true, "module_name": "Juniper Networks SRX100, SRX210, SRX240 and SRX650 Services Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Juniper Networks SRX100, SRX210, SRX240 and SRX650 Services Gateways are secure routers that provide essential capabilities that connect, secure, and manage work force locations. By consolidating fast, highly available switching, routing, security, and applications capabilities in a single device, enterprises can economically deliver new services, safe connectivity, and a satisfying end user experience. Supports Firewall, IPsec VPN and IPS." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1477", "Certificate Number": "1477", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks LN1000 Mobile Secure Router", "Module Type": "Hardware", "Validation Date": "01/05/201112/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1477.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1477", "detail_available": true, "module_name": "Juniper Networks LN1000 Mobile Secure Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seals and security device installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Juniper Networks LN1000 Mobile Secure Router is an edge access router that delivers a high-performance routing firewall and intrusion detection service (IDS). The LN1000 addresses the growing demand for a network access presence in military, first responder and transportation vehicles, mining and exploration equipment, unmanned aircraft, and power grids." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1476", "Certificate Number": "1476", "Vendor Name": "3e Technologies International, Inc.", "Module Name": "3e-525A-3, 3e-525A-3EP, 3e-525A-3MP, 3e-525V-3 and 3e-525Ve-4 AirGuard™ Wireless Access Points", "Module Type": "Hardware", "Validation Date": "01/05/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1476.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1476", "detail_available": true, "module_name": "3e-525A-3, 3e-525A-3EP, 3e-525A-3MP, 3e-525V-3 and 3e-525Ve-4 AirGuard™ Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The AirGuard™ model 525A-3 and model 525V-3/4 Wireless Access Points are packaged in rugged IP 66 weatherproof enclosure and conforms to 802.11a/b/g wireless standards. They provide access point, gateway, bridge/repeater, and mesh networking for wireless applications. In access point or gateway mode, the 525A-3 can establish links to laptops, PDAs and other wireless devices at data rates from 11 Mbps up to 108 Mbps. The 525V-3/4 incorporates an extra video module to provide capability for remote video surveillance and camera control." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1475", "Certificate Number": "1475", "Vendor Name": "Wind River Systems, Inc.", "Module Name": "Network Security Services (NSS)", "Module Type": "Software", "Validation Date": "12/28/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1475.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1475", "detail_available": true, "module_name": "Network Security Services (NSS)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards.", "algorithms": [ "DES", "ECDH", "ECDSA", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1474", "Certificate Number": "1474", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "Connectra", "Module Type": "Firmware", "Validation Date": "12/28/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1474.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1474", "detail_available": true, "module_name": "Connectra", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "Check Point Connectra that unifies SSL VPN, IPSec VPN, and integrated intrusion prevention for secure connectivity for mobile and remote workers while protecting enterprise networks and endpoints from external threats. Connectra includes centralized management and DynamicID SMS authentication." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1473", "Certificate Number": "1473", "Vendor Name": "Adara Networks, Inc.", "Module Name": "OpenSSL NPX Cryptographic Module", "Module Type": "Software", "Validation Date": "12/28/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1473.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1473", "detail_available": true, "module_name": "OpenSSL NPX Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Adara Networks product is an open standards and open architecture based full stack router that provides high performance multipath routing capabilities, end to end QOS, data interoperability, virtualization web services, federation of databases, and a secure cloud computing platform for inter-enterprise collaborations. It can be visualized as a transparent performance overlay network which improves performance and provides innovative features and tightened security over a legacy network infrastructure." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1472", "Certificate Number": "1472", "Vendor Name": "Enova Technology Corporation", "Module Name": "X-Wall MX-256C", "Module Type": "Hardware", "Validation Date": "12/28/201012/05/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1472.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1472", "detail_available": true, "module_name": "X-Wall MX-256C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The patented X-Wall MX-256C (MX-256C) ASIC is the 7th gen of Enova X-Wall real-time Full Disk Encryption technology. Engineered specifically to encrypt entire drive (MBR, FAT, and OS) at SATA wire speed (sustained AES 256-bit throughput of 120MB/sec). MX-256C, a SATA to SATA chip engineered to include the full SATA protocol stacks, is transparent to host/drive. Authentication is separated from the core design of the MX-256C and can be versatile which may include Smartcard, Pre-boot PIN, TPM or Fingerprint. The MX-256C contains no NVM. Therefore at each power on reset authentication is needed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1471", "Certificate Number": "1471", "Vendor Name": "Enova Technology Corporation", "Module Name": "X-Wall MX-256", "Module Type": "Hardware", "Validation Date": "12/28/201012/05/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1471.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1471", "detail_available": true, "module_name": "X-Wall MX-256", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The patented X-Wall MX-256 (MX-256) ASIC is the 7th gen of Enova X-Wall real-time Full Disk Encryption technology. Engineered specifically to encrypt entire drive (MBR, FAT, and OS) at SATA wire speed (sustained AES 256-bit throughput of 120MB/sec).MX-256, a SATA to SATA chip engineered to include the full SATA protocol stacks, is transparent to host/drive. Authentication is separated from the core design of the MX-256 and can be versatile which may include Smartcard, Pre-boot PIN, TPM or Fingerprint. The MX-256 contains no NVM. Therefore at each power on reset authentication is needed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1470", "Certificate Number": "1470", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® z/OS® Version 1 Release 11 ICSF PKCS#11 Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "12/28/201006/01/201110/04/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1470.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1470", "detail_available": true, "module_name": "IBM® z/OS® Version 1 Release 11 ICSF PKCS#11 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "The ICSF PKCS #11 module consists of software-based cryptographic algorithms, as well as symmetric and hashing algorithms provided by the CP Assist for Cryptographic Function (CPACF) and RSA Hardware clear key modular math cryptography provided through the Crypto Express3 card (CEX3A). The RSA hardware support is accessed through auxiliary module CSFINPVT which acts as a pipe between ICSF PKCS #11 and the cryptographic cards." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1469", "Certificate Number": "1469", "Vendor Name": "JVC KENWOOD Corporation", "Module Name": "Secure Cryptographic Module (SCM)", "Module Type": "Hardware", "Validation Date": "12/28/201012/07/201101/31/201204/02/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1469.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1469", "detail_available": true, "module_name": "Secure Cryptographic Module (SCM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Secure Cryptographic Module (SCM) meets overall FIPS 140-2 Level 1 requirements providing KENWOOD radios secure and encrypted digital communication. The SCM supports 256 bit key AES encryption as well as DES encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1468", "Certificate Number": "1468", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI 7000 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "12/28/201002/10/201112/03/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1468.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1468", "detail_available": true, "module_name": "Luna® PCI 7000 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and configured to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Luna® PCI offers dedicated hardware key management to protect sensitive cryptographic keys from attack. The high-security hardware design ensures the integrity and protection of encryption keys throughout their life cycle. All digital signing and verification operations are performed within the HSM to increase performance and maintain security. Luna® PCI HSMs provide hardware secured key generation, storage, secure key backup and accelerated encryption in a range of models and configurations offering a wide selection of security, performance and operational capabilities.", "algorithms": [ "AES", "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1467", "Certificate Number": "1467", "Vendor Name": "Motorola, Inc.", "Module Name": "Motorola EMS Cryptographic Module", "Module Type": "Firmware", "Validation Date": "12/21/201011/17/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1467.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1467", "detail_available": true, "module_name": "Motorola EMS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The Motorola EMS Cryptographic Module provides FIPS 140-2 Level 1 certified encryption and security practices to protect data sensitive transmission between the Motorola Embedded deices which include cordless scanners, cradles and terminals." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1466", "Certificate Number": "1466", "Vendor Name": "Motorola, Inc.", "Module Name": "Motorola EMS Cryptographic Module", "Module Type": "Software", "Validation Date": "12/21/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1466.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1466", "detail_available": true, "module_name": "Motorola EMS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Motorola EMS Cryptographic Module provides FIPS 140-2 Level 1 certified encryption and security practices to protect data sensitive transmission between the Motorola Embedded deices which include cordless scanners, cradles and terminals." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1465", "Certificate Number": "1465", "Vendor Name": "Motorola, Inc.", "Module Name": "Key Variable Loader (KVL) 4000 PIKE", "Module Type": "Hardware", "Validation Date": "12/21/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1465.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1465", "detail_available": true, "module_name": "Key Variable Loader (KVL) 4000 PIKE", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The KVL 4000 PIKE provides security services for the KVL 4000. The KVL 4000 is a portable key distribution device that consists of a Personal Digital Assistant (PDA) and Security Adapter that connects to the PDA." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1464", "Certificate Number": "1464", "Vendor Name": "Motorola, Inc.", "Module Name": "Key Variable Loader (KVL) 4000 PIKE", "Module Type": "Hardware", "Validation Date": "12/21/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1464.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1464", "detail_available": true, "module_name": "Key Variable Loader (KVL) 4000 PIKE", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The KVL 4000 PIKE provides security services for the KVL 4000. The KVL 4000 is a portable key distribution device that consists of a Personal Digital Assistant (PDA) and Security Adapter that connects to the PDA." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1463", "Certificate Number": "1463", "Vendor Name": "Symantec Corporation", "Module Name": "Encryption Plus Cryptographic Library", "Module Type": "Software", "Validation Date": "12/21/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1463.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1463", "detail_available": true, "module_name": "Encryption Plus Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Encryption Plus Cryptographic Library (EPCL) provides cryptographic services to the Symantec Corporation for Symantec, GuardianEdge, Encryption Anywhere, and Encryption Plus families of data protection products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1462", "Certificate Number": "1462", "Vendor Name": "Adara Networks, Inc.", "Module Name": "Kernel NPX Cryptographic Module", "Module Type": "Software", "Validation Date": "12/21/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1462.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1462", "detail_available": true, "module_name": "Kernel NPX Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Adara Networks product is an open standards and open architecture based full stack router that provides high performance multipath routing capabilities, end to end QOS, data interoperability, virtualization web services, federation of databases and a secure cloud computing platform for inter-enterprise collaborations. It can be visualized as a transparent performance overlay network which improves performance and provides innovative features and tightened security over a legacy network infrastructure." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1461", "Certificate Number": "1461", "Vendor Name": "Neopost Technologies", "Module Name": "NETSET2 PSD", "Module Type": "Hardware", "Validation Date": "12/09/201007/05/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1461.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1461", "detail_available": true, "module_name": "NETSET2 PSD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Neopost PSD (Postal Secure Device) for Middle to High Range Franking Machines." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1460", "Certificate Number": "1460", "Vendor Name": "IBM Internet Security Systems, Inc.", "Module Name": "Proventia GX Series Security Appliances", "Module Type": "Hardware", "Validation Date": "11/29/201012/07/201104/02/201204/24/201202/14/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1460.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1460", "detail_available": true, "module_name": "Proventia GX Series Security Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "With Firmware Version 3.1, 4.1 or 4.3 and with the tamper evidence seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The IBM Proventia Network Intrusion Prevention System (IPS) stops Internet threats before they impact your business and delivers protection to all three layers of the network: core, perimeter and remote segments. Preemptive protection, or protection that works ahead of the threat, is available from IBM Internet Security Systems through its proprietary combination of line-speed performance, security intelligence and a modular protection engine that enables security convergence." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1459", "Certificate Number": "1459", "Vendor Name": "Morpho - e-Documents Division", "Module Name": "ypsID", "Module Type": "Hardware", "Validation Date": "11/29/201004/06/201107/19/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1459.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1459", "detail_available": true, "module_name": "ypsID", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The ypsid common cryptographic module lies at the core of the Sagem Orga authentication and signature tokens for corporate employees, civil servants, and e-commerce / e-banking online clients. This module is the base for : ypsid SmartCard S2 converged smart card access badges with PKI, minex II approved biometric fingerprint Match-on-card and One time password (OTP) and ypsid Keys: E*, E1, and E2 USB cryptographic keys presenting driverless and zero footprint two factor OTP authentication and digital signature." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1458", "Certificate Number": "1458", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "11/23/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1458.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1458", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1457", "Certificate Number": "1457", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "ASTRO Subscriber Universal Crypto Module (UCM)", "Module Type": "Hardware", "Validation Date": "11/29/201001/31/201103/28/201107/05/201101/30/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1457.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1457", "detail_available": true, "module_name": "ASTRO Subscriber Universal Crypto Module (UCM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Encryption modules used in Motorola Astro family of radios. Provides secure voice and data capabilities as well as APCO Over-the-Air-Rekeying and advanced key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1456", "Certificate Number": "1456", "Vendor Name": "ARX (Algorithmic Research)", "Module Name": "PrivateServer", "Module Type": "Hardware", "Validation Date": "11/29/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1456.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1456", "detail_available": true, "module_name": "PrivateServer", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The PrivateServer is a high-performance cryptographic service provider. PrivateServer performs high-speed cryptographic operations while protecting sensitive data. Its features include Triple-DES, AES, Triple-DES-MAC, HMAC, RSA, ECDSA, SHA-1, SHA-256, SHA-384, SHA-512, public key database and certificate support, authenticated and encrypted communication with the module, secure storage of secret/private keys, software key medium and smartcard support, tamper-responsive enclosure, high level API requiring no cryptographic expertise, in-depth logging and auditing, and secure backup capability." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1455", "Certificate Number": "1455", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "7206VXR NPE-G2 with VSA", "Module Type": "Hardware", "Validation Date": "11/29/201007/27/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1455.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1455", "detail_available": true, "module_name": "7206VXR NPE-G2 with VSA", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cisco Modular Access Routers are routers that provide data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1454", "Certificate Number": "1454", "Vendor Name": "Research In Motion Ltd.", "Module Name": "BlackBerry Cryptographic Kernel", "Module Type": "Firmware", "Validation Date": "11/29/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1454.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1454", "detail_available": true, "module_name": "BlackBerry Cryptographic Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "BlackBerry is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry is a totally integrated package that includes hardware, software and service, providing a complete end-to-end solution. The BlackBerry Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1453", "Certificate Number": "1453", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI 7000 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "11/22/201002/10/201112/03/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1453.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1453", "detail_available": true, "module_name": "Luna® PCI 7000 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and configured to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Luna® PCI offers dedicated hardware key management to protect sensitive cryptographic keys from attack. The high-security hardware design ensures the integrity and protection of encryption keys throughout their life cycle. All digital signing and verification operations are performed within the HSM to increase performance and maintain security. Luna® PCI HSMs provide hardware secured key generation, storage, secure key backup and accelerated encryption in a range of models and configurations offering a wide selection of security, performance and operational capabilities.", "algorithms": [ "AES", "DES", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1452", "Certificate Number": "1452", "Vendor Name": "AvaLAN Wireless Systems, Inc.", "Module Name": "AW140", "Module Type": "Hardware", "Validation Date": "11/22/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1452.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1452", "detail_available": true, "module_name": "AW140", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The AW140 is a modular AES cryptographic subassembly that can be embedded into finished communications products. AW140's cryptographic boundary is encapsulated within this subassembly and allows finished products to inherit the AW140's NIST FIPS 140-2 validation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1451", "Certificate Number": "1451", "Vendor Name": "Seagate Technology LLC", "Module Name": "Seagate® Momentus® Thin Self-Encrypting Drives TCG Opal FIPS 140 Module", "Module Type": "Hardware", "Validation Date": "11/22/201007/18/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1451.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1451", "detail_available": true, "module_name": "Seagate® Momentus® Thin Self-Encrypting Drives TCG Opal FIPS 140 Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Seagate® Momentus® Thin Self-Encrypting Drive (SED) FIPS 140 Module is embedded in Seagate Momentus Thin SED model disk drives. The cryptographic module (CM) provides a wide range of cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, instantaneous user data disposal with cryptographic erase, independently controlled and protected user data LBA ranges, and authenticated FW download. The services are provided through an industry-standard TCG Opal SSC interface.", "algorithms": [ "AES", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1450", "Certificate Number": "1450", "Vendor Name": "Gemalto", "Module Name": "TOP DL V2", "Module Type": "Hardware", "Validation Date": "11/15/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1450.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1450", "detail_available": true, "module_name": "TOP DL V2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This module is based on a Java Card platform (TOP DL V2) with 128K EEPROM memory available. The Cryptographic Module provides dual interfaces (i.e. contact and contact-less) where the same security level is achieved." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1449", "Certificate Number": "1449", "Vendor Name": "Patrick Townsend Security Solutions", "Module Name": "Alliance Key Manager", "Module Type": "Software", "Validation Date": "11/15/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1449.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1449", "detail_available": true, "module_name": "Alliance Key Manager", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated with the Red Hat Enterprise Linux 5 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #1320 operating in FIPS mode (approved algorithms retested on listed operating environment)", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Alliance Key Manager implements a client/server interface for key administration. The user application has the client role, and the key manager has the server role. The user opens a secure connection to the key server, sends an administrative request (create a key, change a key, etc.), receives a response from the server, and the session is disconnected." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1448", "Certificate Number": "1448", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Aironet Lightweight AP1131, AP1142, AP1242, AP1252, AP1262, CAP3502e and CAP3502i Wireless LAN Access Points", "Module Type": "Hardware", "Validation Date": "11/15/201002/24/201105/12/201108/22/201102/23/201205/10/201203/28/201305/03/201305/16/201307/12/201302/20/201402/20/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1448.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1448", "detail_available": true, "module_name": "Cisco Aironet Lightweight AP1131, AP1142, AP1242, AP1252, AP1262, CAP3502e and CAP3502i Wireless LAN Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Aironet Lightweight 3502i, 3502e, 1262, 1142, 1131, 1252, and 1242 access points deliver the versatility, high capacity and enterprise class security required for small, medium and large Government indoor and outdoor wireless deployments. In FIPS 140-2 mode of operation, the Cisco APs support the IEEE 802.11a/g/n, 802.11i & 802.1x standards, IETF CAPWAP standard and are Wi-Fi Alliance certified for WPA2 security." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1447", "Certificate Number": "1447", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 5508 Wireless LAN Controller", "Module Type": "Hardware", "Validation Date": "11/15/201002/24/201105/12/201108/22/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1447.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1447", "detail_available": true, "module_name": "Cisco 5508 Wireless LAN Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 5508 Series WLAN Controllers deliver centralized control and high capacity for small, medium and large-scale Enterprise wireless LAN networks. In FIPS 140-2 mode of operation, the Cisco WLAN Controllers support the IEEE 802.11i & 802.1x standards, IETF CAPWAP standard and support a Secure Wireless Architecture with WiFi Alliance certified WPA-2 security. The Cisco WLAN Controllers support voice, video and data services along with Cisco Clean Air technology, IPv6 mobility, intrusion protection and intelligent radio resource management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1446", "Certificate Number": "1446", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Aironet Lightweight AP1522, AP1524PS and AP1524SB Wireless LAN Access Points", "Module Type": "Hardware", "Validation Date": "11/15/201002/24/201105/12/201108/22/201102/23/201205/10/201203/28/201305/03/201305/16/201307/12/201302/20/201402/20/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1446.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1446", "detail_available": true, "module_name": "Cisco Aironet Lightweight AP1522, AP1524PS and AP1524SB Wireless LAN Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Aironet Lightweight 1522 and 1524 access points deliver the versatility, high capacity and enterprise class security required for small, medium and large Government indoor and outdoor wireless deployments. In FIPS 140-2 mode of operation, the Cisco APs support the IEEE 802.11a/g/n, 802.11i & 802.1x standards, IETF CAPWAP standard and are Wi-Fi Alliance certified for WPA2 security." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1445", "Certificate Number": "1445", "Vendor Name": "Quantum Corporation", "Module Name": "Scalar Key Manager", "Module Type": "Software", "Validation Date": "11/15/201012/06/201003/15/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1445.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1445", "detail_available": true, "module_name": "Scalar Key Manager", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated with the Red Hat Enterprise Linux 5 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #1320 operating in FIPS mode (approved algorithms retested on listed operating environment)", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Scalar Key Manager implements a client/server interface for key administration. The user application has the client role, and the key manager has the server role. The user opens a secure connection to the key server, sends an administrative request (create a key, change a key, etc.), receives a response from the server, and the session is disconnected." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1444", "Certificate Number": "1444", "Vendor Name": "Rajant Corporation", "Module Name": "Rajant Corporation BreadCrumb ME3", "Module Type": "Hardware", "Validation Date": "11/15/201004/12/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1444.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1444", "detail_available": true, "module_name": "Rajant Corporation BreadCrumb ME3", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and the Loctite® 425 material applied as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Rajant Corporation's BreadCrumb® ME3-24 is a rugged wireless transmitter-receiver that forms a highly mobile mesh network (using InstaMesh®) when used in conjunction with other BreadCrumb® devices. This portable wireless mesh network node supports an open-standard IEEE 802.11 b/g radio to enable data, voice and video applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1443", "Certificate Number": "1443", "Vendor Name": "Cloakware, Inc.", "Module Name": "Cloakware Security Kernel", "Module Type": "Software", "Validation Date": "11/08/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1443.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1443", "detail_available": true, "module_name": "Cloakware Security Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Cloakware Security Kernel from Cloakware, Inc. is a module contained in a single library designed to provide cryptographic functionality within calling applications operating on multi-chip standard server platforms. This single library is linked at run-time to a C/C++ library, which can be called by host applications to provide cryptographic services. This library can also be dynamically loaded at runtime by a Java application running within a Java Virtual Machine (JVM) via Java Native Interface (JNI), providing cryptographic services to the Java application.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1442", "Certificate Number": "1442", "Vendor Name": "Imation Corp.", "Module Name": "Imation S200/D200", "Module Type": "Hardware", "Validation Date": "11/08/201012/06/201001/13/201106/01/201110/26/201104/24/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1442.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1442", "detail_available": true, "module_name": "Imation S200/D200", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "Files distributed with the module mounted within the CD Drive are excluded from the validation.", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The IronKey Secure Flash Drive includes a high-speed hardware-based 256 Bit AES cryptography engine for encrypting and decrypting NAND flash and RAM buffers via USB. It also includes RSA, HMAC, SHA-256, SHA-1, and RNG algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1441", "Certificate Number": "1441", "Vendor Name": "Utimaco Inc.", "Module Name": "Atalla Cryptographic Subsystem (ACS)", "Module Type": "Hardware", "Validation Date": "11/08/201006/21/201109/19/201101/25/201612/21/201712/04/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1441.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1441", "detail_available": true, "module_name": "Atalla Cryptographic Subsystem (ACS)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Atalla Cryptographic Subsystem (ACS) is a multi-chip embedded cryptographic module that provides secure cryptographic processing. The ACS features secure key management and storage capabilities, and also provides high performance AES processing." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1440", "Certificate Number": "1440", "Vendor Name": "Nexus Wireless", "Module Name": "Nexus FIPS 140-2 Crypto Module", "Module Type": "Hardware", "Validation Date": "11/08/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1440.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1440", "detail_available": true, "module_name": "Nexus FIPS 140-2 Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Nexus FIPS140-2 Crypto Module is a single-board security module designed to conform to FIPS140-2 standards and primarily intended for use in P25 radio equipment. The module supports both KFD and KMF management implementations, including a dedicated 3-wire KFD interface. It includes a complete key storage and critical security material management function for TEK, KEK, UKEK, CKEK and KSKEK keys in non-volatile memory within the FIPS module, with protection from unauthorized disclosure or modification. The FIPS Module executes encryption and decryption of P25 Phase 1 voice and data tra" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1439", "Certificate Number": "1439", "Vendor Name": "Secure64 Software Corporation", "Module Name": "Secure64 Cryptographic Module", "Module Type": "Firmware", "Validation Date": "11/08/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1439.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1439", "detail_available": true, "module_name": "Secure64 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seals installed as indicated in the Security Policy.", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The Secure64 Cryptographic Module is a firmware module designed for use only with systems based on Secure64« SourceT«, a limited operational environment running on an Intel Itanium-based server platform. The Secure64 Cryptographic Module provides cryptographic functions that can be used by applications running in this environment. Example applications include DNSSEC signing (secure DNS using digital signatures), certificate management applications, etc. Example functions include key generation, secure key storage, encryption, decryption, hashing, and digital signing." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1438", "Certificate Number": "1438", "Vendor Name": "Kingston Technology, Inc.", "Module Name": "DataTraveler 6000", "Module Type": "Hardware", "Validation Date": "11/03/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1438.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1438", "detail_available": true, "module_name": "DataTraveler 6000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Kingston's ultra-secure DataTraveler 6000 USB Flash drive protects sensitive data with FIPS 140-2 Level 3 validation and 256-bit AES hardware-based encryption in XTS mode. Secured by SPYRUS, DT6000 uses elliptic curve cryptography encryption algorithms (ECC) that meet the Suite B standards approved by the U.S. government. The drive features complex password protection and locks down after 10 intrusion attempts." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1437", "Certificate Number": "1437", "Vendor Name": "Ian Donnelly Systems, Inc.", "Module Name": "KEY-UP Cryptographic Module", "Module Type": "Hardware", "Validation Date": "11/03/201007/27/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1437.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1437", "detail_available": true, "module_name": "KEY-UP Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Hardware Security Module." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1436", "Certificate Number": "1436", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ASA 5505, 5510, 5520, 5540, 5550, 5580-20 and 5580-40 Security Appliances", "Module Type": "Hardware", "Validation Date": "11/03/201005/12/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1436.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1436", "detail_available": true, "module_name": "Cisco ASA 5505, 5510, 5520, 5540, 5550, 5580-20 and 5580-40 Security Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1435", "Certificate Number": "1435", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 4402 and 4404 Wireless LAN Controllers", "Module Type": "Hardware", "Validation Date": "11/02/201002/24/201105/12/201108/22/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1435.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1435", "detail_available": true, "module_name": "Cisco 4402 and 4404 Wireless LAN Controllers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the physical security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 4400 Series WLAN Controllers deliver centralized control and high capacity for small, medium and large-scale Enterprise wireless LAN networks. In FIPS 140-2 mode of operation, the Cisco WLAN Controllers support the IEEE 802.11i & 802.1x standards, IETF CAPWAP standard and support a Secure Wireless Architecture with WiFi Alliance certified WPA-2 security. The Cisco WLAN Controllers support voice, video and data services along with Cisco Clean Air technology, IPv6 mobility, intrusion protection and intelligent radio resource management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1434", "Certificate Number": "1434", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with Wireless Services Module (WiSM)", "Module Type": "Hardware", "Validation Date": "11/02/201002/24/201105/12/201108/22/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1434.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1434", "detail_available": true, "module_name": "Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with Wireless Services Module (WiSM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the physical security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with WiSM WLAN Controller deliver centralized control and high capacity for medium to large-scale Enterprise wireless LAN networks. In FIPS 140-2 mode of operation, the Cisco WiSM Controller supports the IEEE 802.11i & 802.1x standards, IETF CAPWAP standard and supports a Secure Wireless Architecture with certified WiFi Alliance WPA-2 security. The Cisco WiSM Controller supports voice, video and data services along with Cisco Clean Air technology, IPv6 mobility, intrusion protection and intelligent radio resource management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1433", "Certificate Number": "1433", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® Crypto for C", "Module Type": "Software", "Validation Date": "11/02/201012/21/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1433.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1433", "detail_available": true, "module_name": "IBM® Crypto for C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The IBM Crypto for C® v8.0 (ICC) cryptographic module is implemented in the C programming language. It is packaged as dynamic (shared) libraries usable by applications written in a language that supports C language linking conventions (e.g. C, C++, Java, Assembler, etc.) for use on commercially available operating systems. The ICC allows these applications to access cryptographic functions using an Application Programming Interface (API) provided through an ICC import library and based on the API defined by the OpenSSL group." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1432", "Certificate Number": "1432", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "10/26/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1432.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1432", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1431", "Certificate Number": "1431", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiOS", "Module Type": "Firmware", "Validation Date": "11/03/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1431.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1431", "detail_available": true, "module_name": "FortiOS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The FortiOS is a firmware based operating system that runs exclusively on FortinetÆs FortiGate/FortiWiFi product family (PC-based, purpose built appliances)The FortiOS provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering and traffic shaping and HA capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1430", "Certificate Number": "1430", "Vendor Name": "Security First Corp.", "Module Name": "SecureParser®", "Module Type": "Software", "Validation Date": "10/25/201003/15/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1430.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1430", "detail_available": true, "module_name": "SecureParser®", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The SecureParser® is a security and high data availability architecture delivered in the form of a software toolkit that provides cryptographic data splitting (data encryption, random or deterministic distribution to multiple shares including additional fault tolerant bits, key splitting, authentication, integrity, share reassembly, key restoration and decryption) of arbitrary data. During the split process, additional redundant data may be optionally written to each share enabling the capability of restoring the original data when all shares are not available." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1429", "Certificate Number": "1429", "Vendor Name": "eIQnetworks, Inc.", "Module Name": "SecureVue Data Processor Cryptographic Module", "Module Type": "Software", "Validation Date": "10/25/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1429.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1429", "detail_available": true, "module_name": "SecureVue Data Processor Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode per the installation instructions found in the Security Policy section: Approved Mode of Operation", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SecureVue Data Processor component is a multi-chip standalone cryptographic module that is part of a software application suite. It has cryptographic implementation for secure communication and encryption/decryption between the various components via Central, Data Processor, Data Collector, and Agent that complete the SecureVue software application suite." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1428", "Certificate Number": "1428", "Vendor Name": "eIQnetworks, Inc.", "Module Name": "SecureVue Data Collector Cryptographic Module", "Module Type": "Software", "Validation Date": "10/25/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1428.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1428", "detail_available": true, "module_name": "SecureVue Data Collector Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode per the installation instructions found in the Security Policy section: Approved Mode of Operation", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SecureVue Data Collector component is a multi-chip standalone cryptographic module that is part of a software application suite. It has cryptographic implementation for secure communication, encryption/decryption, and key generation between the various components via Central, Data Processor, Data Collector, and Agent that complete the SecureVue software application suite." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1427", "Certificate Number": "1427", "Vendor Name": "eIQnetworks, Inc.", "Module Name": "SecureVue Agent Cryptographic Module", "Module Type": "Software", "Validation Date": "10/25/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1427.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1427", "detail_available": true, "module_name": "SecureVue Agent Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode per the installation instructions found in the Security Policy section: Approved Mode of Operation", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SecureVue Agent component is a multi-chip standalone cryptographic module that is part of a software application suite. It has cryptographic implementation for secure communication and encryption/decryption between the various components via Central, Data Processor, Data Collector, and Agent that complete the SecureVue software application suite." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1426", "Certificate Number": "1426", "Vendor Name": "eIQnetworks, Inc.", "Module Name": "SecureVue Central Cryptographic Module", "Module Type": "Software", "Validation Date": "10/25/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1426.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1426", "detail_available": true, "module_name": "SecureVue Central Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode per the installation instructions found in the Security Policy section: Approved Mode of Operation", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SecureVue Central component is a multi-chip standalone cryptographic module that is part of a software application suite. It has cryptographic implementation for secure communication, encryption/decryption, and key generation between the various components via Central, Data Processor, Data Collector, and Agent that complete the SecureVue software application suite." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1425", "Certificate Number": "1425", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 3750G Integrated Wireless LAN Controller", "Module Type": "Hardware", "Validation Date": "10/25/201002/24/201105/12/201108/22/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1425.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1425", "detail_available": true, "module_name": "Cisco Catalyst 3750G Integrated Wireless LAN Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the physical security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 3750G WLAN Controller delivers centralized control and high capacity for small, medium and large-scale Enterprise wireless LAN networks. In FIPS 140-2 mode of operation, the Cisco 3750G Controller supports the IEEE 802.11i & 802.1x standards, IETF CAPWAP standard and supports a Secure Wireless Architecture with WiFi Alliance certified WPA-2 security. The 3750G WLAN Controller supports voice, video and data services along with Cisco Clean Air technology, IPv6 mobility, intrusion protection and intelligent radio resource management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1424", "Certificate Number": "1424", "Vendor Name": "Just Rams PLC", "Module Name": "Integral 256 bit AES Drive and Integral 256 bit AES MAC Drive", "Module Type": "Hardware", "Validation Date": "10/25/201009/19/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1424.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1424", "detail_available": true, "module_name": "Integral 256 bit AES Drive and Integral 256 bit AES MAC Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Integral Crypto Drive offers Premium AES 256 bit security, and is the most secure and durable of all Integral USB Flash Drives. It has Brute-force password attack protection and has a 22 different language interface and zero footprint. Integral 256 bit AES Drive capacities available are 1GB, 2GB, 4GB, 8GB, 16GB, 32GB Integral 256 bit AES MAC Drive capacities available are 2GB, 4GB, 8GB, 16GB, 32GB" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1423", "Certificate Number": "1423", "Vendor Name": "Apani Networks", "Module Name": "Apani Kernel Crypto Module", "Module Type": "Software", "Validation Date": "10/25/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1423.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1423", "detail_available": true, "module_name": "Apani Kernel Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The AKCM is a software library that runs on a wide variety of computing platforms and performs encryption, hashing and message authentication generation functions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1422", "Certificate Number": "1422", "Vendor Name": "ARX (Algorithmic Research)", "Module Name": "CoSign", "Module Type": "Hardware", "Validation Date": "10/25/201001/22/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1422.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1422", "detail_available": true, "module_name": "CoSign", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "CoSign is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization's end-users. End-users will connect securely to CoSign from their PC for the purpose of signing documents and data." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1421", "Certificate Number": "1421", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper J-Series Services Routers: J2320, J2350, J4350 and J6350", "Module Type": "Hardware", "Validation Date": "10/25/201012/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1421.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1421", "detail_available": true, "module_name": "Juniper J-Series Services Routers: J2320, J2350, J4350 and J6350", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Juniper Networks J Series Routers extend enterprise applications and deliver reliable connectivity to remote offices with a powerful blend of high-performance network protection and advanced services. J Series Services Routers leverage the modular JUNOS Software and Juniper's rich product and partner portfolio to consolidate market leading security, application optimization, and voice capabilities onto a single, easy to manage platform. Our innovate security approach inseparably integrates routing and firewalls for exceptional performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1420", "Certificate Number": "1420", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "10/14/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1420.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1420", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1419", "Certificate Number": "1419", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "10/14/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1419.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1419", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1418", "Certificate Number": "1418", "Vendor Name": "Persistent Systems, LLC", "Module Name": "Persistent Systems Wave Relay Quad Radio Router and Man Portable Unit (Generation 2, Generation 3 \nSingle/Dual, and Generation 4)", "Module Type": "Hardware", "Validation Date": "10/05/201010/29/201004/04/201201/16/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1418.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1418", "detail_available": true, "module_name": "Persistent Systems Wave Relay Quad Radio Router and Man Portable Unit (Generation 2, Generation 3 Single/Dual, and Generation 4)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident material installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Wave Relay Mobile Ad Hoc Networking System provides persistent wireless network connectivity between highly mobile users in a true peer-to-peer topology." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1417", "Certificate Number": "1417", "Vendor Name": "Persistent Systems, LLC", "Module Name": "Persistent Systems Wave Relay Single, Dual, and Quad Radio Board", "Module Type": "Hardware", "Validation Date": "10/05/201004/04/201201/16/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1417.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1417", "detail_available": true, "module_name": "Persistent Systems Wave Relay Single, Dual, and Quad Radio Board", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Wave Relay Mobile Ad Hoc Networking System provides persistent wireless network connectivity between highly mobile users in a true peer-to-peer topology." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1416", "Certificate Number": "1416", "Vendor Name": "Oberthur Technologies", "Module Name": "ID-One PIV (Type B)", "Module Type": "Hardware", "Validation Date": "10/06/201011/24/201012/21/201002/10/201107/05/201110/04/201102/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1416.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1416", "detail_available": true, "module_name": "ID-One PIV (Type B)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the fingerprint authentication mechanism parameters configured as indicated in the Security Policy Section 8.1", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This new generation PIV Card addresses current & future needs of both Federal and Corporate customers with built-in support for all the cryptographic algorithms defined in SP800-78-2 including TDEA, AES, RSA, ECDSA, & ECDH with all possible key sizes as well as key history for over 20 retired decryption keys. It offers Identity proofing (storage of personal data), User authentication, Card authentication, digital signature, encryption, & secure post issuance management in the PIV system. Its fingerprint match-on-card has been validated in the MINEX II PIV Biometric interoperability program." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1415", "Certificate Number": "1415", "Vendor Name": "Dell Software, Inc.", "Module Name": "TZ 100, TZ 100W, TZ 200, TZ 200W, TZ 210 and TZ 210W", "Module Type": "Hardware", "Validation Date": "09/28/201004/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1415.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1415", "detail_available": true, "module_name": "TZ 100, TZ 100W, TZ 200, TZ 200W, TZ 210 and TZ 210W", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Dell SonicWALL's TZ Series is a high performance security platform that combines anti-virus, anti-spyware, intrusion prevention, content filtering, 3G connectivity and redundancy with 802.11 b/g/n wireless for an ultimate SMB security package. These solutions allow remote and branch offices to easily implement network protection from a wide spectrum of emerging threats." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1414", "Certificate Number": "1414", "Vendor Name": "Oberthur Technologies", "Module Name": "ID-One PIV (Type A)", "Module Type": "Hardware", "Validation Date": "09/28/201011/24/201012/21/201002/10/201107/05/201110/04/201102/22/201302/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1414.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1414", "detail_available": true, "module_name": "ID-One PIV (Type A)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the fingerprint authentication mechanism parameters configured as indicated in the Security Policy Section 8.1", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This new generation PIV Card addresses current and future needs of both Federal & Corporate customers with built-in support for all the cryptographic algorithms defined in SP800-78-2 including TDEA, AES, RSA, ECDSA, & ECDH with all possible key sizes as well as key history for over 20 retired decryption keys. It offers Identity proofing (storage of personal data), User authentication, Card authentication, digital signature, encryption, and secure post issuance management in the PIV system. Its fingerprint match-on-card has been validated in the MINEX II PIV Biometric interoperability program." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1413", "Certificate Number": "1413", "Vendor Name": "Icom Inc.", "Module Name": "UT-125 FIPS #11 and UT-125 FIPS #21 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "09/28/201003/11/201604/19/201707/03/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1413.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1413", "detail_available": true, "module_name": "UT-125 FIPS #11 and UT-125 FIPS #21 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys", "module_type": "Hardware", "embodiment": "Multi-Chip Embedded", "description": "The UT-125 FIPS #11 and UT-125 FIPS #21 are optional units available for Icom radios that provide secure voice and data capabilities as well as APCO OTAR and advanced key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1412", "Certificate Number": "1412", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "JUNOS-FIPS 9.3 L2 OS Cryptographic Module", "Module Type": "Firmware", "Validation Date": "09/28/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1412.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1412", "detail_available": true, "module_name": "JUNOS-FIPS 9.3 L2 OS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated only on the specific platforms specified on the reverse. The routing engine and chassis configured with tamper evident seals installed as indicated in the Security Policy.", "module_type": "Firmware", "embodiment": "Multi-chip embedded", "description": "Juniper Networks M, T and MX series routing platforms are complete routing systems that support a variety of high-speed interfaces for medium/large networks and network applications and numerous routing standards. All platforms are physically self-contained, housing software, firmware, and hardware necessary for routing. The router architecture provides for streamlined forwarding and routing control and the capability to run Internet-scale networks at high speeds. They are powered by the same JUNOS software, which provides both management and control functions as well as all IP routing." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1411", "Certificate Number": "1411", "Vendor Name": "Security First Corp.", "Module Name": "SecureParser®", "Module Type": "Software", "Validation Date": "11/03/201001/09/201503/13/201504/17/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1411.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1411", "detail_available": true, "module_name": "SecureParser®", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The SecureParser® is a security and high data availability architecture delivered in the form of a software toolkit that provides cryptographic data splitting (data encryption, random or deterministic distribution to multiple shares including additional fault tolerant bits, key splitting, authentication, integrity, share reassembly, key restoration and decryption) of arbitrary data. During the split process, additional redundant data may be optionally written to each share enabling the capability of restoring the original data when all shares are not available." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1410", "Certificate Number": "1410", "Vendor Name": "AudioCodes", "Module Name": "BS-500", "Module Type": "Hardware", "Validation Date": "09/23/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1410.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1410", "detail_available": true, "module_name": "BS-500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Voice-over-IP media gateway" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1409", "Certificate Number": "1409", "Vendor Name": "Open Text Corporation", "Module Name": "Open Text Cryptographic Module", "Module Type": "Software", "Validation Date": "09/21/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1409.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1409", "detail_available": true, "module_name": "Open Text Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Open Text Cryptographic Module is a library which provides encryption and decryption services to Hummingbird Connectivity software during SSL or SSH connections. The Open Text Cryptographic Module is used in Exceed, a windows-based X11 server, NFS Maestro, a suite of NFS clients and servers, HostExplorer, a desktop and web-based terminal emulation suite and Connectivity Secure Shell, an implementation of the Secure Shell 2 protocol." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1408", "Certificate Number": "1408", "Vendor Name": "Aladdin Knowledge Systems, Ltd.", "Module Name": "Aladdin eToken NG-FLASH (Java) [1], Aladdin eToken NG-FLASH Anywhere [1] and Aladdin eToken NG-OTP (Java) [2]", "Module Type": "Hardware", "Validation Date": "09/15/201010/26/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1408.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1408", "detail_available": true, "module_name": "Aladdin eToken NG-FLASH (Java) [1], Aladdin eToken NG-FLASH Anywhere [1] and Aladdin eToken NG-OTP (Java) [2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aladdin eToken NG-FLASH (Java) and Aladdin eToken NG-OTP (Java) offer strong authentication and guaranteed non-repudiation for sensitive applications such as eBanking, stock trading, eCommerce and financial transactions. The modules are based on the Athena IDProtect Java Card smart card operating system that is compliant with the Java Card 2.2.2 and GlobalPlatform 2.1.1 specifications and FIPS 140-2 Level 3 (Level 4 for physical security). IDProtect supports FIPS Approved Random Number Generation, TDES, AES, SHA-1, SHA-256, and RSA up to 2048 bits including on board key generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1407", "Certificate Number": "1407", "Vendor Name": "G4S Technology Limited", "Module Name": "Symmetry Cryptographic Module", "Module Type": "Software", "Validation Date": "09/15/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1407.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1407", "detail_available": true, "module_name": "Symmetry Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Symmetry Cryptographic Module provides AES 256 bit encryption functionality to enable a client application to provide a secure channel for transmission of data across a network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1406", "Certificate Number": "1406", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiAnalyzer", "Module Type": "Firmware", "Validation Date": "09/15/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1406.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1406", "detail_available": true, "module_name": "FortiAnalyzer", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The FortiAnalyzer family of logging, analyzing, and reporting appliances securely aggregate log data from Fortinet devices and other syslog-compatible devices. Using a comprehensive suite of customizable reports, users can filter and review records, including traffic, event, virus, attack, Web content, and email data." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1405", "Certificate Number": "1405", "Vendor Name": "EgoSecure GmbH", "Module Name": "EgoSecure Full Disk Encryption (FDE) Cryptographic Module", "Module Type": "Software", "Validation Date": "10/07/201006/27/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1405.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1405", "detail_available": true, "module_name": "EgoSecure Full Disk Encryption (FDE) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "EgoSecure’s Full Disk Encryption (FDE) software-only product provides sector-by-sector Full Disk Encryption services to the General Purpose Computer (GPC) with hardening Pre-Boot Authentication (PBA) capabilities. The software is able to prevent all unauthorized access to user data including the operating system with varying degrees of security depending on customer preference. The EgoSecure Full Disk Encryption (FDE) cryptographic module is the core underlying component providing cryptographic functionalities for the software in all aspects." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1404", "Certificate Number": "1404", "Vendor Name": "Dell Software, Inc.", "Module Name": "SRA EX6000 and SRA EX7000", "Module Type": "Hardware", "Validation Date": "09/15/201004/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1404.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1404", "detail_available": true, "module_name": "SRA EX6000 and SRA EX7000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Built on Aventail's powerful, proven SSL VPN platform, the Dell SonicWALL Aventail SRA EX6000 and SRA EX7000 appliances provide granular access control for any type of remote access by first detecting the identity and the security of the end point, protecting applications with granular policy based on who the user is and the trust established for the end point used for access, and then connecting authorized employees and business partners effortlessly from a broad range of cross-platform devices only to authorized resources." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1403", "Certificate Number": "1403", "Vendor Name": "Hewlett-Packard Company", "Module Name": "HP OpenCall HLR Cryptographic Module", "Module Type": "Software", "Validation Date": "09/15/201003/28/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1403.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1403", "detail_available": true, "module_name": "HP OpenCall HLR Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The HP OpenCall HLR Cryptographic Module provides cryptographic services that allows the HP OpenCall HLR to protect sensitive application and subscriber data at rest and during transit.", "algorithms": [ "AES", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1402", "Certificate Number": "1402", "Vendor Name": "IBM Internet Security Systems, Inc.", "Module Name": "SiteProtector Cryptographic Module", "Module Type": "Software", "Validation Date": "09/15/201012/07/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1402.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1402", "detail_available": true, "module_name": "SiteProtector Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "IBM Proventia® Management SiteProtectorTM system is a security management system that provides centralized command and control, analysis, reporting and workflow for all ISS IBM Protection devices and select third-party security solutions including network IPS, Network Multi-Function, Server, Endpoint, Vulnerability Assessment, Application Assessment, and DLP. All of these IBM ISS security components have a common update and policy management system as well. The SiteProtector system provides an in-depth security event analysis capability that is specific to the needs of security analysts.", "algorithms": [ "AES", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1401", "Certificate Number": "1401", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiOS", "Module Type": "Firmware", "Validation Date": "09/10/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1401.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1401", "detail_available": true, "module_name": "FortiOS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The FortiOS is a firmware based operating system that runs exclusively on FortinetÆs FortiGate/FortiWiFi product family (PC-based, purpose built appliances)The FortiOS provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering and traffic shaping and HA capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1400", "Certificate Number": "1400", "Vendor Name": "Dell Software, Inc.", "Module Name": "NSA 2400", "Module Type": "Hardware", "Validation Date": "08/30/201004/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1400.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1400", "detail_available": true, "module_name": "NSA 2400", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Dell SonicWALL Network Security Appliance (NSA) Series is a high performance platform utilizing a unique multi-core architecture to provide high speed anti-virus, anti-spyware, intrusion prevention, content filtering, application inspection and protection and for the SMBs and large businesses." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1399", "Certificate Number": "1399", "Vendor Name": "LifeSize Communications, Inc.", "Module Name": "Cryptographic Security Kernel", "Module Type": "Software", "Validation Date": "08/30/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1399.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1399", "detail_available": true, "module_name": "Cryptographic Security Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip embedded", "description": "The LifeSize Room, Team, and Express product lines employ the LifeSize Cryptographic Security Kernel to provide the cryptographic functionality necessary to secure high-definition audio and video conference communications.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1398", "Certificate Number": "1398", "Vendor Name": "Dell Software, Inc.", "Module Name": "NSA 240", "Module Type": "Hardware", "Validation Date": "08/30/201004/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1398.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1398", "detail_available": true, "module_name": "NSA 240", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Dell SonicWALL Network Security Appliance (NSA) Series is a high performance platform utilizing a unique multi-core architecture to provide high speed anti-virus, anti-spyware, intrusion prevention, content filtering, application inspection and protection and for the SMBs and large businesses." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1397", "Certificate Number": "1397", "Vendor Name": "Imation Corp.", "Module Name": "Imation Secure Flash Drive", "Module Type": "Hardware", "Validation Date": "08/30/201010/26/201104/24/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1397.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1397", "detail_available": true, "module_name": "Imation Secure Flash Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "Files distributed with the module mounted within the internal CD Drive are excluded from validation", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The IronKey Secure Flash Drive has been designed to be the world's most secure flash drive. The onboard AES, RSA, SHA, and RNG engines deliver the gold standard in data and identity protection for consumers, enterprises, and government users alike. For more information, visit https://www.ironkey.com." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1396", "Certificate Number": "1396", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiMail OS", "Module Type": "Firmware", "Validation Date": "08/30/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1396.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1396", "detail_available": true, "module_name": "FortiMail OS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "FortiMail OS is a firmware based operating system that runs exclusively on Fortinet's FortiMail product family (PC-based, purpose built appliances). FortiMail offers both inbound and outbound scanning, advanced antispam and antivirus filtering capabilities, IP address black/white listing functionality, and extensive quarantine and archiving capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1395", "Certificate Number": "1395", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCM Key Export (KE) Cryptographic Module", "Module Type": "Hardware", "Validation Date": "08/18/201009/02/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1395.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1395", "detail_available": true, "module_name": "Luna® PCM Key Export (KE) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Luna PCM cryptographic module is a multi-chip standalone hardware cryptographic module in the form of a PCMCIA card that typically resides within a custom computing or secure communications appliance. It is contained in its own secure enclosure that provides physical resistance to tampering. The module provides secure key generation and storage for symmetric keys and asymmetric key pairs along with symmetric and asymmetric cryptographic services. Access to key material and cryptographic services for users and user application software is provided indirectly through the host appliance.", "algorithms": [ "AES", "DES", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1394", "Certificate Number": "1394", "Vendor Name": "SPYRUS, Inc.", "Module Name": "SPYRUS FIPS Sector-based Encryption Module", "Module Type": "Hardware", "Validation Date": "08/18/201009/07/201003/28/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1394.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1394", "detail_available": true, "module_name": "SPYRUS FIPS Sector-based Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SPYRUS FIPS Sector-based Encryption Module provides hardware-based, sector by sector full disk encryption providing the protective military strength of the U. S. Government's Suite B algorithm standards, including AES, ECDSA, SHA-2, and EC-DH. The USB encryption device comes with an easy to use, user-friendly interface that operates on the Microsoft Windows operating systems, Linux, and MAC without installing any drivers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1393", "Certificate Number": "1393", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Pitney Bowes iButton Postal Security Device (PSD)", "Module Type": "Hardware", "Validation Date": "08/18/201009/13/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1393.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1393", "detail_available": true, "module_name": "Pitney Bowes iButton Postal Security Device (PSD)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Pitney Bowes iButton Postal Security Device (PSD) has been designed in compliance with the United States Postal Service (USPS), Information-Based Indicia Program (IBIP), and Canda Post Indicia. It employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes global digital metering products. The PSD has been designed to support international postal markets and their rapidly evolving requirements for digital indicia." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1392", "Certificate Number": "1392", "Vendor Name": "Doremi Labs", "Module Name": "Dolphin DCI 1.2", "Module Type": "Hardware", "Validation Date": "08/12/201006/07/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1392.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1392", "detail_available": true, "module_name": "Dolphin DCI 1.2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Dolphin DCI 1.2 is a PCI-card that provides a standard definition/high definition serial digital interface. This is a Doremi decoder hardware card that contains a JPEG-2000 decoder hardware and BNC serial digital interface connectors used in Doremi Digital Cinema Servers like the DCP-2000. The Dolphin DCI 1.2 utilizes a dual-link encoded serial digital interface for output of DCI compliant resolutions up to 2040x1080p24 (2K-film). It can also operate single link for lower resolution material (i.e. trailers, advertisement, etc.)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1391", "Certificate Number": "1391", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet Ethernet Encryptor, Branch Office", "Module Type": "Hardware", "Validation Date": "08/12/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1391.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1391", "detail_available": true, "module_name": "SafeNet Ethernet Encryptor, Branch Office", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeNet Ethernet Encryptor Branch Office provides data privacy and access control for connections between vulnerable public and private networks. It employs a FIPS-approved AES algorithm and can be deployed in 10 Megabit Ethernet networks. The encryptor can be centrally controlled or managed across multiple remote stations using SafeNet's Security Management Center (SMC), a SNMPv3-based security management system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1390", "Certificate Number": "1390", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ASR 1002f, ASR 1002 with ESP5 or ESP10, ASR 1004 with RP 1 or RP 2 and ESP10 or ESP20, and ASR 1006 with dual RP 1 or dual RP 2 and dual ESP10 or dual ESP20", "Module Type": "Hardware", "Validation Date": "08/12/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1390.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1390", "detail_available": true, "module_name": "Cisco ASR 1002f, ASR 1002 with ESP5 or ESP10, ASR 1004 with RP 1 or RP 2 and ESP10 or ESP20, and ASR 1006 with dual RP 1 or dual RP 2 and dual ESP10 or dual ESP20", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy.", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cisco has reinvented edge routing with the Cisco ASR 1000 Series Aggregation Services Routers. The ASR 1000 Series consists of three different versions: the ASR 1002, the ASR 1004, and the ASR 1006 Router. All three models use the innovative and powerful Cisco QuantumFlow Processor, which provides a huge leap in performance and resiliency for network processors. The Cisco ASR 1000 delivers multiple services embedded in the Cisco QuantumFlow Processor at wire speeds of up to 20 Gbps. The ASR 1000 architecture supports both software redundancy and hardware redundancy (ASR 1006) capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1389", "Certificate Number": "1389", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® z/OS® Version 1 Release 10 System SSL Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "08/12/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1389.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1389", "detail_available": true, "module_name": "IBM® z/OS® Version 1 Release 10 System SSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "System SSL is a set of generic services provided in z/OS® to protect TCP/IP communications using the SSL/TLS protocol. System SSL is exploited by many SSL enabled servers and clients in z/OS® to meet the transport security constraints required in an On Demand environment. The System SSL APIs are also externalized to customer applications. System SSL has evolved through the latest releases of z/OS® to support the new TLS (Transaction Layer Security) standard, to reach an unmatched level of performance and to extend the APIs available to applications to new functions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1388", "Certificate Number": "1388", "Vendor Name": "Seagate Technology LLC", "Module Name": "Momentus® FDE Drives FIPS 140 Module", "Module Type": "Hardware", "Validation Date": "08/12/201001/25/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1388.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1388", "detail_available": true, "module_name": "Momentus® FDE Drives FIPS 140 Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Momentus® FDE Drives, FIPS 140 Modules are FIPS 140-2 Level 2 modules which provide full disk encryption with user authentication These products are designed to prevent data breaches due to loss or theft on the road, in the office. The cryptographic module provides a wide range of cryptographic services using FIPS approved algorithms in two FIPS-Approved modes: ATA Enhanced Security Mode and DriveTrust Security Mode. Services include hardware-based data encryption, instantaneous user data disposal with cryptographic erase, and authenticated FW download." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1387", "Certificate Number": "1387", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 5 Kernel Crypto API Cryptographic Module", "Module Type": "Software", "Validation Date": "08/12/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1387.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1387", "detail_available": true, "module_name": "Red Hat Enterprise Linux 5 Kernel Crypto API Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When obtained, installed, and initialized as assumed by the Crypto Officer role and specified in Section 9.1 of the provided Security Policy. This module contains the embedded module Network Security Services (NSS) Cryptographic Module validated to FIPS 140-2 under Cert. #815 (Approved algorithms retested on listed operating environment) operating in FIPS mode. Section 1 of the provided Security Policy specifies the precise RPM files containing this module. The integrity of the RPMs is automatically verified during the installation and the Crypto officer shall not install the RPM files if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Linux kernel Crypto API implemented in Red Hat Enterprise Linux 5 provides services operating inside the Linux kernel with various ciphers, message digests and an approved random number generator." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1386", "Certificate Number": "1386", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 5 OpenSwan Cryptographic Module", "Module Type": "Software", "Validation Date": "08/12/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1386.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1386", "detail_available": true, "module_name": "Red Hat Enterprise Linux 5 OpenSwan Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When obtained, installed, and initialized as assumed by the Crypto Officer role and specified in Section 9 of the provided Security Policy. This module contains the embedded modules Red Hat Enterprise Linux 5 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #1320 operating in FIPS mode and the Network Security Services (NSS) Cryptographic Module validated to FIPS 140-2 under Cert. #815 (Approved algorithms retested on listed operating environment) operating in FIPS mode. Section 1 of the provided Security Policy specifies the precise RPM files containing this module. The integrity of the RPMs is automatically verified during the installation and the Crypto officer shall not install the RPM files if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Red Hat Enterprise Linux 5 OpenSwan Cryptographic Module is a software only cryptographic module that provides the IKE protocol version 1 and version 2 key agreement services required for IPSec." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1385", "Certificate Number": "1385", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 5 OpenSSH Client Cryptographic Module", "Module Type": "Software", "Validation Date": "08/12/201009/06/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1385.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1385", "detail_available": true, "module_name": "Red Hat Enterprise Linux 5 OpenSSH Client Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. This module contains the embedded module Red Hat Enterprise Linux 5 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #1320 operating in FIPS mode. When obtained, installed, and initialized as assumed by the Crypto Officer role and specified in Section 9.1 of the provided Security Policy. Section 1 of the provided Security Policy specifies the precise RPM file containing this module. The integrity of the RPM is automatically verified during the installation and the Crypto officer shall not install the RPM file if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module.)", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The OpenSSH Client cryptographic module provides the client-side component for an SSH protocol version 2 protected communication channel. OpenSSH is the standard SSH implementation and shipped with RHEL 5.4 or RHEL 5.8. Its cryptographic mechanisms use the OpenSSL library in FIPS 140-2 mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1384", "Certificate Number": "1384", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 5 OpenSSH-Server Cryptographic Module", "Module Type": "Software", "Validation Date": "08/12/201009/06/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1384.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1384", "detail_available": true, "module_name": "Red Hat Enterprise Linux 5 OpenSSH-Server Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. This module contains the embedded module Red Hat Enterprise Linux 5 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #1320 operating in FIPS mode. When obtained, installed, and initialized as assumed by the Crypto Officer role and specified in Section 9.1 of the provided Security Policy. Section 1 of the provided Security Policy specifies the precise RPM file containing this module. The integrity of the RPM is automatically verified during the installation and the Crypto officer shall not install the RPM file if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The OpenSSH server cryptographic module provides the server-side component for an SSH protocol version 2 protected communication channel. OpenSSH is the standard SSH implementation and shipped with RHEL 5.4 or RHEL 5.8. Its cryptographic mechanisms use the OpenSSL library in FIPS 140-2 mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1383", "Certificate Number": "1383", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "JUNOS-FIPS 9.3 OS Cryptographic Module", "Module Type": "Firmware", "Validation Date": "09/13/201010/29/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1383.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1383", "detail_available": true, "module_name": "JUNOS-FIPS 9.3 OS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-chip embedded", "description": "Juniper Networks M7i and M10i routing platforms are complete routing systems that support a variety of high-speed interfaces for medium/large networks and network applications and numerous routing standards. All platforms are physically self-contained, housing software, firmware, and hardware necessary for routing. The router architecture provides for streamlined forwarding and routing control and the capability to run Internet-scale networks at high speeds. They are powered by the same JUNOS software which provides both management and control functions as well as all IP routing." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1382", "Certificate Number": "1382", "Vendor Name": "ViaSat, Inc.", "Module Name": "Enhanced Bandwidth Efficient Modem (EBEM) Cryptographic Module", "Module Type": "Hardware", "Validation Date": "08/12/201010/04/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1382.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1382", "detail_available": true, "module_name": "Enhanced Bandwidth Efficient Modem (EBEM) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "The tamper evident seal installed as indicated in the Security Policy for the optional ESEM feature", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The ViaSat Enhanced Bandwidth Efficient Modem (EBEM-500) series Satcom Modem provides the latest in efficient modulation and coding for point-to-point Satcom connections. The EBEM-500 series offers embedded encryption, integrating the security functions into the modem to provide an integrated secure Satcom modem product. The EBEM-500 series is backward compatible with a wide range of legacy Satcom modems currently in use and supports the new improved efficiency modulation and coding. The EBEM-500 series supports user base-band data rates from 64 kbps up to 155.52 Mbps." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1381", "Certificate Number": "1381", "Vendor Name": "Accellion, Inc.", "Module Name": "Accellion Secure File Transfer Cryptographic Module", "Module Type": "Software", "Validation Date": "08/12/2010", "Status": "Revoked", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1381.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1381", "detail_available": true, "module_name": "Accellion Secure File Transfer Cryptographic Module", "standard": "FIPS 140-2", "status": "Revoked", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Accellion Secure File Transfer Cryptographic Module is a key component of Accellion's secure file transfer solution. This solution enables enterprises to securely transfer large files. It helps eliminate FTP servers and offload file attachments from email resulting in improved email performance and reduced email storage. Extensive tracking and reporting tools are provided to demonstrate compliance with SOX, HIPAA, FDA and GLB regulations. The Accellion solution provide the highest level of security and ease of use of any enterprise file transfer solution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1380", "Certificate Number": "1380", "Vendor Name": "WinMagic Incorporated", "Module Name": "SecureDoc® Disk Encryption Cryptographic Engine", "Module Type": "Software", "Validation Date": "10/26/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1380.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1380", "detail_available": true, "module_name": "SecureDoc® Disk Encryption Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SecureDoc® Disk Cryptographic Engine provides cryptographic services and key management for the SecureDoc« Disk Encryption products employing PKCS-11 cryptographic token standard. SecureDoc® software delivers full disk encryption and other data protection solutions for General Purpose Computers, laptops and removable media." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1379", "Certificate Number": "1379", "Vendor Name": "WinMagic Incorporated", "Module Name": "SecureDoc® Disk Encryption Cryptographic Engine", "Module Type": "Software", "Validation Date": "10/26/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1379.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1379", "detail_available": true, "module_name": "SecureDoc® Disk Encryption Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SecureDoc® Cryptographic Engine provides cryptographic services and key management for the SecureDoc« Disk Encryption products employing PKCS-11 cryptographic token standard. SecureDoc® software delivers full disk encryption and other data protection solutions for General Purpose Computers, laptops and removable media." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1378", "Certificate Number": "1378", "Vendor Name": "IBM® Corporation", "Module Name": "IBM System Storage TS1130 Tape Drive - Machine Type 3592, Model E06", "Module Type": "Hardware", "Validation Date": "08/03/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1378.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1378", "detail_available": true, "module_name": "IBM System Storage TS1130 Tape Drive - Machine Type 3592, Model E06", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The TS1130 / 3592 E06 Tape Drive provides full line speed, fully validated, hardware implemented, AES 256-bit encryption and compression of customer data recorded to tape. It ensures data confidentiality in the event of a lost tape while also supporting additional cryptographic functions for authentication and secure transfer of key material." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1377", "Certificate Number": "1377", "Vendor Name": "GDC Technology (USA), LLC", "Module Name": "DCI Board", "Module Type": "Hardware", "Validation Date": "08/03/201005/11/201112/13/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1377.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1377", "detail_available": true, "module_name": "DCI Board", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "A digital cinema media block designed to be compliant with DCI specifications and SMPTE digital cinema standards. The supported features include JPEG2000 decoding, AES decryption, key management, ASM communications and logging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1376", "Certificate Number": "1376", "Vendor Name": "Dolby Laboratories, Inc.", "Module Name": "CAT862 Dolby® JPEG 2000/MPEG-2 Media Block IDC", "Module Type": "Hardware", "Validation Date": "07/21/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1376.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1376", "detail_available": true, "module_name": "CAT862 Dolby® JPEG 2000/MPEG-2 Media Block IDC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The CAT862 Dolby® JPEG2000/MPEG2 Media Block IDC performs all the cryptography, license management, and video decoding functions for the DSS200 Dolby Screen Server, which forms the nucleus of the Dolby Digital Cinema system. The system offers superb picture quality and outstanding reliability. It includes support for JPEG 2000 playback, as specified by DCI, and MPEG-2 for compatibility with alternative content such as preshow advertising. The system also meets DCI specifications for security, data rate, storage capacity, and redundancy." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1375", "Certificate Number": "1375", "Vendor Name": "VT iDirect, Inc.", "Module Name": "Evolution® e8350 Satellite Router [1], iNFINITI® 7350 Satellite Router [2], iNFINITI® iConnex 700 Satellite Router [3], Evolution® iConnex e800 Satellite Router [4], iNFINITI® M1D1-T Line Card [5], iNFINITI® M1D1-T Line Card w/ 10 MHz [6] and iNFINITI® M1D1-T-IND Line Card [7]", "Module Type": "Hardware", "Validation Date": "07/22/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1375.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1375", "detail_available": true, "module_name": "Evolution® e8350 Satellite Router [1], iNFINITI® 7350 Satellite Router [2], iNFINITI® iConnex 700 Satellite Router [3], Evolution® iConnex e800 Satellite Router [4], iNFINITI® M1D1-T Line Card [5], iNFINITI® M1D1-T Line Card w/ 10 MHz [6] and iNFINITI® M1D1-T-IND Line Card [7]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "iDirect's AES-based bidirectional link encryption, combined with other system features such as cutting-edge coding techniques, acceleration and compression provides a fully integrated IP networking solution where security, performance and bandwidth efficiency are critical." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1374", "Certificate Number": "1374", "Vendor Name": "AccessData Corp", "Module Name": "AccessData Secure Network Communications FIPS 140-2 Module", "Module Type": "Software", "Validation Date": "08/26/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1374.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1374", "detail_available": true, "module_name": "AccessData Secure Network Communications FIPS 140-2 Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "This module contains the embedded module OpenSSL FIPS Object Module validated to FIPS 140-2 under Cert. #918 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The AccessData Secure Network Communications FIPS 140-2 Object Module is a cryptographic module that operates as a multi-chip component library positioned between the FIPS 140-2 validated OpenSSL FIPS Object Module version 1.1.2 API and a host application. The AccessData Secure Network Communications module provides to any AccessData application that incorporates it, electronic encryption designed to prevent unauthorized access to data transferred across a physical or wireless TCP/IP network.", "algorithms": [ "AES", "DES", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1373", "Certificate Number": "1373", "Vendor Name": "Riverbed Technology, Inc.", "Module Name": "Steelhead 250 and Steelhead 550 Appliances", "Module Type": "Hardware", "Validation Date": "07/21/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1373.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1373", "detail_available": true, "module_name": "Steelhead 250 and Steelhead 550 Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with tamper evident seals and security panels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Steelhead family of appliances provides application acceleration and accelerated data transfer over a wide area network (WAN), overcoming bandwidth and geographical limitations to improve productivity and enable global collaboration." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1372", "Certificate Number": "1372", "Vendor Name": "KoolSpan, Inc.", "Module Name": "KoolSpan TrustChip Developer Kit (TDK) Cryptographic Library", "Module Type": "Software", "Validation Date": "07/21/201004/12/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1372.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1372", "detail_available": true, "module_name": "KoolSpan TrustChip Developer Kit (TDK) Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The KoolSpan TrustChip® Developer Kit (TDK) Cryptographic Library provides cross-platform cryptographic security functions for application developers to integrate cryptographic services into a library, application, or system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1371", "Certificate Number": "1371", "Vendor Name": "FalconStor Software, Inc.", "Module Name": "FalconStor Cryptographic Module", "Module Type": "Software", "Validation Date": "07/21/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1371.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1371", "detail_available": true, "module_name": "FalconStor Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Cryptographic Library for Authentication and Encryption Implementations for All FalconStor Software Products" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1370", "Certificate Number": "1370", "Vendor Name": "Firetide, Inc.", "Module Name": "HotPort 7000-Series Wireless Mesh Nodes: HotPort 7100 and HotPort 7200", "Module Type": "Hardware", "Validation Date": "07/21/201007/05/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1370.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1370", "detail_available": true, "module_name": "HotPort 7000-Series Wireless Mesh Nodes: HotPort 7100 and HotPort 7200", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Firetide HotPort 7100 indoor and HotPort 7200 are dual radio mimo mesh nodes that provide wireless backhaul infrastructure, bandwidth needed to expand the reach of the existing networks, and other wireless capabilities for defence, municipal, industrial, and enterprise users, while adding a variety of fixed and mobile applications; city-wide video surveillance, traffic management, and intelligent transportation systems, infrastructure access for mobile city workers, and wireless broadband for underserved areas." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1369", "Certificate Number": "1369", "Vendor Name": "Cavium Networks", "Module Name": "NITROX XL 1600-NFBE HSM Family", "Module Type": "Hardware", "Validation Date": "07/21/201012/06/201012/27/201207/24/201401/11/201703/29/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1369.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1369", "detail_available": true, "module_name": "NITROX XL 1600-NFBE HSM Family", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The NITROX XL 1600-NFBE HSM adapter family delivers the worldÆs fastest FIPS 140-2 Level 3 Hardware Security Module (HSM) with PCIe Gen 2.0. The NITROX XL family of adapters offers up to 45,000 RSA operations per second and 5 Gbps of bulk crypto performance and is certified to the stringent US Government security standards. This FIPS family delivers an unmatched solution to the increasing performance, cryptographic and time to market requirements of the financial, government and healthcare vertical markets" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1368", "Certificate Number": "1368", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet Encryptor, Model 650", "Module Type": "Hardware", "Validation Date": "07/21/201009/07/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1368.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1368", "detail_available": true, "module_name": "SafeNet Encryptor, Model 650", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeNet Encryptor provides data privacy and access control for connections between vulnerable public and private SONET/SDH networks or 10G Ethernet networks. It employs federally endorsed AES and Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in a SONET OC-192 network or 10G Ethernet network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1367", "Certificate Number": "1367", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet Encryptor, Model 600", "Module Type": "Hardware", "Validation Date": "07/21/201008/12/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1367.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1367", "detail_available": true, "module_name": "SafeNet Encryptor, Model 600", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode) (Note: Refer to the cryptographic module’s security policy for the details on the letter i and x designations", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeNet Encryptor provides data privacy and access control for connections between vulnerable public and private SONET/SDH or Ethernet networks. It employs FIPS approved AES and Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in SONET 155 MB (OC-3), 622 MB (OC-12), 1.0 GB, and 2.4 GB (OC-48) networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1366", "Certificate Number": "1366", "Vendor Name": "Lexmark International, Inc.", "Module Name": "Lexmark PrintCryption", "Module Type": "Firmware", "Validation Date": "07/21/201008/12/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1366.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1366", "detail_available": true, "module_name": "Lexmark PrintCryption", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "Requires Option P/N 30G0829 to enable the PrintCryption firmware.", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The Lexmark PrintCryption is an option for the Lexmark printers that enables the transfer and printing of encrypted print jobs. With the PrintCryption module installed, the printer is capable of decrypting print jobs encrypted with the AES (FIPS 197) algorithm. The Lexmark PrintCryption analyzes the encrypted data stream, determines if the correct key was used to encrypt the data, decrypts the data and allows the confidential document to be printed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1365", "Certificate Number": "1365", "Vendor Name": "ProStor Systems, Inc.", "Module Name": "InfiniVault Server", "Module Type": "Hardware", "Validation Date": "07/21/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1365.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1365", "detail_available": true, "module_name": "InfiniVault Server", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the embedded module Windows Server 2003 Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #1012 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "InfiniVault Server is part of a hardware Network Attached Storage device running on a Windows Storage Server 2003 R2 x64 SP2 OS." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1364", "Certificate Number": "1364", "Vendor Name": "Marvell Semiconductor, Inc.", "Module Name": "Solaris 2", "Module Type": "Hardware", "Validation Date": "07/21/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1364.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1364", "detail_available": true, "module_name": "Solaris 2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Solaris 2 is a highly integrated and custom System-on-Chip (SOC) product, customized for high performance hard disk drives. It employs the latest read/write channel technology with advanced detection and correction capabilities suitable for high density drives. Its unique all-in-one security design features enable an efficient and secure implementation of the full drive encryption (FDE) functions that support Trusted Computing Group (TCG) based access control, authentication and FDE key management. FIPS-Approved algorithms supported include AES, SHA, HMAC, RSA and RNG." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1362", "Certificate Number": "1362", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "ASTRO PDEG Motorola Advanced Crypto Engine (MACE)", "Module Type": "Hardware", "Validation Date": "07/12/201005/12/201101/30/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1362.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1362", "detail_available": true, "module_name": "ASTRO PDEG Motorola Advanced Crypto Engine (MACE)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The ASTRO PDEG MACE provides secure key management and data encryption for the Astro System." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1361", "Certificate Number": "1361", "Vendor Name": "Cavium Networks", "Module Name": "NITROX XL CN15xx-NFBE FIPS Cryptographic Modules", "Module Type": "Hardware", "Validation Date": "07/12/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1361.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1361", "detail_available": true, "module_name": "NITROX XL CN15xx-NFBE FIPS Cryptographic Modules", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Cavium Nitrox XL NFBE FIPS Cryptographic Modules are a cryptographic component of the Nitrox XL NFBE cryptographic acceleration boards that provide cryptographic key protection and acceleration for both asymmetric and symmetric encryption operations. The cryptographic module is contained in its own secure enclosure that provides physical resistance to tampering and zeroization of plaintext cryptographic material in the event the enclosure is opened.", "algorithms": [ "AES", "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1360", "Certificate Number": "1360", "Vendor Name": "Cavium Networks", "Module Name": "NITROX XL CN15xx-NFBE FIPS Cryptographic Module", "Module Type": "Hardware", "Validation Date": "07/12/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1360.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1360", "detail_available": true, "module_name": "NITROX XL CN15xx-NFBE FIPS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Cavium Nitrox XL NFBE FIPS Cryptographic Modules are a cryptographic component of the Nitrox XL NFBE cryptographic acceleration boards that provide cryptographic key protection and acceleration for both asymmetric and symmetric encryption operations. The cryptographic module is contained in its own secure enclosure that provides physical resistance to tampering and zeroization of plaintext cryptographic material in the event the enclosure is opened.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1359", "Certificate Number": "1359", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto CDC Module for MEAP", "Module Type": "Software", "Validation Date": "07/12/201009/07/201003/28/201101/24/201302/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1359.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1359", "detail_available": true, "module_name": "RSA BSAFE® Crypto CDC Module for MEAP", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS140_MODE or FIPS140_SSL_MODE", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSA BSAFE TLS-J ME security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1358", "Certificate Number": "1358", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto CDC Module", "Module Type": "Software", "Validation Date": "07/12/201009/07/201003/28/201101/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1358.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1358", "detail_available": true, "module_name": "RSA BSAFE® Crypto CDC Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS140_MODE or FIPS140_SSL_MODE", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSA BSAFE TLS-J ME security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1357", "Certificate Number": "1357", "Vendor Name": "Unisys Corporation", "Module Name": "Unisys OS 2200 Cryptographic Library", "Module Type": "Software", "Validation Date": "07/12/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1357.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1357", "detail_available": true, "module_name": "Unisys OS 2200 Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Unisys OS 2200 Cryptographic Library provides Unisys OS 2200 programs with access to FIPS-approved cryptographic services.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1356", "Certificate Number": "1356", "Vendor Name": "Texas Instruments", "Module Name": "DLP Cinema®, Series 2 Enigma Link Decryptor", "Module Type": "Hardware", "Validation Date": "07/12/201008/12/201001/13/201112/07/201111/30/201204/11/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1356.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1356", "detail_available": true, "module_name": "DLP Cinema®, Series 2 Enigma Link Decryptor", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Texas Instruments Enigma Cryptographic Module is a multi-chip embedded cryptographic module designed to protect digital movie content in accordance with Digital Cinema Initiatives V1.2. The Enigma is a Link Decryptor module designed to reside within a host cinema projector." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1355", "Certificate Number": "1355", "Vendor Name": "Schneider Electric", "Module Name": "Continuum Network Security Module", "Module Type": "Firmware", "Validation Date": "07/12/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1355.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1355", "detail_available": true, "module_name": "Continuum Network Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated only on the specific platforms specified", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The Continuum Network Security module is part of the NetController II or ACX Series of controllers to provide the most secure method of communications amongst peer controllers and Cyberstation Workstations on the Ethernet/IP network by providing FIPS 140-2 certified encryption algorithms that are used by the IPSec/IKE protocol built into these controllers to automate building operations for HVAC, Lighting, and Physical Access Control." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1354", "Certificate Number": "1354", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI 3000 and Luna® PCI 7000 Cryptographic Modules, V3.0", "Module Type": "Hardware", "Validation Date": "07/12/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1354.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1354", "detail_available": true, "module_name": "Luna® PCI 3000 and Luna® PCI 7000 Cryptographic Modules, V3.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Luna® PCI is a family of high-security cryptographic PCI accelerator cards (the same cards that power the acclaimed Luna½ SA Network HSM). Luna PCI offers dedicated hardware-based key management to protect sensitive cryptographic keys from attack. The high-security hardware design ensures the integrity and protection of encryption keys throughout their life cycle. All digital signing and verification operations are performed within the HSM to increase performance and maintain security. Luna PCI HSMs provide hardware-secured key generation, storage, secure key backup, and accelerated encryption", "algorithms": [ "AES", "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1353", "Certificate Number": "1353", "Vendor Name": "AirMagnet, Inc.", "Module Name": "SmartEdge Sensor A5200, A5205, A5220 and A5225", "Module Type": "Hardware", "Validation Date": "07/12/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1353.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1353", "detail_available": true, "module_name": "SmartEdge Sensor A5200, A5205, A5220 and A5225", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SmartEdge Sensor is equipped with patent pending AirWISE Analytical Engine that, in real time, monitors and analyzes the security, performance, and reliability of the wireless network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1352", "Certificate Number": "1352", "Vendor Name": "Telephonics Corp.", "Module Name": "TruLink Control Logic Module CL6792-M1", "Module Type": "Hardware", "Validation Date": "07/12/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1352.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1352", "detail_available": true, "module_name": "TruLink Control Logic Module CL6792-M1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "TruLink is a wireless intercom system for use in military and harsh industrial environments. It provides fully duplex wireless communication. TruLink users can converse among themselves without pressing a Push to Talk button or waiting for another user to finish their transmission. The system supports 50 channels. Up to 31 users can be logged on to a channel. Each channel is an independent network. TruLink employs a unique noise cancellation system that automatically adjusts its VOX switching level to match the ambient noise level and subtracts this noise from the user's transmitted audio." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1351", "Certificate Number": "1351", "Vendor Name": "Telephonics Corp.", "Module Name": "TruLink Control Logic Module CL6882-M1", "Module Type": "Hardware", "Validation Date": "07/12/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1351.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1351", "detail_available": true, "module_name": "TruLink Control Logic Module CL6882-M1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "TruLink is a wireless intercom system for use in military and harsh industrial environments. It provides fully duplex wireless communication. TruLink users can converse among themselves without pressing a Push to Talk button or waiting for another user to finish their transmission. The system supports 50 channels. Up to 31 users can be logged on to a channel. Each channel is an independent network. TruLink employs a unique noise cancellation system that automatically adjusts its VOX switching level to match the ambient noise level and subtracts this noise from the user's transmitted audio." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1350", "Certificate Number": "1350", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI-e 3000, Luna® PCI-e 3000 Short-Form Factor (SFF), Luna® PCI-e 7000 and Luna® PCI-e 7000 SFF Cryptographic Modules, V3.0", "Module Type": "Hardware", "Validation Date": "07/12/201007/27/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1350.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1350", "detail_available": true, "module_name": "Luna® PCI-e 3000, Luna® PCI-e 3000 Short-Form Factor (SFF), Luna® PCI-e 7000 and Luna® PCI-e 7000 SFF Cryptographic Modules, V3.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "For maximum security, Luna PCI-E offers dedicated hardware key management to protect sensitive cryptographic keys from attack. The high security design ensures the integrity and protection of encryption keys throughout their life cycle. Luna PCI-E provides hardware secure key generation, storage, secure key backup and accelerated encryption in a range of models and configurations, offering a wide selection of security, performance and operational capabilities. The PCI Express bus on Luna PCI-E easily plugs into the host computer and provides reliable protection for data, applications, and dig", "algorithms": [ "AES", "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1349", "Certificate Number": "1349", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI-e 3000, Luna® PCI-e 3000 Short-Form Factor (SFF), Luna® PCI-e 7000 and Luna® PCI-e 7000 SFF Cryptographic Modules, V3.0", "Module Type": "Hardware", "Validation Date": "07/12/201007/27/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1349.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1349", "detail_available": true, "module_name": "Luna® PCI-e 3000, Luna® PCI-e 3000 Short-Form Factor (SFF), Luna® PCI-e 7000 and Luna® PCI-e 7000 SFF Cryptographic Modules, V3.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "For maximum security, Luna PCI-E offers dedicated hardware key management to protect sensitive cryptographic keys from attack. The high security design ensures the integrity and protection of encryption keys throughout their life cycle. Luna PCI-E provides hardware secure key generation, storage, secure key backup and accelerated encryption in a range of models and configurations, offering a wide selection of security, performance and operational capabilities. The PCI Express bus on Luna PCI-E easily plugs into the host computer and provides reliable protection for data, applications, and dig", "algorithms": [ "AES", "DES", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1348", "Certificate Number": "1348", "Vendor Name": "Motorola, Inc.", "Module Name": "Wireless Access Point AP-7131N-44040-FGR, AP-7131N-44040-FWW, AP-7131N-44040-FIL, AP-7131N-66040-FGR, AP-7131N-66040-FWW and AP-7131N-66040-FIL", "Module Type": "Hardware", "Validation Date": "06/22/201009/15/201007/19/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1348.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1348", "detail_available": true, "module_name": "Wireless Access Point AP-7131N-44040-FGR, AP-7131N-44040-FWW, AP-7131N-44040-FIL, AP-7131N-66040-FGR, AP-7131N-66040-FWW and AP-7131N-66040-FIL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The AP-7131 802.11 Wireless Access Point delivers the throughput, coverage and resiliency required to build an all-wireless enterprise. The dual-radio design provides simultaneous support for high-speed wireless voice and data services, self-healing mesh networking and non-data applications such as Motorola''s Wireless IPS" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1347", "Certificate Number": "1347", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI 3000 and Luna® PCI 7000 Cryptographic Modules, V3.0", "Module Type": "Hardware", "Validation Date": "06/22/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1347.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1347", "detail_available": true, "module_name": "Luna® PCI 3000 and Luna® PCI 7000 Cryptographic Modules, V3.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Luna® PCI is a family of high-security cryptographic PCI accelerator cards (the same cards that power the acclaimed Luna+ SA Network HSM). Luna PCI offers dedicated hardware-based key management to protect sensitive cryptographic keys from attack. The high-security hardware design ensures the integrity and protection of encryption keys throughout their life cycle. All digital signing and verification operations are performed within the HSM to increase performance and maintain security. Luna PCI HSMs provide hardware-secured key generation, storage, secure key backup, and accelerated encryption", "algorithms": [ "AES", "DES", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1346", "Certificate Number": "1346", "Vendor Name": "Tripwire, Inc.", "Module Name": "Tripwire Cryptographic Module", "Module Type": "Software", "Validation Date": "06/22/201007/02/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1346.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1346", "detail_available": true, "module_name": "Tripwire Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Tripwire Cryptographic Module supports many FIPS approved cryptographic operations, providing other Tripwire products and Java-based applications access to these algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1345", "Certificate Number": "1345", "Vendor Name": "McAfee, Inc.", "Module Name": "Network Security Platform Sensor M-8000 S", "Module Type": "Hardware", "Validation Date": "07/01/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1345.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1345", "detail_available": true, "module_name": "Network Security Platform Sensor M-8000 S", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network SecurityManagement system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1344", "Certificate Number": "1344", "Vendor Name": "McAfee, Inc.", "Module Name": "Network Security Platform Sensor M-8000 P", "Module Type": "Hardware", "Validation Date": "06/22/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1344.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1344", "detail_available": true, "module_name": "Network Security Platform Sensor M-8000 P", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network SecurityManagement system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1343", "Certificate Number": "1343", "Vendor Name": "AudioCodes", "Module Name": "Media Pack Family MP-112 [1] and MP-124 [2]", "Module Type": "Hardware", "Validation Date": "06/15/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1343.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1343", "detail_available": true, "module_name": "Media Pack Family MP-112 [1] and MP-124 [2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Voice-over-IP media gateway" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1342", "Certificate Number": "1342", "Vendor Name": "AudioCodes", "Module Name": "Trunk Pack Module TPM-6300 D6 [1] and TPM-6300 D21 [2]", "Module Type": "Hardware", "Validation Date": "06/15/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1342.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1342", "detail_available": true, "module_name": "Trunk Pack Module TPM-6300 D6 [1] and TPM-6300 D21 [2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Voice-over-IP media gateway" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1341", "Certificate Number": "1341", "Vendor Name": "Chunghwa Telecom Co., Ltd.", "Module Name": "HICOS PKI Smart Card Chip", "Module Type": "Hardware", "Validation Date": "06/09/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1341.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1341", "detail_available": true, "module_name": "HICOS PKI Smart Card Chip", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The HICOS PKI Smart Card Chip module is a single chip implementation of a cryptographic module. The HICOS PKI Smart Card Chip module is mounted in an ID-1 class smart card body that adheres to ISO/IEC specifications for Integrated Circuit Chip (ICC) based identification cards. The HICOS PKI Smart Card Chip cryptographic module contains an implementation of the Open Platform (OP) Version 2.1.1 specification defining a secure infrastructure for post-issuance programmable smart card chips." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1340", "Certificate Number": "1340", "Vendor Name": "AEP Networks", "Module Name": "Advanced Configurable Cryptographic Environment (ACCE) 2", "Module Type": "Hardware", "Validation Date": "06/09/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1340.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1340", "detail_available": true, "module_name": "Advanced Configurable Cryptographic Environment (ACCE) 2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 4, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Advanced Configurable Cryptographic Environment (ACCE) 2 crypto module offers the next generation security platform for managing cryptographic keys and protecting sensitive applications. The (ACCE) 2 crypto module is a hardware security module (HSM) designed for managing mission critical applications that demand maximum security. It is ideally suited for companies that need secure key management for certification authorities, registration authorities, OCSP responders, smart card issuers, web servers and other applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1339", "Certificate Number": "1339", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Server 2008 R2 BitLocker™ Drive Encryption", "Module Type": "Software", "Validation Date": "11/15/201003/28/201106/01/201110/04/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1339.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1339", "detail_available": true, "module_name": "Windows Server 2008 R2 BitLocker™ Drive Encryption", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Windows Server 2008 R2 Boot Manager (bootmgr) (Cert. #1321), Windows Server 2008 R2 Winload OS Loader (winload.exe) (Cert. #1333), Windows Server 2008 R2 Code Integrity (ci.dll) (Cert. #1334), Microsoft Windows Server 2008 R2 Kernel Mode Cryptographic Primitives Library (cng.sys) (Cert. #1335) and Microsoft Windows Server 2008 R2 Cryptographic Primitives Library (bcryptprimitives.dll) (Cert. #1336) all validated under FIPS 140-2 and all operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Windows BitLocker Drive Encryption is a data protection feature available in Windows Server 2008 R2. BitLocker provides enhanced protection against data theft or exposure on computers that are lost or stolen, and more secure data deletion when BitLocker-protected computers are decommissioned." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1338", "Certificate Number": "1338", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Server 2008 R2 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)", "Module Type": "Software", "Validation Date": "08/12/201006/01/201106/21/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1338.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1338", "detail_available": true, "module_name": "Windows Server 2008 R2 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #1334 operating in FIPS mode and Kernel Mode Cryptographic Primitives Library (cng.sys) validated to FIPS 140-2 under Cert. #1335 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "DSSENH encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. Software developers dynamically link the Microsoft DSSENH module into their applications to provide FIPS 140-2 compliant cryptographic support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1337", "Certificate Number": "1337", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Server 2008 R2 Enhanced Cryptographic Provider (RSAENH)", "Module Type": "Software", "Validation Date": "08/19/201006/01/201106/21/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1337.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1337", "detail_available": true, "module_name": "Windows Server 2008 R2 Enhanced Cryptographic Provider (RSAENH)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Windows Server 2008 R2 Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #1334 operating in FIPS mode and Microsoft Windows Server 2008 R2 Kernel Mode Cryptographic Primitives Library (cng.sys) validated to FIPS 140-2 under Cert. #1335 operating in FIPS mode.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSAENH encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. Developers dynamically link the Microsoft RSAENH module into their applications to provide FIPS 140-2 compliant cryptographic support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1336", "Certificate Number": "1336", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Windows Server 2008 R2 Cryptographic Primitives Library (bcryptprimitives.dll)", "Module Type": "Software", "Validation Date": "08/12/201006/01/201106/21/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1336.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1336", "detail_available": true, "module_name": "Microsoft Windows Server 2008 R2 Cryptographic Primitives Library (bcryptprimitives.dll)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Windows Server 2008 R2 Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #1334 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "BCRYPT.DLL provides cryptographic services, through its documented interfaces, to Windows components and applications running on Windows. The cryptographic module, bcryptprimitives.dll, encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CNG (Cryptography, Next Generation) API. It can be dynamically linked into applications by software developers to permit the use of general-purpose FIPS 140-2 compliant cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1335", "Certificate Number": "1335", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Windows Server 2008 R2 Kernel Mode Cryptographic Primitives Library (cng.sys)", "Module Type": "Software", "Validation Date": "08/12/201006/01/201106/21/201102/09/201201/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1335.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1335", "detail_available": true, "module_name": "Microsoft Windows Server 2008 R2 Kernel Mode Cryptographic Primitives Library (cng.sys)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Windows Server 2008 R2 Winload OS Loader (winload.exe) validated to FIPS 140-2 under Cert. #1333 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "CNG.SYS runs as a kernel mode export driver, and provides cryptographic services, through their documented interfaces, to Windows Server 2008 R2 kernel components. It supports several cryptographic algorithms accessible via a FIPS function table request irp (I/O request packet)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1334", "Certificate Number": "1334", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Server 2008 R2 Code Integrity (ci.dll)", "Module Type": "Software", "Validation Date": "06/15/201006/01/201106/21/201101/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1334.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1334", "detail_available": true, "module_name": "Windows Server 2008 R2 Code Integrity (ci.dll)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Windows Server 2008 R2 Winload OS Loader (winload.exe) validated to FIPS 140-2 under Cert. #1333 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This is a dynamically linked library that runs as ntoskrnl.exe. It verifies the integrity of executable files, including kernel mode drivers, critical system components and user mode crypto modules, before these files are loaded from disk into memory by the memory manager." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1333", "Certificate Number": "1333", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Server 2008 R2 Winload OS Loader (winload.exe)", "Module Type": "Software", "Validation Date": "06/15/201006/01/201106/21/201110/17/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1333.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1333", "detail_available": true, "module_name": "Windows Server 2008 R2 Winload OS Loader (winload.exe)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Windows Server 2008 R2 Boot Manager (bootmgr) validated to FIPS 140-2 under Cert. #1321 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This is the OS loader. It loads the boot-critical driver image files and the OS kernel image file itself." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1332", "Certificate Number": "1332", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows 7 BitLocker™ Drive Encryption", "Module Type": "Software", "Validation Date": "11/15/201003/28/201106/01/201110/04/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1332.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1332", "detail_available": true, "module_name": "Windows 7 BitLocker™ Drive Encryption", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Windows 7 Boot Manager (bootmgr) (Cert. #1319), Windows 7 Winload OS Loader (winload.exe) (Cert. #1326), Windows 7 Code Integrity (ci.dll) (Cert. #1327), Microsoft Windows 7 Kernel Mode Cryptographic Primitives Library (cng.sys) (Cert. #1328) and Microsoft Windows 7 Cryptographic Primitives Library (bcryptprimitives.dll) (Cert. #1329) all validated under FIPS 140-2 and all operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Windows BitLocker Drive Encryption is a data protection feature available in Windows 7 Enterprise and Windows 7 Ultimate for client computers. BitLocker provides enhanced protection against data theft or exposure on computers that are lost or stolen, and more secure data deletion when BitLocker-protected computers are decommissioned." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1331", "Certificate Number": "1331", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows 7 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)", "Module Type": "Software", "Validation Date": "08/12/201006/01/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1331.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1331", "detail_available": true, "module_name": "Windows 7 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Windows 7 Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #1327 operating in FIPS mode and Microsoft Windows 7 Kernel Mode Cryptographic Primitives Library (cng.sys) validated to FIPS 140-2 under Cert. #1328 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "DSSENH encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. Software developers dynamically link the Microsoft DSSENH module into their applications to provide FIPS 140-2 compliant cryptographic support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1330", "Certificate Number": "1330", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows 7 Enhanced Cryptographic Provider (RSAENH)", "Module Type": "Software", "Validation Date": "08/18/201006/01/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1330.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1330", "detail_available": true, "module_name": "Windows 7 Enhanced Cryptographic Provider (RSAENH)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Windows 7 Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #1327 operating in FIPS mode and Microsoft Windows 7 Kernel Mode Cryptographic Primitives Library (cng.sys) validated to FIPS 140-2 under Cert. #1328 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSAENH encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. Developers dynamically link the Microsoft RSAENH module into their applications to provide FIPS 140-2 compliant cryptographic support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1329", "Certificate Number": "1329", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Windows 7 Cryptographic Primitives Library (bcryptprimitives.dll)", "Module Type": "Software", "Validation Date": "08/12/201006/01/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1329.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1329", "detail_available": true, "module_name": "Microsoft Windows 7 Cryptographic Primitives Library (bcryptprimitives.dll)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Windows 7 Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #1327 operating in FIPSmode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The cryptographic module, bcryptprimitives.dll, encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CNG (Cryptography, Next Generation) API. It can be dynamically linked into applications by software developers to permit the use of general-purpose FIPS 140-2 compliant cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1328", "Certificate Number": "1328", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Windows 7 Kernel Mode Cryptographic Primitives Library (cng.sys)", "Module Type": "Software", "Validation Date": "08/12/201006/01/201102/09/201201/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1328.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1328", "detail_available": true, "module_name": "Microsoft Windows 7 Kernel Mode Cryptographic Primitives Library (cng.sys)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Windows 7 Winload OS Loader (winload.exe) validated to FIPS 140-2 under Cert. #1326 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "CNG.SYS runs as a kernel mode export driver, and provides cryptographic services, through their documented interfaces, to Windows 7 kernel components. It supports several cryptographic algorithms accessible via a FIPS function table request irp (I/O request packet)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1327", "Certificate Number": "1327", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows 7 Code Integrity (ci.dll)", "Module Type": "Software", "Validation Date": "06/15/201006/01/201101/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1327.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1327", "detail_available": true, "module_name": "Windows 7 Code Integrity (ci.dll)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Windows 7 Winload OS Loader (winload.exe) validated to FIPS 140-2 under Cert. #1326 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This is a dynamically linked library that runs as ntoskrnl.exe. It verifies the integrity of executable files, including kernel mode drivers, critical system components and user mode crypto modules, before these files are loaded from disk into memory by the memory manager." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1326", "Certificate Number": "1326", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows 7 Winload OS Loader (winload.exe)", "Module Type": "Software", "Validation Date": "06/15/201006/01/201110/17/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1326.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1326", "detail_available": true, "module_name": "Windows 7 Winload OS Loader (winload.exe)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Windows 7 Boot Manager (bootmgr) validated to FIPS 140-2 under Cert. #1319 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This is the OS loader. It loads the boot-critical driver image files and the OS kernel image file itself." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1325", "Certificate Number": "1325", "Vendor Name": "PGP Corporation", "Module Name": "PGP Cryptographic Engine", "Module Type": "Software", "Validation Date": "06/22/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1325.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1325", "detail_available": true, "module_name": "PGP Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The PGP Cryptographic Engine includes a wide range of field-tested and standards-based encryption, and encoding algorithms used by PGP Whole Disk Encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1324", "Certificate Number": "1324", "Vendor Name": "Comtech Mobile Datacom Corporation", "Module Name": "Transceiver Cryptographic Module (TCM)", "Module Type": "Hardware", "Validation Date": "07/12/201004/18/201605/08/201810/16/2020", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1324.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1324", "detail_available": true, "module_name": "Transceiver Cryptographic Module (TCM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Transceiver Cryptographic Module is a compact hardware module with a firmware component for implementation of cryptographic algorithms. The Crypto Module, in connetion with Comtech's ASDR Transceiver, enables secure over-the-air communications. The module provides a serial interface for communication over a pair of SPI ports." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1323", "Certificate Number": "1323", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "05/20/201009/07/201010/26/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1323.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1323", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1322", "Certificate Number": "1322", "Vendor Name": "Thales e-Security Inc.", "Module Name": "TSPP", "Module Type": "Hardware", "Validation Date": "06/22/201003/28/201104/12/201111/08/201101/11/201207/09/201203/28/201301/30/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1322.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1322", "detail_available": true, "module_name": "TSPP", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Thales' TSPP is the multi-chip embedded cryptographic module in its payShield 9000 family of hardware security modules used in the Banking and Finance sector for securing card-based payment transactions. The product family is also used to provide dedicated functionality for key management and message security using algorithms such as Triple-DES, RSA, SHA, HMAC, and AES. TSPP contains a secure bootstrap that authenticates application loading using DSA 2048, so that only application software written by and \"signed\" by Thales can be loaded and run on TSPP-based products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1321", "Certificate Number": "1321", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Server 2008 R2 Boot Manager (bootmgr)", "Module Type": "Software", "Validation Date": "06/22/201006/01/201106/21/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1321.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1321", "detail_available": true, "module_name": "Windows Server 2008 R2 Boot Manager (bootmgr)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This is the system boot manager, called by the bootstrapping code that resides in the boot sector. It checks its own integrity and then checks the integrity of the OS loader and launches it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1320", "Certificate Number": "1320", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 5 OpenSSL Cryptographic Module", "Module Type": "Software", "Validation Date": "06/09/201006/14/201209/06/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1320.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1320", "detail_available": true, "module_name": "Red Hat Enterprise Linux 5 OpenSSL Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. When obtained, installed, and initialized as assumed by the Crypto Officer role and specified in Section 9.1 of the provided Security Policy. The Security Policy specifies the precise RPM file containing this module. The integrity of the RPM is automatically verified during the installation and the Crypto officer shall not install the module if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The OpenSSL FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the OpenSSL library version 0.9.8 delivered with RHEL 5.4 or RHEL 5.8." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1319", "Certificate Number": "1319", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows 7 Boot Manager (bootmgr)", "Module Type": "Software", "Validation Date": "06/09/201006/01/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1319.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1319", "detail_available": true, "module_name": "Windows 7 Boot Manager (bootmgr)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This is the system boot manager, called by the bootstrapping code that resides in the boot sector. It checks its own integrity and then checks the integrity of the OS loader and launches it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1318", "Certificate Number": "1318", "Vendor Name": "Redline Communications", "Module Name": "AN-80i Broadband Wireless Infrastructure Radio", "Module Type": "Hardware", "Validation Date": "06/01/201006/14/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1318.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1318", "detail_available": true, "module_name": "AN-80i Broadband Wireless Infrastructure Radio", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The AN-80i system is a broadband wireless infrastructure product designed to provide long range Ethernet connectivity between points of presence spread across a metro or regional area network. It operates in Point-to-Point (PTP) and Point to Multipoint (PMP) configuration in the same hardware platform. Operating in both licensed and unlicensed frequency bands, the AN-80i is a rugged all outdoor system that enables organizations such as government and public safety agencies, schools, large mission critical enterprises including banks, hospitals, utilities, as well as service providers to sol", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1317", "Certificate Number": "1317", "Vendor Name": "Harris Corporation", "Module Name": "RF-7800W Broadband Ethernet Radio", "Module Type": "Hardware", "Validation Date": "06/01/201006/14/201003/14/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1317.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1317", "detail_available": true, "module_name": "RF-7800W Broadband Ethernet Radio", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The RF-7800W-OU440 Broadband Ethernet Radio (BER) is designed for High Capacity Line of Sight (HCLOS) networks with broadband Ethernet requirements. The radio can be mounted on a mast for quick deployment or on a tower system designed for long haul back bone systems. The BER operates in the 4.4 to 5.0 GHz frequency band. The BER is an ideal wireless networking solution for public safety, first responders, training, and simulation networks, and long haul/short haul battlefield communications. The RF-7800W operates in Point-to-Point (PTP) and Point to Multipoint (PMP) in the same platform.", "algorithms": [ "AES", "DES", "DRBG", "DSA", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1316", "Certificate Number": "1316", "Vendor Name": "Kingston Technology, Inc.", "Module Name": "DataTraveler 5000", "Module Type": "Hardware", "Validation Date": "05/19/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1316.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1316", "detail_available": true, "module_name": "DataTraveler 5000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Kingston's ultra-secure DataTraveler 5000 USB Flash drive protects sensitive data with FIPS 140-2 Level 2 certification and 256-bit AES hardware-based encryption. Secured by SPYRUS, DT5000 uses elliptic curve cryptography encryption algorithms (ECC) that meet the Suite B standards approved by the U.S. government. The drive features complex password protection and locks down after 10 intrusion attempts. DT5000 is waterproof (up to 4 feet) and features a rugged, titanium-coated steel casing." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1315", "Certificate Number": "1315", "Vendor Name": "Cimcor, Inc.", "Module Name": "Cimcor Cryptographic Module", "Module Type": "Software", "Validation Date": "06/10/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1315.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1315", "detail_available": true, "module_name": "Cimcor Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Cimcor Cryptographic Module is a multi-platform library that provides secure FIPS 140-2 validated hashing, encryption, and decryption methods and a variety of other cryptographic functions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1314", "Certificate Number": "1314", "Vendor Name": "Dell Software, Inc.", "Module Name": "NSA E7500", "Module Type": "Hardware", "Validation Date": "05/19/201004/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1314.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1314", "detail_available": true, "module_name": "NSA E7500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "NSA E-Class: The Dell SonicWALL E-Class Network Security Appliance (NSA) Series is engineered to provide high performance Unified Threat Management (UTM) threat prevention and application inspection to meet the needs of expanding enterprise networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1313", "Certificate Number": "1313", "Vendor Name": "Dell Software, Inc.", "Module Name": "NSA E6500", "Module Type": "Hardware", "Validation Date": "05/19/201004/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1313.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1313", "detail_available": true, "module_name": "NSA E6500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "NSA E-Class: The Dell SonicWALL E-Class Network Security Appliance (NSA) Series is engineered to provide high performance Unified Threat Management (UTM) threat prevention and application inspection to meet the needs of expanding enterprise networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1312", "Certificate Number": "1312", "Vendor Name": "Dell Software, Inc.", "Module Name": "NSA 4500, NSA 5000 and NSA E5500", "Module Type": "Hardware", "Validation Date": "05/19/201004/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1312.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1312", "detail_available": true, "module_name": "NSA 4500, NSA 5000 and NSA E5500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "NSA Series: The Dell SonicWALL Network Security Appliance (NSA) Series is a high performance platform utilizing a unique multi-core architecture to provide high speed anti-virus, anti-spyware, intrusion prevention, content filtering, application inspection and protection and for the SMBs and large businesses." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1311", "Certificate Number": "1311", "Vendor Name": "Dell Software, Inc.", "Module Name": "NSA 3500", "Module Type": "Hardware", "Validation Date": "05/19/201004/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1311.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1311", "detail_available": true, "module_name": "NSA 3500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "NSA Series: The Dell SonicWALL Network Security Appliance (NSA) Series is a high performance platform utilizing a unique multi-core architecture to provide high speed anti-virus, anti-spyware, intrusion prevention, content filtering, application inspection and protection and for the SMBs and large businesses." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1310", "Certificate Number": "1310", "Vendor Name": "Cellcrypt Limited", "Module Name": "CCORE Module", "Module Type": "Software", "Validation Date": "05/19/201007/08/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1310.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1310", "detail_available": true, "module_name": "CCORE Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Crypto Core for secure communication platform", "algorithms": [ "AES", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1309", "Certificate Number": "1309", "Vendor Name": "BigFix, Inc.", "Module Name": "BigFix Cryptographic Module", "Module Type": "Software", "Validation Date": "05/10/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1309.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1309", "detail_available": true, "module_name": "BigFix Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The BigFix Cryptographic Module 1.0 is a software library that runs on a wide variety of computing platforms and performs encryption, hashing, and random number generation functions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1308", "Certificate Number": "1308", "Vendor Name": "CipherOptics Inc.", "Module Name": "CEP10-R", "Module Type": "Hardware", "Validation Date": "05/10/201006/14/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1308.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1308", "detail_available": true, "module_name": "CEP10-R", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The CipherOptics CEP encryptors are high performance, integrated encryption appliances that offers full line rate Ethernet Frame encryption for 10Mbps Ethernet transports. Housed in a tamper evident chassis, the CipherOptics CEP10-R has two functional 10BaseT Ethernet ports used for traffic. Traffic on the CEP's local port is received from and transmitted to the trusted network in the clear, while traffic on the CEP's remote port has security processing applied to it. Security processing can be data confidentiality, data integrity and data authentication." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1307", "Certificate Number": "1307", "Vendor Name": "CipherOptics Inc.", "Module Name": "CEP100, CEP100-XSA and CEP1000", "Module Type": "Hardware", "Validation Date": "05/10/201006/14/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1307.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1307", "detail_available": true, "module_name": "CEP100, CEP100-XSA and CEP1000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The CipherOptics CEP encryptors are high performance, integrated encryption appliances that offers full line rate Ethernet Frame encryption for 10Mbps Ethernet transports. Housed in a tamper evident chassis, the CipherOptics CEP has two functional 10BaseT Ethernet ports used for traffic. Traffic on the CEP local port is received from and transmitted to the trusted network in the clear, while traffic on the CEP's remote port has security processing applied to it. Security processing can be data confidentiality, data integrity and data authentication." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1306", "Certificate Number": "1306", "Vendor Name": "Kingston Technology, Inc.", "Module Name": "Kingston DataTraveler DT4000 Series USB Flash Drive", "Module Type": "Hardware", "Validation Date": "06/01/201007/27/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1306.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1306", "detail_available": true, "module_name": "Kingston DataTraveler DT4000 Series USB Flash Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode. The Software Clients v3.0.0.1 and v3.0.1 distributed with the module are excluded from the validation", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "As the worldÆs leading memory manufacturer, Kingston offers the marketplace a variety of secure USB devices designed to protect data at rest. By utilizing 256 bit AES encryption, the Kingston DataTraveler DT4000 Series USB Flash Drive drive offers a high level of security certified to FIPS 140-2 standards." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1305", "Certificate Number": "1305", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Red Hat Enterprise Linux 5 Libgcrypt Cryptographic Module", "Module Type": "Software", "Validation Date": "04/26/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1305.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1305", "detail_available": true, "module_name": "Red Hat Enterprise Linux 5 Libgcrypt Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and when obtained, installed and initialized as assumed by the Crypto Officer role and specified in Section 8.1 of the provided Security Policy. The Security Policy specifies the precise RPM file containing this module. The integrity of the RPM is automatically verified during the installation and the Crypto officer shall not install the module if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The libgcrypt FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the libgcrypt library version 1.4.4 delivered with RHEL 5.4.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1304", "Certificate Number": "1304", "Vendor Name": "ST Electronics (Info-Security) Pte Ltd", "Module Name": "DigiSAFE TrustCrypt", "Module Type": "Hardware", "Validation Date": "04/26/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1304.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1304", "detail_available": true, "module_name": "DigiSAFE TrustCrypt", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "DigiSAFE TrustCrypt is a programmable cryptographic module designed to support high assurance applications and provide secure cryptographic resources, including secure key generation and storage. It is built upon a secure physical enclosure and contains a secure bootstrap which authenticates application loading." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1303", "Certificate Number": "1303", "Vendor Name": "Utimaco Inc.", "Module Name": "Enterprise Secure Key Manager", "Module Type": "Hardware", "Validation Date": "04/26/201009/19/201101/25/201612/21/201712/04/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1303.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1303", "detail_available": true, "module_name": "Enterprise Secure Key Manager", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Enterprise Secure Key Manager (ESKM) automates key generation and management. It is a hardened security appliance delivering identity-based access, administration and logging. Additionally, the ESKM provides reliable lifetime key archival with automatic multi-site key replication and failover capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1302", "Certificate Number": "1302", "Vendor Name": "SPYRUS, Inc.", "Module Name": "SPYCOS® Module", "Module Type": "Hardware", "Validation Date": "04/26/201005/10/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1302.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1302", "detail_available": true, "module_name": "SPYCOS® Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The SPYCOS® Module is the latest addition to the SPYRUS family of cryptographic module IC's that enable both smart card and USB cryptographic tokens. The SPYCOS« Module enables security critical capabilities such as user authentication, message privacy and integrity, authentication, and secure storage in rugged, tamper-evident hardware. The SPYCOS« Module communicates with a host computer via the smart card or USB interface." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1301", "Certificate Number": "1301", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "Fortress Mesh Point", "Module Type": "Hardware", "Validation Date": "04/26/201005/07/201005/28/201008/02/201012/21/201002/24/201110/04/201105/10/201205/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1301.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1301", "detail_available": true, "module_name": "Fortress Mesh Point", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Fortress Mesh Point is an all-in-one network access device housed in a rugged compact chassis, with the most stringent security available today built in. It can serve as a wireless bridge, a WLAN access point, and an eight-port LAN switch, while performing all the functions of a Fortress controller device: encrypting wireless traffic and providing Multi-factor Authentication for devices on the network it protects." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1300", "Certificate Number": "1300", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Datacryptor® 100M Ethernet", "Module Type": "Hardware", "Validation Date": "04/26/201005/07/201001/13/201104/27/201105/11/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1300.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1300", "detail_available": true, "module_name": "Datacryptor® 100M Ethernet", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When configured for firmware version 4.5 with the Point-Point license as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Datacryptor® 100 Mbps Ethernet Layer 2 is a rack-mountable multi-chip standalone cryptographic module designed to secure data in transit across public Ethernet Layer 2 networks. The device uses 100BaseT ports to connect the host and public sides of the network. Datacryptor® employs an automatic key generation and exchange mechanism using X.509v.3 certificates and the Diffie-Hellman key agreement scheme. The algorithm used is AES-256. Configuration and management of the Datacryptor® 100 Mbps units is done through a secure remote management interface application also using the AES algorithm." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1299", "Certificate Number": "1299", "Vendor Name": "Seagate Technology LLC", "Module Name": "Seagate Secure® Enterprise Self-Encrypting Drives FIPS 140 Module", "Module Type": "Hardware", "Validation Date": "04/26/201009/13/201001/13/201106/05/201210/17/201201/25/201305/22/201302/20/201404/03/201404/23/201409/12/201412/22/201504/05/201606/15/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1299.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1299", "detail_available": true, "module_name": "Seagate Secure® Enterprise Self-Encrypting Drives FIPS 140 Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Seagate Secure® Enterprise Self-Encrypting Drives FIPS 140 Module is embodied in Seagate Cheetah, Constellation ES, Constellation, and Savvio SED model disk drives. The cryptographic module (CM) provides a wide range of cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, instantaneous user data disposal with cryptographic erase, independently controlled and protected user data LBA bands, and authenticated FW download. The services are provided through an industry-standard TCG Enterprise SSC interface." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1298", "Certificate Number": "1298", "Vendor Name": "McAfee, Inc.", "Module Name": "Network Security Platform Sensor N-450", "Module Type": "Hardware", "Validation Date": "04/26/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1298.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1298", "detail_available": true, "module_name": "Network Security Platform Sensor N-450", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network SecurityManagement system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1297", "Certificate Number": "1297", "Vendor Name": "Aruba Networks, Inc.", "Module Name": "Aruba AP-60 and AP-61 Wireless Access Points", "Module Type": "Hardware", "Validation Date": "04/26/201005/05/201010/25/201001/31/201103/14/201107/19/201102/06/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1297.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1297", "detail_available": true, "module_name": "Aruba AP-60 and AP-61 Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evidence seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba's single and multi-radio wireless access points serve as secure network on-ramps, aggregating wireless user traffic and forwarding it to Aruba's highly secure Multi-Service Mobility Controllers, where per-user role based access controls are applied. In the FIPS 140-2 mode of operation, Aruba APs in conjunction with the Mobility Controller support the IEEE 802.11i client standard, the xSec client and 256-bit AES encryption. Also, Aruba APs can provide Air Monitoring for intrusion detection and have Wi-Fi Alliance certification for IEEE 802.11a, IEEE 802.11b, IEEE 802.11g, and IEEE 802.11" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1296", "Certificate Number": "1296", "Vendor Name": "McAfee, Inc.", "Module Name": "NSM Secure UI Crypto Module", "Module Type": "Software", "Validation Date": "04/26/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1296.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1296", "detail_available": true, "module_name": "NSM Secure UI Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "McAfee Network Security Manager (NSM) is a simple, centralized management software for distributed McAfee Network Security Platform intrusion prevention system (IPS) sensors and network access control (NAC) appliances. The NSM console with its intuitive graphical interface gives administrators complete control and real-time data, so that they can manage, configure, administer, and monitor all IPS and NAC appliances across widely distributed, mission-critical deployments. The NSM Secure UI Crypto Module provides cryptographic services for serving the NSM console through a secure TLS session." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1295", "Certificate Number": "1295", "Vendor Name": "McAfee, Inc.", "Module Name": "NSM Application Cryptographic Module", "Module Type": "Software", "Validation Date": "04/26/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1295.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1295", "detail_available": true, "module_name": "NSM Application Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "McAfee Network Security Manager (NSM) is a simple, centralized management software for distributed McAfee Network Security Platform intrusion prevention system (IPS) sensors and network access control (NAC) appliances. The NSM console with its intuitive graphical interface gives administrators complete control and real-time data, so that they can manage, configure, administer, and monitor all IPS and NAC appliances across widely distributed, mission-critical deployments. The NSM Application Crypto Module provides cryptographic services for the Network Security Manager application." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1294", "Certificate Number": "1294", "Vendor Name": "Xceedium, Inc.", "Module Name": "Xceedium GateKeeper™", "Module Type": "Hardware", "Validation Date": "04/14/201009/07/201009/30/201004/05/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1294.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1294", "detail_available": true, "module_name": "Xceedium GateKeeper™", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Xceedium's GateKeeper is a hardened appliance that functions as a secure centralized management platform that enables IT operations to remotely manage data centers as one integrated system. A standardized security model can be developed to mitigate the risks of \"untrusted\" users; provide centralized access and policy, compartmentalize down to the port, define good and bad behavior, alert and restrict access to applications or commands. GateKeeper provides touch free support and includes all access methods and tools for in-band, out-of-band and power control." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1293", "Certificate Number": "1293", "Vendor Name": "Red Hat®, Inc.", "Module Name": "Network Security Services (NSS) Cryptographic Module (Freebl)", "Module Type": "Software", "Validation Date": "04/14/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1293.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1293", "detail_available": true, "module_name": "Network Security Services (NSS) Cryptographic Module (Freebl)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major crypto algorithms and Internet security standards, and supports smartcards and hardware crypto devices. NSS is available free of charge under the Mozilla Public License, the GNU General Public License, and the GNU Lesser General Public License. For more information, see http://www.mozilla.org/projects/security/pki/nss/" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1292", "Certificate Number": "1292", "Vendor Name": "Prism Payment Technologies (Pty) Ltd.", "Module Name": "Incognito TSM500", "Module Type": "Hardware", "Validation Date": "04/12/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1292.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1292", "detail_available": true, "module_name": "Incognito TSM500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Incognito TSM500 is a multi-chip embedded Tamper Responsive Security Module. Fitted on a PCI carrier card, the device offers high-performance, high-security services targeted at EFT switches and mCommerce applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1291", "Certificate Number": "1291", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE Crypto-J Software Module", "Module Type": "Software", "Validation Date": "04/12/201009/07/201003/28/201101/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1291.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1291", "detail_available": true, "module_name": "RSA BSAFE Crypto-J Software Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using encryption techniques to provide a persistent level of protection. RSA BSAFE Crypto-J supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1290", "Certificate Number": "1290", "Vendor Name": "McAfee, Inc.", "Module Name": "Network Security Platform Sensor M-1250, M-1450, M-2750, M-3050, M-4050, and M-6050", "Module Type": "Hardware", "Validation Date": "04/12/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1290.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1290", "detail_available": true, "module_name": "Network Security Platform Sensor M-1250, M-1450, M-2750, M-3050, M-4050, and M-6050", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network SecurityManagement system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1289", "Certificate Number": "1289", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Cygnus X3 PSD Cryptographic Module", "Module Type": "Hardware", "Validation Date": "04/12/201005/05/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1289.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1289", "detail_available": true, "module_name": "Cygnus X3 PSD Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The Pitney Bowes Cygnus X3 Postal Security Device (PSD) has been designed in compliance with FIPS 140-2 and IPMAR security protection profile in order to support the USPS IBIP and international digital indicia standards globally. The Cygnus X3 PSD Cryptographic Module employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes Postage Metering products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1288", "Certificate Number": "1288", "Vendor Name": "Oracle Corporation", "Module Name": "Sun StorageTek™ T9840D Tape Drive", "Module Type": "Hardware", "Validation Date": "04/12/201005/05/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1288.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1288", "detail_available": true, "module_name": "Sun StorageTek™ T9840D Tape Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Sun StorageTek T9840D drive provides 75 GB native capacity and 30 MB/sec throughput using the same media and with backward read compatibility to the non-encrypting T9840 A, B and C. Designed for maximum security and performance, the T9840D uses AES-256 encryption to protect and authenticate customer data and secure, authenticated transmission of key material. Designed for fast access to data, the drive allows the use of multiple keys per tape with a cache memory to minimize key transmission overhead. Works seamlessly with the Sum KMA 2.x for a secure end-to-end management solution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1287", "Certificate Number": "1287", "Vendor Name": "Vocera Communications, Inc.", "Module Name": "Vocera Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "03/29/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1287.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1287", "detail_available": true, "module_name": "Vocera Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "The Vocera® Communications System is a breakthrough wireless platform that provides hands-free voice communications throughout an 802.11b/g-networked building or campus." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1286", "Certificate Number": "1286", "Vendor Name": "Bomgar Corporation", "Module Name": "B200™ and B300™ Remote Support Appliances", "Module Type": "Hardware", "Validation Date": "03/29/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1286.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1286", "detail_available": true, "module_name": "B200™ and B300™ Remote Support Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Bomgar Remote Support Appliances give technicians secure remote control of devices over the internet/LAN/WAN. Bomgar allows access to various operating systems, including remote support for smartphones and managing network devices via command shell. In addition, it supports extensive auditing and recording of support sessions.", "algorithms": [ "AES", "DES", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1285", "Certificate Number": "1285", "Vendor Name": "eIQnetworks, Inc.", "Module Name": "SecureVue Regional Cryptographic Module", "Module Type": "Software", "Validation Date": "04/15/201009/13/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1285.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1285", "detail_available": true, "module_name": "SecureVue Regional Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SecureVue Regional component is a multi-chip standalone cryptographic module that is part of a software application suite. It has cryptographic implementation for secure communication and encryption/decryption between the various components via Central, Regional, Data Collector, and Agent that complete the SecureVue software application suite." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1284", "Certificate Number": "1284", "Vendor Name": "eIQnetworks, Inc.", "Module Name": "SecureVue Data Collector Cryptographic Module", "Module Type": "Software", "Validation Date": "04/15/201009/13/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1284.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1284", "detail_available": true, "module_name": "SecureVue Data Collector Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SecureVue Data Collector component is a multi-chip standalone cryptographic module that is part of a software application suite. It has cryptographic implementation for secure communication, encryption/decryption, and key generation between the various components via Central, Regional, Data Collector, and Agent that complete the SecureVue software application suite." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1283", "Certificate Number": "1283", "Vendor Name": "eIQnetworks, Inc.", "Module Name": "SecureVue Agent Cryptographic Module", "Module Type": "Software", "Validation Date": "03/29/201005/05/201009/13/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1283.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1283", "detail_available": true, "module_name": "SecureVue Agent Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SecureVue Agent component is a multi-chip standalone cryptographic module that is part of a software application suite. It has cryptographic implementation for secure communication and encryption/decryption between the various components via Central, Regional, Data Collector, and Agent that complete the SecureVue software application suite." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1282", "Certificate Number": "1282", "Vendor Name": "eIQnetworks, Inc.", "Module Name": "SecureVue Central Cryptographic Module", "Module Type": "Software", "Validation Date": "03/29/201005/05/201009/13/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1282.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1282", "detail_available": true, "module_name": "SecureVue Central Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SecureVue Central component is a multi-chip standalone cryptographic module that is part of a software application suite. It has cryptographic implementation for secure communication, encryption/decryption, and key generation between the various components via Central, Regional, Data Collector, and Agent that complete the SecureVue software application suite." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1281", "Certificate Number": "1281", "Vendor Name": "Cimcor, Inc.", "Module Name": "Cimcor Cryptographic Module", "Module Type": "Software", "Validation Date": "05/24/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1281.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1281", "detail_available": true, "module_name": "Cimcor Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Cimcor Cryptographic Module is a multi-platform library that provides secure FIPS 140-2 validated hashing, encryption, and decryption methods and a variety of other cryptographic functions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1280", "Certificate Number": "1280", "Vendor Name": "Sun Microsystems, Inc., Red Hat®, Inc. and Mozilla Foundation, Inc.", "Module Name": "Network Security Services (NSS) Cryptographic Module", "Module Type": "Software", "Validation Date": "03/29/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1280.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1280", "detail_available": true, "module_name": "Network Security Services (NSS) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major crypto algorithms and Internet security standards, and supports smartcards and hardware crypto devices. NSS is available free of charge under the Mozilla Public License, the GNU General Public License, and the GNU Lesser General Public License. For more information, see http://www.mozilla.org/projects/security/pki/nss/" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1279", "Certificate Number": "1279", "Vendor Name": "Sun Microsystems, Inc., Red Hat®, Inc. and Mozilla Foundation, Inc.", "Module Name": "Network Security Services (NSS) Cryptographic Module (Extend ECC)", "Module Type": "Software", "Validation Date": "03/29/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1279.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1279", "detail_available": true, "module_name": "Network Security Services (NSS) Cryptographic Module (Extend ECC)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major crypto algorithms and Internet security standards, and supports smartcards and hardware crypto devices. NSS is available free of charge under the Mozilla Public License, the GNU General Public License, and the GNU Lesser General Public License. For more information, see http://www.mozilla.org/projects/security/pki/nss/" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1278", "Certificate Number": "1278", "Vendor Name": "Sun Microsystems, Inc., Red Hat®, Inc. and Mozilla Foundation, Inc.", "Module Name": "Network Security Services (NSS) Cryptographic Module (Basic ECC)", "Module Type": "Software", "Validation Date": "03/29/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1278.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1278", "detail_available": true, "module_name": "Network Security Services (NSS) Cryptographic Module (Basic ECC)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major crypto algorithms and Internet security standards, and supports smartcards and hardware crypto devices. NSS is available free of charge under the Mozilla Public License, the GNU General Public License, and the GNU Lesser General Public License. For more information, see http://www.mozilla.org/projects/security/pki/nss/" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1277", "Certificate Number": "1277", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Datacryptor® SONET/SDH OC-3/12/48/192C", "Module Type": "Hardware", "Validation Date": "03/29/201005/07/201001/13/201102/13/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1277.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1277", "detail_available": true, "module_name": "Datacryptor® SONET/SDH OC-3/12/48/192C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Datacryptor® SONET/SDH OC-3/12/48/192C are rack-mountable multi-chip standalone cryptographic modules which facilitate secure data transmission across public SONET or SDH backbone networks. The devices use standard SFP/XFP optical transceivers for their host and network connections. The Datacryptor® offers user verification services via DSA enabled X.509 v.3 certificates, key management based on a Diffie-Hellman Key Agreement Scheme, and AES encryption of data passing over public networks. Management of the Datacryptor is performed via a remote management interface." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1276", "Certificate Number": "1276", "Vendor Name": "Mocana Corporation", "Module Name": "Mocana Cryptographic Suite B Module", "Module Type": "Software", "Validation Date": "03/29/201005/11/201007/19/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1276.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1276", "detail_available": true, "module_name": "Mocana Cryptographic Suite B Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Mocana Cryptographic Module is the engine of Mocana's Device Security Framework - a software framework that secures all aspects of a system. The Device Security Framework helps applications and device designers reduce development costs and dramatically enhance cryptographic performance. For details see www.mocana.com." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1275", "Certificate Number": "1275", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Datacryptor® Gig Ethernet and 10 Gig Ethernet", "Module Type": "Hardware", "Validation Date": "03/29/201005/07/201001/13/201104/27/201101/23/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1275.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1275", "detail_available": true, "module_name": "Datacryptor® Gig Ethernet and 10 Gig Ethernet", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When configured for firmware version 4.5 with the Point-Point license as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Datacryptor® 1 Gig Ethernet and 10 Gig Ethernet are rack-mountable multi-chip standalone cryptographic modules which facilitate secure data transmission across public Ethernet Layer 2 networks. The 1 Gig and 10 Gig units use an standard SFP/XFP optical transceivers for their host and network connections. The Datacryptor® offers user verification services via DSA enabled X.509 v.3 certificates, key management based on a Diffie-Hellman Key Agreement Scheme, and AES encryption of data passing over public networks. Management of the Datacryptor® is performed via a remote management interface." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1274", "Certificate Number": "1274", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "IPCryptR Motorola Advanced Crypto Engine (MACE)", "Module Type": "Hardware", "Validation Date": "03/29/201005/07/201001/30/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1274.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1274", "detail_available": true, "module_name": "IPCryptR Motorola Advanced Crypto Engine (MACE)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The IPCryptR MACE provides secure key management and data encryption for the IPCryptR in Motorola's Astro™, Dimetra™, and Broadband Systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1273", "Certificate Number": "1273", "Vendor Name": "Mocana Corporation", "Module Name": "Mocana Cryptographic Loadable Kernel Module", "Module Type": "Software", "Validation Date": "03/29/201005/11/201007/19/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1273.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1273", "detail_available": true, "module_name": "Mocana Cryptographic Loadable Kernel Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Mocana Cryptographic Loadable Kernel Module is the engine of Mocana's Device Security Framework - a software framework that secures all aspects of a system. The Device Security Framework helps applications and device designers reduce development costs and dramatically enhance cryptographic performance. For details see www.mocana.com." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1272", "Certificate Number": "1272", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "03/09/201007/02/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1272.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1272", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1271", "Certificate Number": "1271", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks NSM (Network and Security Manager) Cryptographic Module", "Module Type": "Software", "Validation Date": "03/29/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1271.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1271", "detail_available": true, "module_name": "Juniper Networks NSM (Network and Security Manager) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Juniper Networks Network and Security Manager (NSM) is a unified device management solution for Juniper's network infrastructure of routing, switching, and security devices. It provides centralized, end-to-end device lifecycle management, granular policy configuration, and comprehensive monitoring, reporting, and investigative tools to enable you to improve IT management and cost efficiencies and to maximize the security of your network. Enterprise customers can leverage NSM globally to scale from branch to data center, and Service Providers can use it for carrier-class deployments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1270", "Certificate Number": "1270", "Vendor Name": "Kanguru Solutions", "Module Name": "Kanguru Defender Elite/Elite+", "Module Type": "Hardware", "Validation Date": "03/29/201008/09/201008/12/201008/20/201012/21/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1270.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1270", "detail_available": true, "module_name": "Kanguru Defender Elite/Elite+", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "Files distributed with the module mounted within the CD Drive, Public Drive, and/or Private Drive are excluded from the validation.) (Note: Refer to the cryptographic module's Security Policy Appendix 1 for the details on the letter x and y designations", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Kanguru Defender Elite/Elite+ is a FIPS 140-2 Level 2 multi-chip standalone cryptographic module that utilizes AES hardware encryption to secure data at rest. The module is a ruggedized, opaque, tamper-evident USB token/storage device." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1269", "Certificate Number": "1269", "Vendor Name": "DataLocker Inc.", "Module Name": "Bluefly Processor", "Module Type": "Hardware", "Validation Date": "03/30/201005/05/201009/07/201001/20/201103/15/201105/31/201107/05/201104/24/201203/28/201303/19/201510/21/201612/01/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1269.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1269", "detail_available": true, "module_name": "Bluefly Processor", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The Bluefly processor is a cryptographic and authentication engine for Personal Portable Security Devices (PPSDs). It provides secure storage, digital identity functions, and multifactor user authentication for USB-based peripherals." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1268", "Certificate Number": "1268", "Vendor Name": "Senetas Security Pty Ltd.", "Module Name": "CypherNET™ 3000 Series Multi-Protocol Encryptor", "Module Type": "Hardware", "Validation Date": "03/29/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1268.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1268", "detail_available": true, "module_name": "CypherNET™ 3000 Series Multi-Protocol Encryptor", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The CypherNET™ 3000 Series product is a high-speed, standards based, multi-protocol encryptor specifically designed to secure voice, data and video information transmitted over Synchronous Optical/Synchronous Digital Hierarchy (SONET/SDH) and Ethernet Networks at data rates up to 10 Gigabits per sec. Data privacy is provided by FIPS approved AES and Triple-DES algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1267", "Certificate Number": "1267", "Vendor Name": "Senetas Security Pty Ltd.", "Module Name": "CypherNET™ 1000 Series Multi-Protocol Encryptor", "Module Type": "Hardware", "Validation Date": "03/29/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1267.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1267", "detail_available": true, "module_name": "CypherNET™ 1000 Series Multi-Protocol Encryptor", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The CypherNET™ 1000 Series product is a high-speed, standards based, multi-protocol encryptor specifically designed to secure voice, data and video information transmitted over Synchronous Optical/Synchronous Digital Hierarchy (SONET/SDH), Asynchronous Transfer Mode (ATM), and Ethernet Networks as well as protocol independent point-to-point networks at data rates up to 1 Gigabit per sec. Data privacy is provided by FIPS approved AES and Triple-DES algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1266", "Certificate Number": "1266", "Vendor Name": "Broadcom Corporation", "Module Name": "BCM5880 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "03/29/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1266.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1266", "detail_available": true, "module_name": "BCM5880 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The BCM5880 Cryptographic Module is a single-chip encased in hard opaque tamper evident IC packaging. The BCM5880 Cryptographic Module supports a variety of FIPS-validated cryptographic algorithms via a set of service API over a well-defined security boundary. It is developed as a reference design for OEMs to build FIPS140-2 compliant security systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1265", "Certificate Number": "1265", "Vendor Name": "", "Module Name": "", "Module Type": "Software", "Validation Date": "03/03/201004/15/201010/26/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1265.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1265", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Software", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1264", "Certificate Number": "1264", "Vendor Name": "DeltaCrypt Technologies, Inc.", "Module Name": "DeltaCrypt FIPS Module", "Module Type": "Software", "Validation Date": "03/29/201005/15/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1264.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1264", "detail_available": true, "module_name": "DeltaCrypt FIPS Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "The module generates cryptographic keys whose strengths are modified by available entropy", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "DeltaCrypt FIPS Module v1.0.0.0 is a software module providing cryptographic functionality implemented in DeltaCrypt Encryption Applications that complies with FIPS 140-2 level 1 requirements. DeltaCrypt FIPS Module provides data encryption for DeltaCrypt applications protecting files and folders on computer hard disks, mobile data, CD-ROMs and DVDs. It also ensures data protection of removable drives used in combination with DeltaCrypt Mobile Device Control which controls removable drives used on a network, offers audit and tracking capabilities as well as threat detection and policy" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1263", "Certificate Number": "1263", "Vendor Name": "Stonesoft Corporation", "Module Name": "StoneGate Firewall / VPN Core", "Module Type": "Firmware", "Validation Date": "02/16/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1263.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1263", "detail_available": true, "module_name": "StoneGate Firewall / VPN Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "StoneGate Firewall/VPN Core 4.2.2.5798.cc3.1 provides IPsec compliant VPN connectivity between two firewall clusters (site to site connectivity) and remote IPsec compliant VPN connectivity between VPN clients the firewall cluster." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1262", "Certificate Number": "1262", "Vendor Name": "Silex Technology", "Module Name": "SX-500 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "02/15/201012/13/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1262.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1262", "detail_available": true, "module_name": "SX-500 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FIPS 140-2 Level 1 compliant Silex SX-500 is an excellent solution for applications requiring an easy to implement, secure wireless LAN connection for serial or Ethernet attached peripheral devices." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1261", "Certificate Number": "1261", "Vendor Name": "bTrade, LLC", "Module Name": "bTrade Security Module", "Module Type": "Software", "Validation Date": "02/15/201004/12/201104/27/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1261.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1261", "detail_available": true, "module_name": "bTrade Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The bTrade Security Module is a software library supporting FIPS Approved cryptographic algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1260", "Certificate Number": "1260", "Vendor Name": "Gemalto", "Module Name": "Smart Guardian FIPS", "Module Type": "Hardware", "Validation Date": "02/15/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1260.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1260", "detail_available": true, "module_name": "Smart Guardian FIPS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Gemalto introduces Smart Guardian FIPS, a FIPS 140-2 Level 3 Approved secure USB flash drive. The advanced flash drive combines an onboard cryptographic controller that encrypts all data stored on the secure partition by Approved hardware-based AES 256bit, a smartcard chip that provides key management through proven technology, and a ruggedized tamper resistant housing to create a complete portable secure storage solution for all users looking to protect their data." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1259", "Certificate Number": "1259", "Vendor Name": "Renesas Technology America, Inc.", "Module Name": "AE57C1", "Module Type": "Hardware", "Validation Date": "02/15/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1259.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1259", "detail_available": true, "module_name": "AE57C1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "AE57C1 is a single-chip module that contains a CPU, ROM, EEPROM and RAM. The module contains firmware (Board ID OS or \"BOS\") that resides in ROM, with key storage and future applet storage functionality in the EEPROM. The module user will be able to load or update an applet to the EEPROM. Board ID OS (or \"BOS\") is a mask ROM used for prototyping and mass production of embedded smart chip systems based on AE57C1 device. BOS provides authentication and secure program download mechanism. Users can develop embedded applications using the BOS cryptographic, communication, and OS application interf" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1258", "Certificate Number": "1258", "Vendor Name": "DESlock Ltd", "Module Name": "DESlock+ Kernel Mode Crypto Core", "Module Type": "Software", "Validation Date": "02/15/201003/31/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1258.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1258", "detail_available": true, "module_name": "DESlock+ Kernel Mode Crypto Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The DESlock+ Kernel Mode Crypto Core from Data Encryption Systems Ltd. is a cryptographic module which encapsulates several different cryptographic algorithms. Available as part of the DESlock+ desktop encryption product, the Module is accessible by other kernel mode drivers and user mode applications provided by Data Encryption Systems Ltd." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1257", "Certificate Number": "1257", "Vendor Name": "Comtech Mobile Datacom Corporation", "Module Name": "Comtech Mobile Datacom Corporation Cryptographic Library (libcmscrypto)", "Module Type": "Software", "Validation Date": "01/28/201001/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1257.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1257", "detail_available": true, "module_name": "Comtech Mobile Datacom Corporation Cryptographic Library (libcmscrypto)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "libcmscrypto is a library implemented in the Comtech Mobile Datacom Corp. products and provides the basic cryptographic functionality that includes Advanced Encryption Standard (AES) algorithm, SHA1 message digest, HMAC SHA-1 Keyed-Hash message authentication code.", "algorithms": [ "AES", "DES", "HMAC", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1256", "Certificate Number": "1256", "Vendor Name": "Aastra USA, Inc.", "Module Name": "ViPr Cryptographic Module", "Module Type": "Firmware-Hybrid", "Validation Date": "01/15/201005/28/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1256.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1256", "detail_available": true, "module_name": "ViPr Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware-Hybrid", "embodiment": "Multi-chip standalone", "description": "ViPr Cryptographic Module ver.1.0 is part of ViPr Video Conferencing system comprised of a ViPr Media Center Terminal running ViPr application software version 3.0.5" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1255", "Certificate Number": "1255", "Vendor Name": "SPYRUS, Inc.", "Module Name": "Hydra PC FIPS Sector-based Encryption Module", "Module Type": "Hardware", "Validation Date": "02/15/201005/05/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1255.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1255", "detail_available": true, "module_name": "Hydra PC FIPS Sector-based Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Hydra PC FIPS Sector-based Encryption Module provides hardware-based, sector by sector full disk encryption providing the protective military strength of the U. S. Government's Suite B algorithm standards, including AES, ECDSA, SHA-2, and EC-DH. The USB encryption device comes with an easy to use, user-friendly interface that operates on the Microsoft Windows operating systems without installing any drivers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1254", "Certificate Number": "1254", "Vendor Name": "Motorola, Inc.", "Module Name": "Astro Subscriber Motorola Advanced Crypto Engine (MACE)", "Module Type": "Hardware", "Validation Date": "01/15/201003/05/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1254.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1254", "detail_available": true, "module_name": "Astro Subscriber Motorola Advanced Crypto Engine (MACE)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with firmware [R01.00.00 (AES Cert. #819)] installed", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The MACE cryptographic processor is used in security modules embedded in Motorola's Astro family of radio system products. It provides secure voice and data capabilities as well as APCO Over-The-Air-Rekeying and advanced key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1253", "Certificate Number": "1253", "Vendor Name": "3e Technologies International, Inc.", "Module Name": "3e-523-F2 and 3e-523-3 Secure Multi-function Wireless Data Points", "Module Type": "Hardware", "Validation Date": "01/28/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1253.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1253", "detail_available": true, "module_name": "3e-523-F2 and 3e-523-3 Secure Multi-function Wireless Data Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The 3e-523-F2 and 3e-523-3 operate as either a gateway connecting a local area network to wide area network (WAN), an access point within a wireless local area network (WLAN), a client within a WLAN, or a wireless bridging device. 3eTI software provides the following major services in FIPS mode: Wireless 802.11a/b/g Access Point functionality; Wireless 802.11a/b/g Client functionality; Wireless 802.11a/b/g Bridge functionality; Wireless 802.11a/b/g Mesh functionality (auto-forming, self-healing wireless capability); IEEE 802.11i." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1252", "Certificate Number": "1252", "Vendor Name": "Research In Motion Ltd.", "Module Name": "BlackBerry Cryptographic Kernel", "Module Type": "Firmware", "Validation Date": "01/06/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1252.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1252", "detail_available": true, "module_name": "BlackBerry Cryptographic Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-to-end solution. The BlackBerry Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1251", "Certificate Number": "1251", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "Fortress Controller -X (FC-X)", "Module Type": "Hardware", "Validation Date": "01/06/201001/28/201003/26/201008/02/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1251.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1251", "detail_available": true, "module_name": "Fortress Controller -X (FC-X)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Fortress Controller -X (FC-X) secures wireless devices, users and network infrastructure. It implements Fortress's Mobile Security Protocol (MSP) to provide network authentication, key exchange, and data encryption and integrity checking at layer 2 of the OSI networking model." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1250", "Certificate Number": "1250", "Vendor Name": "CipherOptics Inc.", "Module Name": "CipherOptics ESG100 and CipherOptics ESG1002", "Module Type": "Hardware", "Validation Date": "12/29/200906/14/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1250.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1250", "detail_available": true, "module_name": "CipherOptics ESG100 and CipherOptics ESG1002", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The CipherOptics ESG100 and ESG1002 are high performance, integrated security appliances that offer Gigabit and 10/100 Ethernet IPSec encryption respectively. Housed in a tamper evident chassis, have two ethernet ports. Traffic on the local port is received in the clear, while traffic on the remote port has security processing applied to it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1249", "Certificate Number": "1249", "Vendor Name": "Oberthur Technologies", "Module Name": "Oberthur ID-One Cosmo V7-n Lite", "Module Type": "Hardware", "Validation Date": "12/29/200902/05/201008/02/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1249.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1249", "detail_available": true, "module_name": "Oberthur ID-One Cosmo V7-n Lite", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This new generation Oberthur Smart Card programmable modules offers a highly secure architecture with state of the art on board cryptographic services that include Data Encryption Standard (2TDEA and 3TDEA) for symmetric encryption; Secure Hash Algorithm (SHA up to 512) for message digest; Elliptic-Curve Diffie-Hellman (ECDH) for key agreement and Digital Signature Algorithm (ECDSA up to f =521) for digital signatures. Additional features include Logical Channels and Delegated Management. The module supports Java Card 2.2.2 and Global Platform 2.1.1.A and is available in variable EEPROM sizes.", "algorithms": [ "DES", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1248", "Certificate Number": "1248", "Vendor Name": "Oberthur Technologies", "Module Name": "Oberthur ID-One Cosmo V7-a", "Module Type": "Hardware", "Validation Date": "12/29/200902/05/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1248.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1248", "detail_available": true, "module_name": "Oberthur ID-One Cosmo V7-a", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This new generation Smart Card programmable module offers a highly secure architecture with state of the art on board cryptographic services that include and even exceed NSA SUITE-B cryptography with Advanced Encryption Standard (AES up to 256); Secure Hash Algorithm (SHA up to 512); Elliptic-Curve Diffie-Hellman (ECDH) and Digital Signature Algorithm (ECDSA up to P-521). The module supports Java Card 2.2.2 and Global Platform 2.1.1.A with Delegated Management, and is available with contact (ISO 7816) and contactless (ISO 14443) communication interfaces.", "algorithms": [ "AES", "DES", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1247", "Certificate Number": "1247", "Vendor Name": "Good Technology, Inc.", "Module Name": "FIPSCrypto on Windows Mobile", "Module Type": "Software", "Validation Date": "12/29/200902/05/201006/02/201010/25/201001/20/201107/19/201110/18/201104/04/201209/27/201210/25/201204/24/201310/18/201309/25/201404/10/201504/17/201510/12/201505/11/201601/18/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1247.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1247", "detail_available": true, "module_name": "FIPSCrypto on Windows Mobile", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The FIPSCrypto is a FIPS 140-2 validated software-based cryptographic module that implements Triple-DES, AES, SHA-1, and HMAC-SHA-1." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1246", "Certificate Number": "1246", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Pitney Bowes iButton Postal Security Device (PSD)", "Module Type": "Hardware", "Validation Date": "12/29/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1246.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1246", "detail_available": true, "module_name": "Pitney Bowes iButton Postal Security Device (PSD)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and configured by Pitney Bowes, Inc.", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Pitney Bowes iButton Postal Security Device (PSD) has been designed in compliance with the United States Postal Service (USPS), Information-Based Indicia Program (IBIP). It employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes global digital metering products. The PSD has been designed to support international postal markets and their rapidly evolving requirements for digital indicia." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1245", "Certificate Number": "1245", "Vendor Name": "Tropos Networks", "Module Name": "Tropos Wireless IP Mesh Router", "Module Type": "Hardware", "Validation Date": "01/15/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1245.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1245", "detail_available": true, "module_name": "Tropos Wireless IP Mesh Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Tropos's single/multi-radio, wireless 802.11 a/b/g/n Wireless IP Mesh routers provide a secure, high-performance, easy to deploy, and cost-effective networking solution for outdoor environments. Tropos routers support IEEE 802.1X and 802.11i with AES encryption and secure EAP types while operating in FIPS 140-2 mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1244", "Certificate Number": "1244", "Vendor Name": "Tropos Networks", "Module Name": "Tropos Wireless IP Mobile Router", "Module Type": "Hardware", "Validation Date": "01/15/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1244.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1244", "detail_available": true, "module_name": "Tropos Wireless IP Mobile Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Tropos's single/multi-radio, wireless 802.11 b/g Wireless IP Mobile routers provide a secure, high-performance, easy to deploy, and cost-effective networking solution for outdoor environments. Tropos routers support IEEE 802.1X and 802.11i with AES encryption and secure EAP types while operating in FIPS 140-2 mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1243", "Certificate Number": "1243", "Vendor Name": "Secure64 Software Corporation", "Module Name": "Secure64 Cryptographic Module", "Module Type": "Firmware", "Validation Date": "12/29/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1243.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1243", "detail_available": true, "module_name": "Secure64 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The Secure64 Cryptographic Module is a firmware module designed for use only with systems based on Secure64 SourceT, a limited operational environment running on an Intel Itanium-based server platform. The Secure64 Cryptographic Module provides cryptographic functions that can be used by applications running in this environment. Example applications include DNSSEC signing (secure DNS using digital signatures), certificate management applications, etc. Example functions include key generation, secure key storage, encryption, decryption, hashing, and digital signing." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1242", "Certificate Number": "1242", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with Wireless Services Module (WiSM)", "Module Type": "Hardware", "Validation Date": "12/29/200907/02/201007/30/201008/22/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1242.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1242", "detail_available": true, "module_name": "Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with Wireless Services Module (WiSM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the physical security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with Wireless Services Module (WiSM) provide unparalleled security, mobility, redundancy, centralized control and scalability for large-scale Government and Enterprise wireless LAN networks and supports the IEEE 802.11i wireless security standard in conjunction with meeting the Wi-Fi Alliances interoperability specification WPA2 to enable a Secure Wireless Architecture. The module supports voice, video and data services, location & asset tracking, integrated intrusion detection & intrusion protection and intelligent radio." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1241", "Certificate Number": "1241", "Vendor Name": "Bloombase, Inc.", "Module Name": "Bloombase Cryptographic Module", "Module Type": "Software", "Validation Date": "12/29/200907/02/201001/24/201303/15/201306/03/201604/28/201712/05/2019", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1241.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1241", "detail_available": true, "module_name": "Bloombase Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Bloombase Cryptographic Module for multi-platforms is a scalable, generic and multipurpose module used by various Bloombase products, performing a broad range of approved cryptographic operations including encryption, key generation, key storage and zeroization, signature generation and verification, hashing, keyed hashing and random number generation, supporting services including cryptography, authentication, PKCS and key management, etc." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1240", "Certificate Number": "1240", "Vendor Name": "Asigra, Inc.", "Module Name": "AsigraEncModule Encryption Library", "Module Type": "Software", "Validation Date": "01/12/201006/03/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1240.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1240", "detail_available": true, "module_name": "AsigraEncModule Encryption Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The AsigraEncModule (\"Cryptographic Module\" or \"Module\") is a cryptographic library for C++ language users providing hash algorithms, AES symmetric encryption algorithms and random number generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1239", "Certificate Number": "1239", "Vendor Name": "Giesecke & Devrient", "Module Name": "Sm@rtCafé Expert 3.2 by Giesecke & Devrient with ActivIdentity Digital Identity Applet Suite V2 for Extended PIV", "Module Type": "Hardware", "Validation Date": "12/07/200901/11/201202/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1239.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1239", "detail_available": true, "module_name": "Sm@rtCafé Expert 3.2 by Giesecke & Devrient with ActivIdentity Digital Identity Applet Suite V2 for Extended PIV", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This product combines the Giesecke & Devrient (G&D) Smart Card Chip Operating System Sm@rtCafé Expert(SCE) 3.2 and the ActivIdentity(AI) Applet framework v2.6.2b. SCE 3.2 is a JC2.2.1 & GP2.1.1 compliant dual-interface module supporting, at a minimum 2048-bit RSA, SHA-256 hash and 256-bit AES. AI Applet framework works over dual-interface and supports GSC-IS v2.1 & NIST SP800-73-1(for HSPD-12/PIV). The product supports Secure issuance and post-issuance along with SMA protocol(secure messaging) and One Time Password solution. Combined product is suitable for government and corporate deployments" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1238", "Certificate Number": "1238", "Vendor Name": "Nexus Wireless", "Module Name": "Nexus FIPS 140-2 Crypto Module", "Module Type": "Hardware", "Validation Date": "01/05/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1238.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1238", "detail_available": true, "module_name": "Nexus FIPS 140-2 Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Nexus FIPS140-2 Crypto Module is a single-board security module designed to conform to FIPS140-2 standards and primarily intended for use in P25 radio equipment. The module supports both KFD and KMF management implementations, including a dedicated 3-wire KFD interface. It includes a complete key storage and critical security material management function for TEK, KEK, UKEK, CKEK and KSKEK keys in non-volatile memory within the FIPS module, with protection from unauthorized disclosure or modification. The FIPS Module executes encryption and decryption of P25 Phase 1 voice and data." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1237", "Certificate Number": "1237", "Vendor Name": "Research In Motion Ltd.", "Module Name": "BlackBerry Cryptographic Library", "Module Type": "Software", "Validation Date": "12/07/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1237.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1237", "detail_available": true, "module_name": "BlackBerry Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-to-end solution. The BlackBerry½ Cryptographic Library is a software module that provides cryptographic services to many BlackBerry½ desktop products such as the BlackBerry½ Enterprise Server, BlackBerry½ Desktop Software, and many other BlackBerry½ products.", "algorithms": [ "AES", "DES", "ECDSA", "HMAC", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1236", "Certificate Number": "1236", "Vendor Name": "Oberthur Technologies", "Module Name": "Oberthur ID-One Cosmo V7-n", "Module Type": "Hardware", "Validation Date": "12/07/200902/05/201008/02/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1236.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1236", "detail_available": true, "module_name": "Oberthur ID-One Cosmo V7-n", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This new generation Smart Card programmable module offers a highly secure architecture with state of the art on board cryptographic services that include and even exceed NSA SUITE-B cryptography with Advanced Encryption Standard (AES up to 256); Secure Hash Algorithm (SHA up to 512); Elliptic-Curve Diffie-Hellman (ECDH) and Digital Signature Algorithm (ECDSA up to P-521). The module supports Java Card 2.2.2 and Global Platform 2.1.1.A with Delegated Management, and is available with contact (ISO 7816) and contactless (ISO 14443) communication interfaces.", "algorithms": [ "AES", "DES", "DSA", "ECDSA", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1235", "Certificate Number": "1235", "Vendor Name": "Advanced Communications Concepts Inc", "Module Name": "TUCrypt Cryptographic Module", "Module Type": "Software", "Validation Date": "12/07/200901/28/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1235.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1235", "detail_available": true, "module_name": "TUCrypt Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The TUCrypt Cryptographic Module is a multi-chip standalone software module that executes on a IBM compatable personal computer. The software module is intended to be used by other ACCI software to provide FIPS 140-2 approved cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1234", "Certificate Number": "1234", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Pitney Bowes iButton Postal Security Device (PSD)", "Module Type": "Hardware", "Validation Date": "11/30/200901/06/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1234.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1234", "detail_available": true, "module_name": "Pitney Bowes iButton Postal Security Device (PSD)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and configured by Pitney Bowes, Inc.", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Pitney Bowes iButton Postal Security Device (PSD) has been designed in compliance with the United States Postal Service (USPS), Information-Based Indicia Program (IBIP), and Deutsche Post's FrankIT New Generation Digital Franking program. It employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes global digital metering products. The PSD has been designed to support international postal markets and their rapidly evolving requirements for digital indicia." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1233", "Certificate Number": "1233", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade 7500 SAN Extension Switch Cryptographic Module", "Module Type": "Hardware", "Validation Date": "11/30/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1233.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1233", "detail_available": true, "module_name": "Brocade 7500 SAN Extension Switch Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Brocade 7500 SAN Extension Switch Cryptographic Module provides an enterprise building block for consolidation, data mobility, and business continuity solutions that improve efficiency and cost savings. It combines FCIP extension with Fibre Channel switching and routing to provide local and remote storage and SAN connectivity while isolating SAN fabrics and IP WAN networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1232", "Certificate Number": "1232", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade DCX Backbone and 48000 Director", "Module Type": "Hardware", "Validation Date": "11/30/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1232.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1232", "detail_available": true, "module_name": "Brocade DCX Backbone and 48000 Director", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Brocade DCX Backbone consolidates server-to-server, server-to-storage and storage-to-storage traffic into a logical, multiprotocol infrastructure. It is designed to support existing and emerging protocols, including 8Gb Fibre Channel, FICON®, FCIP, IPFC, 10 Gigabit Ethernet, Converged Enhanced Ethernet (CEE), and Fibre Channel over Ethernet (FCoE). The Brocade 48000 Director delivers 4, 8, and 10 Gbit/sec Fibre Channel performance, high availability and multiprotocol connectivity, including Fibre Channel Routing, FCIP, iSCSI, and fabric-based applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1231", "Certificate Number": "1231", "Vendor Name": "MeshDynamics, Inc.", "Module Name": "MD4000-FIPS Structured Mesh™ Module", "Module Type": "Hardware", "Validation Date": "11/30/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1231.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1231", "detail_available": true, "module_name": "MD4000-FIPS Structured Mesh™ Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Multi-Radio Wireless Mesh Networking Node. Nodes connect to each other forming a \"MESH\" network. Data from Client devices connected to the mesh node, is routed according to the destination address. Client devices need to authenticate before they can join the network. All data from client is encrypted using AES-CCM using temporal keys generated using WPA2/802.11i standard." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1230", "Certificate Number": "1230", "Vendor Name": "Tropos Networks", "Module Name": "Tropos Control Element Management System", "Module Type": "Software", "Validation Date": "11/30/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1230.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1230", "detail_available": true, "module_name": "Tropos Control Element Management System", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Tropos Control is a comprehensive management system that streamlines the deployment, optimization, maintenance, and control of large-scale wireless networks. Tropos Control uses FIPS 140-2 approved algorithms to provide secured communication to Tropos routers and to its web-based client application." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1229", "Certificate Number": "1229", "Vendor Name": "BitArmor Systems, Inc.", "Module Name": "BitArmor Secure Cryptographic Engine", "Module Type": "Software", "Validation Date": "11/30/200912/11/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1229.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1229", "detail_available": true, "module_name": "BitArmor Secure Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "BitArmor DataControl is an advanced software solution that provides disk encryption and device independent file/folder encryption. It provides precise access control for data on the Windows operating system. BitArmor DataControl includes automatic key management that is transparent to users and a central console for management of users and access privileges." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1228", "Certificate Number": "1228", "Vendor Name": "Atos Wordline S.A./N.V.", "Module Name": "DEP/PCI v4", "Module Type": "Hardware", "Validation Date": "11/24/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1228.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1228", "detail_available": true, "module_name": "DEP/PCI v4", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The DEP/PCI (a PCI adapter board) is a hardware cryptographic module, also known as a hardware security module (HSM). Its boot software together with its cryptographic coprocessor implements different cryptographic algorithms which are used for secure key entry, secure application loading and secure boot firmware update. The alarm firmware implements the tamper detection and tamper responsive logic." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1227", "Certificate Number": "1227", "Vendor Name": "Kingston Technology, Inc.", "Module Name": "DataTraveler 5000 (DT5000)", "Module Type": "Hardware", "Validation Date": "12/07/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1227.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1227", "detail_available": true, "module_name": "DataTraveler 5000 (DT5000)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Kingston's ultra-secure DataTraveler 5000 USB Flash drive protects sensitive data with FIPS 140-2 Level 2 certification and 256-bit AES hardware-based encryption in XEX mode. Secured by Spyrus, DT5000 uses elliptic curve cryptography encryption algorithms (ECC) that meet the Suite B standards approved by the U.S. government. The drive features complex password protection and locks down after 10 intrusion attempts. DT5000 is waterproof (up to 4 feet) and features a rugged, titanium-coated steel casing." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1226", "Certificate Number": "1226", "Vendor Name": "Eastman Kodak Company", "Module Name": "Eastman Kodak Company® Secure Module 3000", "Module Type": "Hardware", "Validation Date": "11/24/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1226.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1226", "detail_available": true, "module_name": "Eastman Kodak Company® Secure Module 3000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Kodak Secure Module 3000 is a fully DCI compliant cryptographic module that is the core of the Kodak Digital Cinema content playback system. The Secure Module converts the packaged, compressed and encrypted data into raw image, sound, subtitles and auxiliary data used in exhibition. It performs security functions such as media decryption, link encryption, forensic watermarking, and key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1225", "Certificate Number": "1225", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeEnterpriseTM Encryptor, Model 650", "Module Type": "Hardware", "Validation Date": "11/24/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1225.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1225", "detail_available": true, "module_name": "SafeEnterpriseTM Encryptor, Model 650", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeEnterpriseTM SONET Encryptor provides data privacy and access control for connections between vulnerable public and private SONET/SDH networks. It employs federally endorsed AES and Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in a SONET OC-192 network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1224", "Certificate Number": "1224", "Vendor Name": "BeCrypt Limited", "Module Name": "BeCrypt Cryptographic Library", "Module Type": "Software", "Validation Date": "11/24/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1224.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1224", "detail_available": true, "module_name": "BeCrypt Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The BeCrypt Cryptographic Library provides core cryptographic functionality for BeCrypt's Enterprise security products including a range of market leading disk encryption, media encryption and data protection products. The cryptographic library provides a capability to develop complex and flexible security applications that require cryptographic functionality in both pre-OS and 32 bit/64 bit operating environments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1223", "Certificate Number": "1223", "Vendor Name": "Blue Coat® Systems, Inc.", "Module Name": "ProxySG 510 and ProxySG 810", "Module Type": "Hardware", "Validation Date": "11/17/200912/13/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1223.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1223", "detail_available": true, "module_name": "ProxySG 510 and ProxySG 810", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The foundation of Blue Coat's application delivery infrastructure, Blue Coat ProxySG appliances establish points of control that accelerate and secure business applications for users across the distributed organization. Blue Coat appliances serve as an Internet proxy and wide area network (WAN) optimizer. The purpose of the appliances is to provide a layer of security between an Internal and External Network (typically an office network and the Internet), and to provide acceleration and compression of transmitted data. The ProxySG is one of several appliance lines manufactured by Blue Coat" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1222", "Certificate Number": "1222", "Vendor Name": "Blue Coat® Systems, Inc.", "Module Name": "ProxySG 8100", "Module Type": "Hardware", "Validation Date": "11/17/200912/07/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1222.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1222", "detail_available": true, "module_name": "ProxySG 8100", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The foundation of Blue Coat's application delivery infrastructure, Blue Coat ProxySG appliances establish points of control that accelerate and secure business applications for users across the distributed organization. Blue Coat appliances serve as an Internet proxy and wide area network (WAN) optimizer. The purpose of the appliances is to provide a layer of security between an Internal and External Network (typically an office network and the Internet), and to provide acceleration and compression of transmitted data. The ProxySG is one of several appliance lines manufactured by Blue Coat" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1221", "Certificate Number": "1221", "Vendor Name": "Bull SAS", "Module Name": "CHR Cryptographic Module", "Module Type": "Hardware", "Validation Date": "11/17/200907/05/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1221.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1221", "detail_available": true, "module_name": "CHR Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The BULL CHR is a multi-chip standalone security module providing functionality for the secure loading of applications. The CHR is the corner stone of a range of security products developed and signed by BULL as Application Provider and known as \"CRYPT2Pay HR\" product range available for different domain of applications including Banks and Financial Institutions. Additional products may be developed by Application Providers, based on the CHR." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1220", "Certificate Number": "1220", "Vendor Name": "SkyRecon Systems", "Module Name": "SkyRecon Cryptographic Module (SCM)", "Module Type": "Software", "Validation Date": "12/03/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1220.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1220", "detail_available": true, "module_name": "SkyRecon Cryptographic Module (SCM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SkyRecon Cryptographic Module (SCM) is a software-based dynamically linked cryptographic library containing several validated cryptographic algorithms. Software developers can link the SkyRecon Cryptographic Module (SCM) into their applications to provide FIPS 140-2 compliant cryptographic support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1219", "Certificate Number": "1219", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "VPN-1 [1] and Security Gateway with firewall and vpn Software Blades [2]", "Module Type": "Firmware", "Validation Date": "10/27/200911/20/200907/27/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1219.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1219", "detail_available": true, "module_name": "VPN-1 [1] and Security Gateway with firewall and vpn Software Blades [2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "Check Point's Security Gateway Software Blades R70.1 and VPN-1 R65 with hot fix HFA 30 provide an integrated software solution combining a firewall, vpn, and the hardened SecurePlatform operating system. Designed to meet the requirements of Internet, intranet, and extranet vpns it provides secure connectivity to corporate networks with remote and mobile users, branch offices, and business partners." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1218", "Certificate Number": "1218", "Vendor Name": "3e Technologies International, Inc.", "Module Name": "3e-636S-1 Accelerated Crypto Module", "Module Type": "Hardware", "Validation Date": "10/22/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1218.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1218", "detail_available": true, "module_name": "3e-636S-1 Accelerated Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "3eTI's 3e-636S-1 Accelerated Crypto Module provides AES and Triple-DES data encryption, SHS secure hashing, and HMAC keyed hashing at very high levels of sustained bandwidth. The 3e-636S-1 leverages built-in hardware-based cryptography to greatly accelerate device performance. The 3e-636S-1 is a robust, stand-alone inline encryptor which can straightforwardly be inserted into a network where FIPS 140-2 Validation is required. The 3e-636S-1 helps customers meet Federal Cryptography requirements at extremely high levels of performance, where traditional software-based algorithm implementation" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1217", "Certificate Number": "1217", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Cygnus X3 PSD Cryptographic Module", "Module Type": "Hardware", "Validation Date": "10/22/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1217.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1217", "detail_available": true, "module_name": "Cygnus X3 PSD Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The Pitney Bowes Cygnus X3 Postal Security Device (PSD) has been designed in compliance with FIPS 140-2 and IPMAR security protection profile in order to support the USPS IBIP and international digital indicia standards globally. The PSD employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes Postage Metering products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1216", "Certificate Number": "1216", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeEnterprise™ Encryptor, Model 600", "Module Type": "Hardware", "Validation Date": "10/22/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1216.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1216", "detail_available": true, "module_name": "SafeEnterprise™ Encryptor, Model 600", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "Note: Refer to the cryptographic module’s security policy for the details on the letter i and x designations", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeEnterprise™ Encryptor provides data privacy and access control for connections between vulnerable public and private SONET/SDH or Ethernet networks. It employs FIPS approved AES and Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in SONET 155 MB (OC-3), 622 MB (OC-12), 1.0 GB, and 2.4 GB (OC-48) networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1215", "Certificate Number": "1215", "Vendor Name": "SPYRUS, Inc.", "Module Name": "Hydra PC FIPS Sector-based Encryption Module", "Module Type": "Hardware", "Validation Date": "10/22/200905/05/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1215.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1215", "detail_available": true, "module_name": "Hydra PC FIPS Sector-based Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Hydra PC FIPS Sector-based Encryption Module provides hardware-based, sector by sector full disk encryption providing the protective military strength of the U. S. Government's Suite B algorithm standards, including AES, ECDSA, SHA-2, and EC-DH. The USB encryption device comes with an easy to use, user-friendly interface that operates on the Microsoft Windows operating systems without installing any drivers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1214", "Certificate Number": "1214", "Vendor Name": "Pulse Secure, LLC.", "Module Name": "Odyssey Security Component Portable", "Module Type": "Software", "Validation Date": "10/19/200912/11/201302/13/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1214.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1214", "detail_available": true, "module_name": "Odyssey Security Component Portable", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Odyssey Security Component (OSC) is a general purpose cryptographic library. OSC / Portable is a C language version that can be compiled without modification for a variety of operating systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1213", "Certificate Number": "1213", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 4402 and 4404 Wireless LAN Controllers", "Module Type": "Hardware", "Validation Date": "10/19/200911/20/200907/02/201007/30/201008/22/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1213.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1213", "detail_available": true, "module_name": "Cisco 4402 and 4404 Wireless LAN Controllers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the physical security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 4400 Series Wireless LAN Controllers provide centralized control and scalability for medium to large-scale Government and Enterprise wireless LAN networks and support the IEEE 802.11i wireless security standard while meeting the Wi-Fi Alliances interoperability specification WPA2 for Secure Wireless Architecture. The Cisco WLAN Controllers support voice, video and data services, intrusion detection, intrusion protection and intelligent radio resource management and comply with the wireless security policies issued by the U.S. Federal Government and the Department of Defense (DoD)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1212", "Certificate Number": "1212", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Voice Processing Module Cryptographic Module (VPMCM) /Telephone Media Gateway Cryptographic Module (TMGCM)", "Module Type": "Hardware", "Validation Date": "10/19/200912/06/201007/05/201106/14/201307/07/201401/30/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1212.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1212", "detail_available": true, "module_name": "Voice Processing Module Cryptographic Module (VPMCM) /Telephone Media Gateway Cryptographic Module (TMGCM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with AES Cert. #819", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Motorola Voice Processing Module Cryptographic Module provides cryptographic services to the Voice Processing Module in which it is embedded. The Voice Processing Module provides dispatch console audio routing between a dispatch operator (e.g., 911 dispatcher), peripherals, and a local network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1211", "Certificate Number": "1211", "Vendor Name": "Motorola, Inc.", "Module Name": "Motorola Wireless Fusion on Windows CE Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "11/18/200905/05/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1211.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1211", "detail_available": true, "module_name": "Motorola Wireless Fusion on Windows CE Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "Motorola Wireless Fusion Cryptographic Module is a component of Motorola Wireless Mobile Computing devices that are equipped with a WLAN radio. These devices are used for business process automation applications in a number of vertical markets like retail, manufacturing, transportation, health and government." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1210", "Certificate Number": "1210", "Vendor Name": "Motorola, Inc.", "Module Name": "Motorola Wireless Fusion on Windows Mobile Cryptographic Module", "Module Type": "Software-Hybrid", "Validation Date": "11/18/200905/05/201006/02/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1210.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1210", "detail_available": true, "module_name": "Motorola Wireless Fusion on Windows Mobile Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "Motorola Wireless Fusion Cryptographic Module is a component of Motorola Wireless Mobile Computing devices that are equipped with a WLAN radio. These devices are used for business process automation applications in a number of vertical markets like retail, manufacturing, transportation, health and government." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1209", "Certificate Number": "1209", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeEnterprise™ Encryptor, Model 650", "Module Type": "Hardware", "Validation Date": "10/19/200908/02/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1209.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1209", "detail_available": true, "module_name": "SafeEnterprise™ Encryptor, Model 650", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeEnterprise™ Encryptor provides data privacy and access control for connections between vulnerable public and private SONET/SDH networks or 10G Ethernet networks. It employs federally endorsed AES and Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in a SONET OC-192 network or 10G Ethernet network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1208", "Certificate Number": "1208", "Vendor Name": "ARX (Algorithmic Research)", "Module Name": "CoSign", "Module Type": "Hardware", "Validation Date": "10/19/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1208.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1208", "detail_available": true, "module_name": "CoSign", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "CoSign is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization's end-users. End-users will connect securely to CoSign from their PC for the purpose of signing documents and data." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1207", "Certificate Number": "1207", "Vendor Name": "Pulse Secure, LLC.", "Module Name": "Odyssey Security Component User Mode and Odyssey Security Component Kernel Mode", "Module Type": "Software", "Validation Date": "10/19/200912/11/201302/13/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1207.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1207", "detail_available": true, "module_name": "Odyssey Security Component User Mode and Odyssey Security Component Kernel Mode", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Odyssey Security Component (OSC) is a general purpose cryptographic library. OSC / User Mode is a user mode binary module for the Windows operating system. OSC / Kernel Mode is a kernel-mode binary module for the Windows operating system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1206", "Certificate Number": "1206", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 3750G Integrated Wireless LAN Controller", "Module Type": "Hardware", "Validation Date": "10/19/200911/20/200907/02/201007/30/201008/22/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1206.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1206", "detail_available": true, "module_name": "Cisco Catalyst 3750G Integrated Wireless LAN Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the physical security devices installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 3750G Wireless LAN Controller provides centralized control and scalability for medium to large-scale wireless LAN networks and supports IEEE 802.11i wireless security and is Wi-Fi certified for WPA2. Cisco WLAN Controllers support voice, video, data services, intrusion protection (including Management Frame Protection (MFP), intelligent radio resource management and comply with the wireless security policies issued by the U.S. Federal Government and the U.S. Department of Defense (DoD)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1205", "Certificate Number": "1205", "Vendor Name": "Lexar Media, Inc.", "Module Name": "JumpDrive SAFE S3000", "Module Type": "Hardware", "Validation Date": "10/19/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1205.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1205", "detail_available": true, "module_name": "JumpDrive SAFE S3000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Lexar Media introduces JumpDrive SAFE S3000, the world's first FIPS 140-2 Level 3 approved secure USB flash drive. The advanced flash drive combines an onboard cryptographic controller that encrypts all data stored on the secure partition by approved hardware-based AES 256bit, a smartcard chip that provides key management through proven technology, and a ruggedized tamper resistant housing to create a complete portable secure storage solution for all users looking to protect their data. For more information please visit http://www.lexar.com." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1204", "Certificate Number": "1204", "Vendor Name": "Midland Radio Corporation", "Module Name": "Midland Radio Base Station Cryptographic Module", "Module Type": "Hardware", "Validation Date": "10/06/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1204.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1204", "detail_available": true, "module_name": "Midland Radio Base Station Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Midland BTIII Base Stations provide Project 25 encrypted and clear voice, data and Short Message Service communications in accordance with the Project 25 Digital Land Mobile Radio standards suite. In addition, conventional analog radio voice communications are supported. It is multi-chip standalone cryptographic module validated at a FIPS 140-2 Security Level 1." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1203", "Certificate Number": "1203", "Vendor Name": "Thales - nCipher", "Module Name": "nShield F3 6000e, nShield F3 1500e, nShield F3 500e, nShield F3 10e, nShield F3 6000e for nShield Connect, nShield F3 1500e for nShield Connect and nShield F3 500e for nShield Connect", "Module Type": "Hardware", "Validation Date": "10/06/200912/08/200902/17/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1203.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1203", "detail_available": true, "module_name": "nShield F3 6000e, nShield F3 1500e, nShield F3 500e, nShield F3 10e, nShield F3 6000e for nShield Connect, nShield F3 1500e for nShield Connect and nShield F3 500e for nShield Connect", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher modules: nShield F3 6000e, Shield F3 1500e, nShield F3 500e, nShield 10e, nShield F3 6000e for nShield Connect, nShield F3 1500e for nShield Connect and nShield F3 500e for nShield Connect family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1202", "Certificate Number": "1202", "Vendor Name": "Thales - nCipher", "Module Name": "nShield F2 500 and nShield F2 10 PCI", "Module Type": "Hardware", "Validation Date": "10/06/200902/17/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1202.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1202", "detail_available": true, "module_name": "nShield F2 500 and nShield F2 10 PCI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nShield modules: nShield F2 500 & nShield F2 10 PCI family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1201", "Certificate Number": "1201", "Vendor Name": "Thales - nCipher", "Module Name": "nShield F2 4000, nShield F2 2000 and nShield F2 500", "Module Type": "Hardware", "Validation Date": "10/06/200902/17/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1201.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1201", "detail_available": true, "module_name": "nShield F2 4000, nShield F2 2000 and nShield F2 500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nShield modules: nShield F2 4000, nShield F2 2000, and nShield F2 500 family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1200", "Certificate Number": "1200", "Vendor Name": "Thales - nCipher", "Module Name": "nShield F3 500, nShield F3 500 for NetHSM and nShield F3 10 PCI", "Module Type": "Hardware", "Validation Date": "10/06/200902/17/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1200.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1200", "detail_available": true, "module_name": "nShield F3 500, nShield F3 500 for NetHSM and nShield F3 10 PCI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nShield modules: nShield F3 500, F3 500 for NetHSM, & nShield 10 family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1199", "Certificate Number": "1199", "Vendor Name": "Thales - nCipher", "Module Name": "nShield F3 4000, nShield F3 2000, nShield F3 2000 for NetHSM, nShield F3 500 and nShield F3 500 for NetHSM", "Module Type": "Hardware", "Validation Date": "10/06/200902/17/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1199.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1199", "detail_available": true, "module_name": "nShield F3 4000, nShield F3 2000, nShield F3 2000 for NetHSM, nShield F3 500 and nShield F3 500 for NetHSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nShield modules: nCipher 4000, nShield 2000, nShield 2000 for NetHSM, nShield 500, and nShield 500 for NetHSM family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1198", "Certificate Number": "1198", "Vendor Name": "Thales - nCipher", "Module Name": "nShield F3 500, nShield F3 500 for NetHSM and nShield F3 10 PCI", "Module Type": "Hardware", "Validation Date": "10/06/200902/17/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1198.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1198", "detail_available": true, "module_name": "nShield F3 500, nShield F3 500 for NetHSM and nShield F3 10 PCI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher modules: nShield F3 500, Shield F3 500 for NetHSM, and nShield 10 family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1197", "Certificate Number": "1197", "Vendor Name": "Thales - nCipher", "Module Name": "nShield F3 6000e, nShield F3 1500e, nShield F3 500e, nShield F3 10e, nShield F3 6000e for\nnShield Connect, nShield F3 1500e for nShield\nConnect and nShield F3 500e for nShield Connect", "Module Type": "Hardware", "Validation Date": "10/06/200912/08/200902/17/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1197.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1197", "detail_available": true, "module_name": "nShield F3 6000e, nShield F3 1500e, nShield F3 500e, nShield F3 10e, nShield F3 6000e for nShield Connect, nShield F3 1500e for nShield Connect and nShield F3 500e for nShield Connect", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher modules: nShield F3 6000e, Shield F3 1500e, nShield F3 500e, nShield 10e, nShield F3 6000e for nShield Connect, nShield F3 1500e for nShield Connect and nShield F3 500e for nShield Connect family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1196", "Certificate Number": "1196", "Vendor Name": "Thales - nCipher", "Module Name": "nShield F2 6000e, nShield F2 1500e, nShield F2 500e and nShield F2 10e", "Module Type": "Hardware", "Validation Date": "10/06/200902/17/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1196.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1196", "detail_available": true, "module_name": "nShield F2 6000e, nShield F2 1500e, nShield F2 500e and nShield F2 10e", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher modules: nShield F2 6000e, Shield F2 1500e, nShield F2 500e, and nShield 10e family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1195", "Certificate Number": "1195", "Vendor Name": "Thales - nCipher", "Module Name": "nShield F3 4000, nShield F3 2000, nShield F3 2000 for NetHSM, nShield F3 500 and nShield F3 500 for NetHSM", "Module Type": "Hardware", "Validation Date": "10/06/200902/17/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1195.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1195", "detail_available": true, "module_name": "nShield F3 4000, nShield F3 2000, nShield F3 2000 for NetHSM, nShield F3 500 and nShield F3 500 for NetHSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nShield modules: nCipher 4000, nShield 2000, nShield 2000 for NetHSM, nShield 500, and nShield 500 for NetHSM family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1194", "Certificate Number": "1194", "Vendor Name": "Pulse Secure, LLC.", "Module Name": "Pulse Secure Network Connect Cryptographic Module", "Module Type": "Software", "Validation Date": "10/06/200912/11/201302/13/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1194.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1194", "detail_available": true, "module_name": "Pulse Secure Network Connect Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Pulse Secure Network Connect Cryptographic Module (PSNCCM) is a general purpose cryptographic library. The PSNCCM is a user mode binary module for the Windows operating system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1193", "Certificate Number": "1193", "Vendor Name": "Neopost Technologies", "Module Name": "PSD Models C22, C28, C35 and C56", "Module Type": "Hardware", "Validation Date": "10/06/200904/09/201001/13/201103/15/201107/05/201112/01/201104/12/201201/01/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1193.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1193", "detail_available": true, "module_name": "PSD Models C22, C28, C35 and C56", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Neopost Canadian PSD (Postal Secure Device) for Low to High Range Franking machines." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1192", "Certificate Number": "1192", "Vendor Name": "Sony Corporation", "Module Name": "Sony Security Module", "Module Type": "Hardware", "Validation Date": "10/06/200901/06/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1192.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1192", "detail_available": true, "module_name": "Sony Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Sony Security Module (SSM) is a multi-chip embedded cryptographic module that is encapsulated in a hard opaque commercial grade metal case. The cryptographic boundary is defined as the entire metal case perimeter, including all hardware, software, and firmware encapsulated within. The interfaces are all traces that cross the crypto graphic boundary. The primary purpose of the SSM is to provide decryption, decoding/encoding of audio/video data for the digital cinema projector system in which it is being employed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1191", "Certificate Number": "1191", "Vendor Name": "SanDisk Corporation", "Module Name": "TrustedFlash v1.0 - microSD", "Module Type": "Hardware", "Validation Date": "09/21/200911/20/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1191.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1191", "detail_available": true, "module_name": "TrustedFlash v1.0 - microSD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "TrustedFlash™ v1.0 - microSD is SanDisk's proprietary TrustedFlash v1.0 security technology implemented on the microSD form factor which provides a platform for the implementation of an advance security technology that complies with FIPS 140-2 level 3 requirements. TrustedFlash provides authentication and data encryption that can be used with secured applications including e-commerce, protected digital content distribution and enabling users to play protected content, services and applications on authorized TrustedFlash-enabled devices, such as mobile phones, portable media players, etc." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1190", "Certificate Number": "1190", "Vendor Name": "Raytheon Oakley Systems, Inc.", "Module Name": "FIPS Linux Cryptographic Module", "Module Type": "Software", "Validation Date": "09/21/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1190.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1190", "detail_available": true, "module_name": "FIPS Linux Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Raytheon Oakley Systems FIPS Linux Cryptographic Module is a software module providing cryptographic functionality for the Raytheon Oakley Systems InnerView insider threat product. InnerView is an enterprise monitoring, threat detection, and policy enforcement solution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1189", "Certificate Number": "1189", "Vendor Name": "Pulse Secure, LLC.", "Module Name": "Odyssey Security Component", "Module Type": "Software", "Validation Date": "10/28/200912/11/201302/13/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1189.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1189", "detail_available": true, "module_name": "Odyssey Security Component", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Odyssey Security Component (OSC) is a general purpose cryptographic library. OSC / User Mode is a user mode binary module for the Windows operating system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1188", "Certificate Number": "1188", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Aironet Lightweight AP1131, AP1142, AP1242, AP1252 and AP1522 Wireless LAN Access Points", "Module Type": "Hardware", "Validation Date": "10/20/200911/20/200907/02/201007/30/201009/17/201008/22/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1188.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1188", "detail_available": true, "module_name": "Cisco Aironet Lightweight AP1131, AP1142, AP1242, AP1252 and AP1522 Wireless LAN Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Aironet Lightweight 1142, 1131, 1252, 1242, 1522 access points deliver the versatility, high capacity and enterprise class security required for small, medium and large Government indoor and outdoor wireless deployments. In FIPS 140-2 mode of operation, the Cisco APs support the LWAPP, MFP, IEEE 802.11i & IEEE 802.1x standards & AES for WPA2 encryption. WPA2 is the Wi-Fi Alliance certification for interoperable, standards-based WLAN security." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1187", "Certificate Number": "1187", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Datacryptor® Gig Ethernet v1.0 and v1.1", "Module Type": "Hardware", "Validation Date": "09/21/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1187.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1187", "detail_available": true, "module_name": "Datacryptor® Gig Ethernet v1.0 and v1.1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Datacryptor® Gig Ethernet v1.0 and v1.1 are multi-chip standalone cryptographic modules. They secure communications using signed Diffie-Hellman key exchange and AES-256 encryption over Gigabit Ethernet networks. They provide data encryption over 1000baseX (802.3z) with supported media types of 1000BaseSX (short-haul fiber), 1000BaseLX (long-haul fiber) or 1000BaseCX (single twisted-pair copper). The units also provide integrated secure unit management capability employing the same techniques used for traffic encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1186", "Certificate Number": "1186", "Vendor Name": "Midland Radio Corporation", "Module Name": "Syn-Tech III P25 Radio Series", "Module Type": "Hardware", "Validation Date": "09/21/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1186.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1186", "detail_available": true, "module_name": "Syn-Tech III P25 Radio Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Midland Syn-Tech III P25 radios provide Project 25 encrypted and clear voice, data and Short Message Service communications in accordance with the Project 25 Digital Land Mobile Radio standards suite. In addition, conventional analog radio voice communications are supported. It is a multi-chip standalone cryptographic module consisting of production grade components in accordance to FIPS 140-2 security level 1." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1185", "Certificate Number": "1185", "Vendor Name": "RELM Wireless Corporation", "Module Name": "FIPSCOM Cryptographic Module", "Module Type": "Hardware", "Validation Date": "09/21/200910/16/200905/11/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1185.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1185", "detail_available": true, "module_name": "FIPSCOM Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The FIPSCOM is an embedded cryptographic module that provides encryption functions for secure digital communications products. The FIPSCOM can be incorporated into any BK Radio brand subscriber equipment requiring FIPS 140-2, Level 1 security." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1184", "Certificate Number": "1184", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-5050 and FortiGate-5140", "Module Type": "Hardware", "Validation Date": "09/21/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1184.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1184", "detail_available": true, "module_name": "FortiGate-5050 and FortiGate-5140", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "FortiGate Multi-Threat Security Solutions are dedicated, hardware-based devices that deliver complete content protection against blended threats at the network perimeter or within the internal network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1183", "Certificate Number": "1183", "Vendor Name": "", "Module Name": "", "Module Type": "Software", "Validation Date": "08/31/200910/26/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1183.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1183", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Software", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1182", "Certificate Number": "1182", "Vendor Name": "McAfee, Inc.", "Module Name": "Network Security Platform Sensor M-6050 and M-8000 (M-8000 P and M-8000 S)", "Module Type": "Hardware", "Validation Date": "08/31/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1182.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1182", "detail_available": true, "module_name": "Network Security Platform Sensor M-6050 and M-8000 (M-8000 P and M-8000 S)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Network Security Platform products (formerly known as IntruShield) are IPS & IDS systems that protect network infrastructures & endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, & encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments & permits the customer to receive real-time network status updates & alerts, implement customized security policies & incident response plans, & perform forensic analysis of attacks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1181", "Certificate Number": "1181", "Vendor Name": "Motorola, Inc.", "Module Name": "Astro Subscriber Motorola Advanced Crypto Engine (MACE)", "Module Type": "Hardware", "Validation Date": "08/31/200903/05/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1181.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1181", "detail_available": true, "module_name": "Astro Subscriber Motorola Advanced Crypto Engine (MACE)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode with firmware [R01.00.00 (AES Cert. #819)]", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The MACE cryptographic processor is used in security modules embedded in Motorola's Astro family of radio systems products. It provides secure voice and data capabilities as well as APCO Over-The-Air-Rekeying and advanced key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1180", "Certificate Number": "1180", "Vendor Name": "Security First Corp.", "Module Name": "SecureParser®", "Module Type": "Software-Hybrid", "Validation Date": "08/31/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1180.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1180", "detail_available": true, "module_name": "SecureParser®", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "The SecureParser® is a security and high data availability architecture delivered in the form of a software toolkit that provides cryptographic data splitting (data encryption, random or deterministic distribution to multiple shares including additional fault tolerant bits, key splitting, authentication, integrity, share reassembly, key restoration and decryption) of arbitrary data. During the split process, additional redundant data may be optionally written to each share enabling the capability of restoring the original data when all shares are not available." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1179", "Certificate Number": "1179", "Vendor Name": "SPYRUS, Inc.", "Module Name": "Hydra PC FIPS File Encryption Module", "Module Type": "Hardware", "Validation Date": "08/31/200910/30/200904/09/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1179.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1179", "detail_available": true, "module_name": "Hydra PC FIPS File Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Hydra PC FIPS File Encryption Module is a multifunctional security device providing the U. S. Government's Suite B standard algorithms, including AES, ECC, and SHA-2. The Hydra PC FIPS File Encryption Module stores encrypted files on a replaceable miniSD/miniSDHC memory card for almost unlimited storage capacity. An exclusive authentication feature can limit the use of a Hydra PC FIPS File Encryption Module to a specifically designated enclave, preventing all external use even if the user knows the logon PIN. Comes with Microsoft Windows file interface." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1178", "Certificate Number": "1178", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® CA4", "Module Type": "Hardware", "Validation Date": "08/31/200905/17/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1178.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1178", "detail_available": true, "module_name": "Luna® CA4", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Luna CA4 cryptographic module is a multi-chip standalone hardware cryptographic module in the form of a PCMCIA card that typically resides within a custom computing or secure communications appliance. It is contained in its own secure enclosure that provides physical resistance to tampering. The module provides secure key generation and storage for symmetric keys and asymmetric key pairs along with symmetric and asymmetric cryptographic services.", "algorithms": [ "AES", "DES", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1177", "Certificate Number": "1177", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCM", "Module Type": "Hardware", "Validation Date": "08/31/200905/17/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1177.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1177", "detail_available": true, "module_name": "Luna® PCM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Luna PCM cryptographic module is a multi-chip standalone hardware cryptographic module in the form of a PCMCIA card that typically resides within a custom computing or secure communications appliance. It is contained in its own secure enclosure that provides physical resistance to tampering. The module provides secure key generation and storage for symmetric keys and asymmetric key pairs along with symmetric and asymmetric cryptographic services. Access to key material and cryptographic services for users and user application software is provided indirectly through the host appliance.", "algorithms": [ "AES", "DES", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1176", "Certificate Number": "1176", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI Cryptographic Module", "Module Type": "Hardware", "Validation Date": "08/31/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1176.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1176", "detail_available": true, "module_name": "Luna® PCI Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Luna PCI offers dedicated hardware key management to protect sensitive cryptographic keys from attack. The high-security hardware design ensures the integrity and protection of encryption keys throughout their life cycle. All digital signing and verification operations are performed within the HSM to increase performance and maintain security. Luna PCI HSMs provide hardware secured key generation, storage, secure key backup and accelerated encryption in a range of models and configurations offering a wide selection of security, performance and operational capabilities.", "algorithms": [ "AES", "DES", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1175", "Certificate Number": "1175", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "08/13/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1175.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1175", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1174", "Certificate Number": "1174", "Vendor Name": "Utimaco Inc.", "Module Name": "Atalla Cryptographic Subsystem (ACS)", "Module Type": "Hardware", "Validation Date": "08/31/200909/19/201101/25/201612/21/201712/04/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1174.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1174", "detail_available": true, "module_name": "Atalla Cryptographic Subsystem (ACS)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 4, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Atalla Cryptographic Subsystem (ACS) is a multiple-chip embedded cryptographic module that provides secure cryptographic processing. The ACS features secure key management and storage capabilities, and also provides high performance AES processing." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1173", "Certificate Number": "1173", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "SSG 520M and SSG 550M", "Module Type": "Hardware", "Validation Date": "08/18/200901/28/201012/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1173.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1173", "detail_available": true, "module_name": "SSG 520M and SSG 550M", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SSG 500 Series consists of high-performance security platforms for regional branch office and medium-sized, standalone businesses that want to stop internal and external attacks, prevent unauthorized access and achieve regulatory compliance. The SSG 550/SSG 550M provides 1+ Gbps of stateful firewall performance and 500 Mbps of IPSec VPN performance, while the SSG 520/SSG 520M provides 650 Mbps of stateful firewall performance and 300 Mbps of IPSec VPN performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1172", "Certificate Number": "1172", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "SSG 320M and SSG 350M", "Module Type": "Hardware", "Validation Date": "08/18/200901/28/201012/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1172.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1172", "detail_available": true, "module_name": "SSG 320M and SSG 350M", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SSG 300 Series comprises high-performance security platforms that help businesses stop internal and external attacks, prevent unauthorized access, and achieve regulatory compliance. The SSG 350M provides 500 Mbps of stateful firewall performance and 225 Mbps of IPSec VPN performance, while the SSG 320M provides 400 Mbps of stateful firewall performance and 175 Mbps of IPSec VPN performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1171", "Certificate Number": "1171", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "SSG 140", "Module Type": "Hardware", "Validation Date": "08/18/200901/28/201012/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1171.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1171", "detail_available": true, "module_name": "SSG 140", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SSG 140 is a high-performance security platform for branch offices and small/medium sized standalone businesses that want to stop internal and external attacks, prevent unauthorized access, and achieve regulatory compliance. The SSG 140 is a modular platform that delivers more than 350 Mbps of stateful firewall traffic and 100 Mbps of IPSec VPN traffic." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1170", "Certificate Number": "1170", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "SSG 5 and SSG 20", "Module Type": "Hardware", "Validation Date": "08/18/200901/28/201012/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1170.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1170", "detail_available": true, "module_name": "SSG 5 and SSG 20", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SSG 5 and SSG 20 are high-performance security platforms for small branch office and standalone businesses that want to stop internal and external attacks, prevent unauthorized access and achieve regulatory compliance. Both the SSG 5 and SSG 20 deliver 160 Mbps of stateful firewall traffic and 40 Mbps of IPSec VPN traffic." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1169", "Certificate Number": "1169", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "NetScreen-ISG 1000 and NetScreen-ISG 2000", "Module Type": "Hardware", "Validation Date": "08/18/200901/28/201002/12/201012/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1169.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1169", "detail_available": true, "module_name": "NetScreen-ISG 1000 and NetScreen-ISG 2000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Juniper Networks ISG 1000 and ISG 2000 are fully integrated firewall/VPN systems that provide multi-gigabit performance, modular architecture and rich virtualization capabilities. They provide an ideal solution for large enterprise, data center, and service provider networks. The ISG Series firewall/VPN-based systems deliver security features such as Intrusion Prevention System (IPS), anti-spam, Web filtering, and Internet Content Adaptation Protocol (ICAP) antivirus redirection support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1168", "Certificate Number": "1168", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "NetScreen-5200 and NetScreen-5400", "Module Type": "Hardware", "Validation Date": "08/18/200901/28/201002/12/201012/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1168.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1168", "detail_available": true, "module_name": "NetScreen-5200 and NetScreen-5400", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Juniper Networks NetScreen-5000 Series is a line of purpose built, high-performance security systems designed to deliver a new level of high-performance capabilities for large enterprise, carrier, and data center networks. The NetScreen-5000 Series consists of two products, the 2-slot NetScreen-5200 and the 4-slot NetScreen-5400. The NetScreen-5000 Series security systems integrate firewall, DoS and DDoS protection, VPN, and traffic management functionality in low-profile modular chassis." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1167", "Certificate Number": "1167", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI Cryptographic Module", "Module Type": "Hardware", "Validation Date": "08/31/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1167.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1167", "detail_available": true, "module_name": "Luna® PCI Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Luna PCI offers dedicated hardware key management to protect sensitive cryptographic keys from attack. The high-security hardware design ensures the integrity and protection of encryption keys throughout their life cycle. All digital signing and verification operations are performed within the HSM to increase performance and maintain security. Luna PCI HSMs provide hardware secured key generation, storage, secure key backup and accelerated encryption in a range of models and configurations offering a wide selection of security, performance and operational capabilities.", "algorithms": [ "AES", "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1166", "Certificate Number": "1166", "Vendor Name": "Accellion, Inc.", "Module Name": "Secure File Transfer Appliance", "Module Type": "Hardware", "Validation Date": "08/18/200910/02/200912/08/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1166.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1166", "detail_available": true, "module_name": "Secure File Transfer Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Accellion Secure File Transfer Appliance is a key component of Accellion's secure file transfer solution that enables enterprises an easy to use solution for securely transferring large files. It helps eliminate FTP servers and offload file attachments from email resulting in improved email performance and reduced email storage. Extensive tracking and reporting tools enable companies to demonstrate compliance with SOX, HIPAA, FDA, and GLB regulations. Accellion appliances provide the highest level of security and ease of use of any enterprise file transfer solution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1165", "Certificate Number": "1165", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "Fortress Secure Bridge", "Module Type": "Hardware", "Validation Date": "08/18/200903/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1165.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1165", "detail_available": true, "module_name": "Fortress Secure Bridge", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Fortress Secure Bridge is an all-in-one network access device housed in a rugged compact chassis, with the most stringent security available today built in. It can serve as a wireless bridge, a WLAN access point, and an eight-port LAN switch, while performing all the functions of a Fortress controller device: encrypting wireless traffic and providing Multi-factor Authentication for devices on the network it protects." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1164", "Certificate Number": "1164", "Vendor Name": "Meru Networks", "Module Name": "Meru Networks Security Gateway SG1000 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "08/18/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1164.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1164", "detail_available": true, "module_name": "Meru Networks Security Gateway SG1000 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Meru Networks Security Gateway SG1000 Cryptographic Module is a high performance purpose built security solution for Wireless LAN deployments. The Meru Networks Security Gateway SG1000 Cryptographic Module provides a FIPS 140-2 Level 3 security solution conforming to the IEEE 802.11i security standards. The Meru Networks Security Gateway SG1000 Cryptographic Module is installed in a slot in the Meru Networks Security Gateway SG1000 appliance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1163", "Certificate Number": "1163", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI Cryptographic Module for Luna® IS", "Module Type": "Hardware", "Validation Date": "08/18/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1163.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1163", "detail_available": true, "module_name": "Luna® PCI Cryptographic Module for Luna® IS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Luna® PCI for Luna® IS offers hardware-based key management and cryptographic operations to protect sensitive keys. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI card.", "algorithms": [ "AES", "DES", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1162", "Certificate Number": "1162", "Vendor Name": "Brocade Communications Systems, Inc.", "Module Name": "Brocade Encryption Switch/FS8-18 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "07/29/200912/22/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1162.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1162", "detail_available": true, "module_name": "Brocade Encryption Switch/FS8-18 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Cryptographic module for the Brocade Encryption Switch and FS8-18." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1161", "Certificate Number": "1161", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-1000A and FortiGate-3600", "Module Type": "Hardware", "Validation Date": "07/29/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1161.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1161", "detail_available": true, "module_name": "FortiGate-1000A and FortiGate-3600", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "FortiGate Multi-Threat Security Solutions are dedicated, hardware-based devices that deliver complete content protection against blended threats at the network perimeter or within the internal network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1160", "Certificate Number": "1160", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "KVL 3000 Plus", "Module Type": "Hardware", "Validation Date": "07/29/200901/31/201101/30/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1160.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1160", "detail_available": true, "module_name": "KVL 3000 Plus", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The KVL 3000 Plus is a portable key distribution device. Encryption keys can be loaded into the KVL manually through its keypad interface or transferred from a Key Management Facility through its serial interface. These keys can then be distributed to various secure communications equipment such as mobile and portable radios, base stations, zone controllers, data controllers, and other fixed network devices. The KVL also includes a PCMCIA interface for software upgrades." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1159", "Certificate Number": "1159", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-Kernel", "Module Type": "Software", "Validation Date": "07/29/200908/20/201009/07/201002/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1159.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1159", "detail_available": true, "module_name": "RSA BSAFE® Crypto-Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSA BSAFE® Crypto-Kernel is a cryptographic library from RSA, The Security Division of EMC, to provide symmetric encryption, hashing, and message authentication code creation, in the operating system kernel. It provides Advanced Encryption Standard (AES) cipher, SHA-256 message digest, and HMAC capabilities.", "algorithms": [ "AES", "DES", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1158", "Certificate Number": "1158", "Vendor Name": "AirMagnet, Inc.", "Module Name": "SmartEdge Sensor A5020, A5023, A5120 and A5123", "Module Type": "Hardware", "Validation Date": "07/29/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1158.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1158", "detail_available": true, "module_name": "SmartEdge Sensor A5020, A5023, A5120 and A5123", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SmartEdge Sensor is equipped with patent pending AirWISE Analytical Engine that, in real time, monitors and analyzes the security, performance, and reliability of the wireless network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1157", "Certificate Number": "1157", "Vendor Name": "Oracle Corporation", "Module Name": "Sun StorageTek™ T10000A Tape Drive", "Module Type": "Hardware", "Validation Date": "07/16/200909/02/200905/05/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1157.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1157", "detail_available": true, "module_name": "Sun StorageTek™ T10000A Tape Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Sun StorageTek™ T10000A tape drive provides 500 GB native capacity and 120 MB/sec throughput. The T10000A is designed for maximum security and performance in enterprise-level applications. It employs AES-256 encryption to protect and authenticate customer data while also using AES-256 to provide secure and authenticated transmission of key material. Designed for maximum performance, the drive allows the use of multiple keys per tape with a cache memory to minimize the overhead of key transmission. Works seamlessly with the Sun KMA 2.x to provide a secure end-to-end management solution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1156", "Certificate Number": "1156", "Vendor Name": "Oracle Corporation", "Module Name": "Sun StorageTek™ T10000B Tape Drive", "Module Type": "Hardware", "Validation Date": "07/16/200909/02/200905/05/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1156.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1156", "detail_available": true, "module_name": "Sun StorageTek™ T10000B Tape Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Sun StorageTek™ T10000B tape drive provides 1 TB native capacity and 120 MB/sec throughput using the same media and with backward read compatibility to the T10000A. Designed for maximum security and performance, the T10000B provides AES-256 encryption to protect and authenticate customer data and to provide secure, authenticated transmission of key material. Designed for maximum performance, the drive allows the use of multiple keys per tape with a cache memory to minimize the overhead of key transmission. Works seamlessly with the Sun KMA 2.x to provide a secure end-to-end management solution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1155", "Certificate Number": "1155", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 6506, Catalyst 6506-E, Catalyst 6509 and Catalyst 6509-E Switch with Catalyst 6500 Series VPN Services Port Adapter (ws-ipsec-2 and ws-ipsec-3)", "Module Type": "Hardware", "Validation Date": "07/16/200905/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1155.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1155", "detail_available": true, "module_name": "Cisco Catalyst 6506, Catalyst 6506-E, Catalyst 6509 and Catalyst 6509-E Switch with Catalyst 6500 Series VPN Services Port Adapter (ws-ipsec-2 and ws-ipsec-3)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Catalyst 6500 series switches with the IPSec VPN SPA offer versatility, integration, and security to branch offices. With numerous network modules and service modules available, the modular architecture of the Cisco router easily allows interfaces to be upgraded to accommodate network expansion. The Catalyst 6500 series switches provide a scalable, secure, manageable remote access server that meets FIPS 140-2 Level 2 requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1154", "Certificate Number": "1154", "Vendor Name": "Digi International, Inc.", "Module Name": "Digi Passport 4 FIPS, 8 FIPS, 16 2 AC FIPS, 32 2 AC FIPS and 48 2 AC FIPS", "Module Type": "Hardware", "Validation Date": "07/16/200911/27/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1154.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1154", "detail_available": true, "module_name": "Digi Passport 4 FIPS, 8 FIPS, 16 2 AC FIPS, 32 2 AC FIPS and 48 2 AC FIPS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The latest entry in Digi's advanced console management line, the Digi Passport provides secure remote access to the console ports of computer systems and network equipment. In addition to conventional serial console connections, the Digi Passport connects to the service processors of the leading server vendors. It also provides SMASH extensions to each of these network-based access protocols." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1153", "Certificate Number": "1153", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 6506, Catalyst 6506-E, Catalyst 6509 and Catalyst 6509-E Switch with Catalyst 6500 Series VPN Services Port Adapter (ws-ipsec-2 and ws-ipsec-3)", "Module Type": "Hardware", "Validation Date": "07/01/200905/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1153.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1153", "detail_available": true, "module_name": "Cisco Catalyst 6506, Catalyst 6506-E, Catalyst 6509 and Catalyst 6509-E Switch with Catalyst 6500 Series VPN Services Port Adapter (ws-ipsec-2 and ws-ipsec-3)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Catalyst 6500 series switches with the VPN Services Port Adapter offer versatility, integration, and security to branch offices. With numerous network modules and service modules available, the modular architecture of the Cisco router easily allows interfaces to be upgraded to accommodate network expansion. The Catalyst 6500 series switches provide a scalable, secure, manageable remote access server that meets FIPS 140-2 Level 2 requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1152", "Certificate Number": "1152", "Vendor Name": "IBM® Corporation", "Module Name": "IBM System Storage LTO Ultrium 4 Tape Drive", "Module Type": "Hardware", "Validation Date": "07/01/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1152.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1152", "detail_available": true, "module_name": "IBM System Storage LTO Ultrium 4 Tape Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The IBM LTO Ultrium 4 Tape Drive provides AES-GCM encryption of customer data recorded to tape. Both encryption and compression are implemented in the hardware for optimum performance. Three different host interface types of the LTO Ultrium 4 \"brick\" unit are FIPS certified as a multi-chip, standalone cryptographic module. In customer operation the \"brick\" unit may be embedded in bridge box or in a canister package for operation in a library." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1151", "Certificate Number": "1151", "Vendor Name": "Rajant Corporation", "Module Name": "BreadCrumb® ME2 1S2F", "Module Type": "Hardware", "Validation Date": "07/01/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1151.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1151", "detail_available": true, "module_name": "BreadCrumb® ME2 1S2F", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Rajant BreadCrumb® ME2 1S2F is a rugged wireless transmitter-receiver that forms a mesh network (using InstaMesh®) when used in conjunction with other BreadCrumb® devices. This portable wireless mesh network node supports an open-standard IEEE 802.11 b/g radio with up to two antennas to enable data, voice and video applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1150", "Certificate Number": "1150", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "06/22/200912/11/200905/03/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1150.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1150", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1149", "Certificate Number": "1149", "Vendor Name": "Imation Corp.", "Module Name": "Imation S200/D200", "Module Type": "Hardware", "Validation Date": "06/24/200908/28/200910/02/200911/20/200912/22/200903/26/201008/02/201010/26/201104/24/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1149.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1149", "detail_available": true, "module_name": "Imation S200/D200", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "Files distributed with the module mounted within the CD Drive are excluded from the validation.", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The IronKey Secure Flash Drive includes a high-speed hardware-based 256 Bit AES cryptography engine for encrypting and decrypting NAND flash and RAM buffers via USB. It also includes RSA, HMAC, SHA-256, SHA-1, and RNG algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1148", "Certificate Number": "1148", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Unified Wireless IP Phone 7921G and 7925G", "Module Type": "Hardware", "Validation Date": "06/24/200905/28/201002/09/201202/23/201201/24/201310/25/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1148.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1148", "detail_available": true, "module_name": "Cisco Unified Wireless IP Phone 7921G and 7925G", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "For workers who need to communicate while moving about the workplace or campus, the Cisco Unified Wireless IP Phone 7921G and 7925G provide wired phone capabilities in an easy-to-navigate, menu directed wireless phone. These phones can be programmed with six extensions or a combination of extensions and speed dials. Each have a 2-inch color display; speakerphone capabilities, a new combination charger and speakerphone stand. Additionally, the 7925G provides support for bluetooth headsets." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1147", "Certificate Number": "1147", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "06/18/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1147.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1147", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1146", "Certificate Number": "1146", "Vendor Name": "Research In Motion Ltd.", "Module Name": "BlackBerry Cryptographic Kernel", "Module Type": "Firmware", "Validation Date": "06/24/200901/28/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1146.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1146", "detail_available": true, "module_name": "BlackBerry Cryptographic Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-to-end solution. The BlackBerry Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1145", "Certificate Number": "1145", "Vendor Name": "Oberthur Technologies", "Module Name": "Oberthur ID-One Cosmo 128 v5.5 for DoD CAC", "Module Type": "Hardware", "Validation Date": "06/24/200908/02/201002/06/201406/09/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1145.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1145", "detail_available": true, "module_name": "Oberthur ID-One Cosmo 128 v5.5 for DoD CAC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This module is based on the Oberthur Dual Interface (ISO7816 & ISO14443) ID-One Cosmo family of Smart Cards that provide a secure Javacard platform with data storage and enhanced cryptographic processing capabilities specifically designed to fit the needs of government and enterprise personnel identification applications. This configuration runs ActivIdentity applet suite V 2.6.2B into its 144K EEPROM memory. The Applet Suite provides services for authentication, access control, generic container and PKI. It conforms to SP800-73-1 Transitional & End-Point Card Edge (for HSPD-12/PIV)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1144", "Certificate Number": "1144", "Vendor Name": "SCsquare Ltd.", "Module Name": "Apollo OS V4.03 on SLE66CX680PE m1534-a13", "Module Type": "Firmware", "Validation Date": "06/24/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1144.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1144", "detail_available": true, "module_name": "Apollo OS V4.03 on SLE66CX680PE m1534-a13", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Single-chip", "description": "Apollo OS V4.03 on SLE66CX680PE is a multi-purpose smart card utilizing an ISO 7816 file system. Apollo OS V4.03 is implemented as firmware in ROM of an Infineon SLE66CX680PE smart card controller IC." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1143", "Certificate Number": "1143", "Vendor Name": "Mitsubishi Electric Corporation Kamakura Works", "Module Name": "Command Encryption Module", "Module Type": "Firmware", "Validation Date": "06/24/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1143.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1143", "detail_available": true, "module_name": "Command Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the Operational Environment configuration specified on the reverse with the Firewall configured per Section 11 in the Security Policy", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "Command Encryption Module is a firmware module designed to perform Triple DES CFB mode encryption functions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1142", "Certificate Number": "1142", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "06/03/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1142.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1142", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1141", "Certificate Number": "1141", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco ASA 5505, 5510, 5520, 5540 and 5550 Security Appliances", "Module Type": "Hardware", "Validation Date": "06/24/200907/17/200901/28/201002/12/201005/05/201005/28/201006/02/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1141.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1141", "detail_available": true, "module_name": "Cisco ASA 5505, 5510, 5520, 5540 and 5550 Security Appliances", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1140", "Certificate Number": "1140", "Vendor Name": "EF Johnson Technologies", "Module Name": "Johnson Encryption Machine 2 (JEM2)", "Module Type": "Hardware", "Validation Date": "06/25/200907/02/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1140.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1140", "detail_available": true, "module_name": "Johnson Encryption Machine 2 (JEM2)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The EF Johnson Technologies Johnson Encryption Machine 2 (JEM2) is a cryptographic module meeting the FIPS140-2, Level 1 requirement. The JEM2 provides cryptographic operations to support Project 25 infrastructure. The JEM2 supports AES OTAR, AES, DSA, SHA-1, SHA-256, SHA-512, and HMAC FIPS Approved algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1139", "Certificate Number": "1139", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 3271 High Performance Mobile Access Router Card (HMARC)", "Module Type": "Hardware", "Validation Date": "05/28/200905/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1139.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1139", "detail_available": true, "module_name": "Cisco 3271 High Performance Mobile Access Router Card (HMARC)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Cisco 3271 Rugged ISR is a high-performance, ruggedized router designed to support multiple applications running concurrently over wired or wireless networks. With onboard hardware encryption, the Cisco 3271 offloads encryption processing from the router to provide highly secure yet scalable video, voice, and data services for mobile and embedded outdoor networks.", "algorithms": [ "AES", "DES", "HMAC", "RSA", "SHA", "SSH" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1138", "Certificate Number": "1138", "Vendor Name": "NitroSecurity Inc.", "Module Name": "NitroView ESM/Receiver Cryptographic Module", "Module Type": "Hardware", "Validation Date": "05/28/200910/23/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1138.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1138", "detail_available": true, "module_name": "NitroView ESM/Receiver Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with module OpenSSL FIPS Object Module validated to FIPS 140-2 under Cert. #918 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The NitroView ESM/Receiver is a multi-chip standalone cryptographic module consisting of production grade components contained within an opaque hard production-grade enclosure (the outside case is steel). The removable cover is protected by tamper evident security seals in accordance with FIPS 140-2 Level 2. The cryptographic boundary is the metal enclosure of the device." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1137", "Certificate Number": "1137", "Vendor Name": "SafeNet, Inc.", "Module Name": "ProtectServer Gold (PSG)", "Module Type": "Hardware", "Validation Date": "05/22/200907/24/200903/28/201111/08/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1137.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1137", "detail_available": true, "module_name": "ProtectServer Gold (PSG)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeNet PSG Adapter is a high-end intelligent PCI adapter card that provides a wide range of cryptographic functions using firmware and dedicated hardware processors. Access to the PSG is provided via a comprehensive PKCS#11 API, allowing extremely flexible use of the module in a multitude of applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1136", "Certificate Number": "1136", "Vendor Name": "Aladdin Knowledge Systems, Ltd.", "Module Name": "Aladdin eToken PRO (Java) HD and Aladdin eToken Anywhere HD", "Module Type": "Hardware", "Validation Date": "05/22/200907/02/201010/26/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1136.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1136", "detail_available": true, "module_name": "Aladdin eToken PRO (Java) HD and Aladdin eToken Anywhere HD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Aladdin eToken PRO (Java) HD offers strong authentication and guaranteed non-repudiation for sensitive applications such a eBanking, stock trading, eCommerce and financial transactions. Aladdin eToken PRO (Java) HD is based on the Athena IDProtect Java Card smart card operating system that is compliant with the Java Card 2.2.2 and Global Platform 2.1.1 specifications and FIPS 140-2 Level 3 (Level 4 for physical security). IDProtect supports FIPS Approved Random Number Generator, TDES, AES, SHA-1, SHA-256, and RSA up to 2048 bits including on board key generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1135", "Certificate Number": "1135", "Vendor Name": "Aladdin Knowledge Systems, Ltd.", "Module Name": "Aladdin eToken PRO (Java), Aladdin eToken Anywhere and Aladdin eToken PRO (Java) SC", "Module Type": "Hardware", "Validation Date": "05/22/200907/02/201010/26/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1135.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1135", "detail_available": true, "module_name": "Aladdin eToken PRO (Java), Aladdin eToken Anywhere and Aladdin eToken PRO (Java) SC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Aladdin eToken PRO (Java) and Aladdin eToken PRO (Java) SC offers strong authentication and guaranteed non-repudiation for sensitive applications such a eBanking, stock trading, eCommerce and financial transactions. Aladdin eToken PRO (Java) and Aladdin eToken PRO (Java) SC are based on the Athena IDProtect Java Card smart card operating system that is compliant with the Java Card 2.2.2 and Global Platform 2.1.1 specifications and FIPS 140-2 Level 3 (Level 4 for physical security). IDProtect supports FIPS Approved Random Number Generator, TDES, AES, SHA-1, SHA-256, and RSA up to 2048 bits incl" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1134", "Certificate Number": "1134", "Vendor Name": "Mobile Armor, Inc.", "Module Name": "Mobile Armor Cryptographic Module", "Module Type": "Software", "Validation Date": "05/22/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1134.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1134", "detail_available": true, "module_name": "Mobile Armor Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Mobile Armor Cryptographic Module 3.0 is a multi-chip standalone software module running on a standard IBM compatible personal computer, an Intel-based Mac, or a mobile device. On the PC, the software module can execute within a Linux, Microsoft Windows or Mac OS X operating system; while on a mobile device the module can be executed within a Windows Mobile Operating System." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1133", "Certificate Number": "1133", "Vendor Name": "ViaSat UK Ltd.", "Module Name": "FlagStone Core", "Module Type": "Hardware", "Validation Date": "05/22/200906/01/200901/06/201006/21/201107/27/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1133.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1133", "detail_available": true, "module_name": "FlagStone Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The FlagStone Core is a multi-chip embedded cryptographic module used within the Eclypt and the Eclypt Freedom Drives. The FlagStone Core, and subsequently the Eclypt and Eclypt Freedom Drives utilising the FlagStone Core, provide access control and data encryption services to protect access to data stored on a HDD (Hard Disk Drive). All accessible sectors on a HDD connected to a FlagStone Core are encrypted." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1132", "Certificate Number": "1132", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Endpoint Encryption for Files and Folders", "Module Type": "Software", "Validation Date": "05/22/200907/24/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1132.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1132", "detail_available": true, "module_name": "McAfee Endpoint Encryption for Files and Folders", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "McAfee Endpoint Encryption for Files and Folders is a user transparent and high performing client software for encryption of files and folders on local drives, network shares, removable media and CD/DVD. E-mail attachments may also be encrypted for both internal and external recipients. In addition, the centralized McAfee Endpoint Encryption management system provides flexible and powerful management of encryption policies and keys, robust recovery tools, policy enforcement and remote deployment." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1131", "Certificate Number": "1131", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Endpoint Encryption for PCs", "Module Type": "Software", "Validation Date": "05/22/200907/24/200902/12/201003/28/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1131.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1131", "detail_available": true, "module_name": "McAfee Endpoint Encryption for PCs", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "McAfee Endpoint Encryption for PC is a high performance software solution that provides sector-level encryption of a PC's hard drive in a manner that is totally transparent to the user. In addition, the centralized McAfee Endpoint Encryption management system provides robust recovery tools, administration, and implementation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1130", "Certificate Number": "1130", "Vendor Name": "CommVault Systems, Inc.", "Module Name": "CommVault Crypto Library", "Module Type": "Software", "Validation Date": "05/12/200905/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1130.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1130", "detail_available": true, "module_name": "CommVault Crypto Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "CommVault Crypto Library (CVCL) is a cryptographic software module used in various products by CommVault Systems, Inc. The module provides a collection of FIPS Approved and Non-FIPS Approved cryptographic services for key generation, symmetric and asymmetric encryption, hash, HMAC and signature generation/verification." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1129", "Certificate Number": "1129", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "Fortress Secure Client", "Module Type": "Software", "Validation Date": "07/06/200903/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1129.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1129", "detail_available": true, "module_name": "Fortress Secure Client", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Fortress Secure Client is a software module designed to deliver security on wireless devices such as bar scanners, handhelds, and laptops using various operating systems. A plug-and-play solution, the Client encrypts and decrypts communication across the WLAN and protects the device against attacks without user intervention." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1128", "Certificate Number": "1128", "Vendor Name": "NeoScale Systems, Inc.", "Module Name": "CryptoStor Tape FC702R and FC704R", "Module Type": "Hardware", "Validation Date": "05/12/200901/01/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1128.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1128", "detail_available": true, "module_name": "CryptoStor Tape FC702R and FC704R", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "NeoScale CryptoStor Tape is a family of readily deployable, high-speed tape security appliances that compress, encrypt and digitally sign data as it goes to tape media or virtual tape without disrupting backup processes. It seamlessly integrates with widely used backup applications and incorporates Global Key Management technology for strong key management and data recovery. Used in conjunction with the NeoScale CryptoStor KeyVault key management system, CryptoStor Tape provides an automated, secure and open key sharing capability between locations, businesses or applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1127", "Certificate Number": "1127", "Vendor Name": "NeoScale Systems, Inc.", "Module Name": "CryptoStor Tape SC702R", "Module Type": "Hardware", "Validation Date": "05/12/200901/01/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1127.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1127", "detail_available": true, "module_name": "CryptoStor Tape SC702R", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "NeoScale CryptoStor Tape is a family of readily deployable, high-speed tape security appliances that compress, encrypt and digitally sign data as it goes to tape media or virtual tape without disrupting backup processes. It seamlessly integrates with widely used backup applications and incorporates Global Key Management technology for strong key management and data recovery. Used in conjunction with the NeoScale CryptoStor KeyVault key management system, CryptoStor Tape provides an automated, secure and open key sharing capability between locations, businesses or applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1126", "Certificate Number": "1126", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-5050 Chassis with FortiGate-5001A-DW Blade", "Module Type": "Hardware", "Validation Date": "05/12/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1126.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1126", "detail_available": true, "module_name": "FortiGate-5050 Chassis with FortiGate-5001A-DW Blade", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "FortiGate Multi-Threat Security Solutions are dedicated, hardware-based devices that deliver complete content protection against blended threats at the network perimeter or within the internal network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1125", "Certificate Number": "1125", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "Fortress Secure Bridge", "Module Type": "Hardware", "Validation Date": "05/14/200903/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1125.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1125", "detail_available": true, "module_name": "Fortress Secure Bridge", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Fortress Secure Bridge is an all-in-one network access device housed in a rugged compact chassis, with the most stringent security available today built in. It can serve as a wireless bridge, a WLAN access point, and an eight-port LAN switch, while performing all the functions of a Fortress controller device: encrypting wireless traffic and providing Multi-factor Authentication for devices on the network it protects." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1124", "Certificate Number": "1124", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Endpoint Encryption for Mobile", "Module Type": "Software", "Validation Date": "05/01/200907/24/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1124.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1124", "detail_available": true, "module_name": "McAfee Endpoint Encryption for Mobile", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "McAfee Endpoint Encryption for Mobile is a security system for smart phones and pocket PCs that prevents the data stored on such devices from being read or used by an unauthorized person. In simple terms, McAfee Endpoint Encryption for Mobile takes control of a user's data away from the operating system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1123", "Certificate Number": "1123", "Vendor Name": "Mobile Armor, Inc.", "Module Name": "Mobile Armor Cryptographic Module 3.5", "Module Type": "Software", "Validation Date": "04/24/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1123.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1123", "detail_available": true, "module_name": "Mobile Armor Cryptographic Module 3.5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Mobile Armor Cryptographic Module provides the core cryptographic functionality of Mobile Armor's Enterprise Mobile Data Security products which provide enterprise-level data encryption and device management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1122", "Certificate Number": "1122", "Vendor Name": "Kanguru Solutions", "Module Name": "Kanguru Biolock", "Module Type": "Software", "Validation Date": "04/14/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1122.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1122", "detail_available": true, "module_name": "Kanguru Biolock", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "This module contains the embedded module Crypto++ validated to FIPS 140-2 under Cert. #819 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Kanguru Solutions is the leader in portable secure storage devices. Kanguru Biolock addresses security concerns and information assurance by incorporating 256-bit AES encryption technology to portable storage devices." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1121", "Certificate Number": "1121", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Cygnus X-2 Postal Security Device", "Module Type": "Hardware", "Validation Date": "04/14/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1121.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1121", "detail_available": true, "module_name": "Cygnus X-2 Postal Security Device", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Pitney Bowes Cygnus X-2 Postal Security Device (PSD) has been designed in compliance with FIPS 140-2 and IPMAR security protection profile in order to support the USPS IBIP and international digital indicia standards globally. The PSD employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes Postage Metering products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1120", "Certificate Number": "1120", "Vendor Name": "TecSec, Atmel, CPI Card Group, and Athena Smartcard", "Module Name": "TecSec PIV Eagle Card - Contact", "Module Type": "Hardware", "Validation Date": "04/03/200902/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1120.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1120", "detail_available": true, "module_name": "TecSec PIV Eagle Card - Contact", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The TecSec PIV Eagle Card - Contact cryptographic module provides data security for government and enterprise personnel identification. The primary purpose of this device is to enable the creation of a dual-chip PIV smart card as described in [FIPS201] that is fully compliant with the end-point service specified in SP800-73-1. The CM contains two Java Card applets implementing the PIV functionality (the Software) running on a GlobalPlatform Java Card operating system (the Firmware). The CM is physically connected to a smart card contact plate as defined in [7816-1] and [7816-2]." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1119", "Certificate Number": "1119", "Vendor Name": "LiteScape Technologies, Inc.", "Module Name": "LiteScape SPAR", "Module Type": "Hardware", "Validation Date": "04/03/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1119.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1119", "detail_available": true, "module_name": "LiteScape SPAR", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "SPAR (Secure Personal Authentication Reader) is a multi-factor authentication device that provides RFID, Biometric and Magnetic-card interfaces. Using the SPAR at the edge of VOIP networks when coupled with devices such as IP phone terminals dramatically increases the security, validation and personalization process for business applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1118", "Certificate Number": "1118", "Vendor Name": "TecSec, Atmel, CPI Card Group, and Athena Smartcard", "Module Name": "TecSec PIV Eagle Card - Contactless", "Module Type": "Hardware", "Validation Date": "04/03/200902/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1118.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1118", "detail_available": true, "module_name": "TecSec PIV Eagle Card - Contactless", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "TecSec PIV Eagle Card - Contactless is a cryptographic module that may be configured as a contact or contactless PIV application. With this unique solution, a dual-chip product can be created without changing the user experience that assures the information stored on the contact chip is not compromised through the contactless interface. The CM is based on the Athena OS755 Java Card smart card operating system that is compliant with the latest Java Card 2.2.2 and GlobalPlatform 2.1.1 specifications and FIPS 140-2 Level 2 (Level 4 for physical security)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1117", "Certificate Number": "1117", "Vendor Name": "Chunghwa Telecom Co., Ltd.", "Module Name": "HiKey - Flash and HiKey PKI Token", "Module Type": "Hardware", "Validation Date": "07/07/200911/17/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1117.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1117", "detail_available": true, "module_name": "HiKey - Flash and HiKey PKI Token", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The HiKey Flash and HiKey PKI Token modules are multi-chip standalone implementations of a cryptographic module. The Hikey - Flash and HiKey PKI Token modules are USB tokens that adhere to ISO/IEC specifications for Integrated Circuit Chip (ICC) based identification cards. The HiKey - Flash and HiKey PKI Token cryptographic modules contain an implementation of the Open Platform (OP) Version 2.0.1 specification defining a secure infrastructure for post-issuance programmable smart cards." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1116", "Certificate Number": "1116", "Vendor Name": "Aruba Networks, Inc.", "Module Name": "Aruba AP-65, AP-70 and AP-85 Wireless Access Points", "Module Type": "Hardware", "Validation Date": "04/03/200905/18/200907/24/200912/10/200902/12/201005/05/201010/25/201001/31/201103/14/201107/19/201102/06/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1116.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1116", "detail_available": true, "module_name": "Aruba AP-65, AP-70 and AP-85 Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evidence seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba's single and multi-radio wireless access points serve as secure network on-ramps, aggregating wireless user traffic and forwarding it to Aruba's highly secure Multi-Service Mobility Controllers, where per-user role based access controls are applied. In the FIPS 140-2 mode of operation, Aruba APs in conjunction with the Mobility Controller support the IEEE 802.11i client standard, the xSec client and 256-bit AES encryption. Also, Aruba APs can provide Air Monitoring for intrusion detection and have Wi-Fi Alliance certification for IEEE 802.11a, IEEE 802.11b, IEEE 802.11g, and IEEE 802.11" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1115", "Certificate Number": "1115", "Vendor Name": "Safend Ltd.", "Module Name": "Safend Cryptographic Library", "Module Type": "Software", "Validation Date": "04/03/200905/18/200907/05/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1115.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1115", "detail_available": true, "module_name": "Safend Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Safend Cryptographic Library offers reliable, simple and tamper-proof endpoint monitoring, device identification, and blocking based on administrator-defined policies. Protects all local, physical communications ports including USB, Firewire and PCMCIA, wireless endpoints such as WiFi, Bluetooth and IrDA, and removable and physical storage devices such as CD/DVD-RWs and iPods." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1114", "Certificate Number": "1114", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-310B", "Module Type": "Hardware", "Validation Date": "04/03/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1114.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1114", "detail_available": true, "module_name": "FortiGate-310B", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "FortiGate Multi-Threat Security Solutions are dedicated, hardware-based devices that deliver complete content protection against blended threats at the network perimeter or within the internal network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1113", "Certificate Number": "1113", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-200A/200A-HD; FortiGate-300A/300A-HD; FortiGate-500A/500A-HD; FortiGate-800", "Module Type": "Hardware", "Validation Date": "04/03/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1113.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1113", "detail_available": true, "module_name": "FortiGate-200A/200A-HD; FortiGate-300A/300A-HD; FortiGate-500A/500A-HD; FortiGate-800", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "FortiGate Multi-Threat Security Solutions are dedicated, hardware-based devices that deliver complete content protection against blended threats at the network perimeter or within the internal network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1112", "Certificate Number": "1112", "Vendor Name": "Technical Communications Corporation", "Module Name": "CipherTalk® 8000 Cryptographic Module", "Module Type": "Software", "Validation Date": "04/03/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1112.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1112", "detail_available": true, "module_name": "CipherTalk® 8000 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The CipherTalk® 8000 Cryptographic Module is an Operating System Agnostic cipher engine, encapsulating all the cryptographic functions for TCC's CipherTalk family of wireless products. Its functions include encryption and key exchange algorithms, authentication algorithms, and integrity and verification algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1111", "Certificate Number": "1111", "Vendor Name": "Open Source Software Institute", "Module Name": "OpenSSL FIPS Runtime Module", "Module Type": "Software", "Validation Date": "04/03/200905/28/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1111.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1111", "detail_available": true, "module_name": "OpenSSL FIPS Runtime Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The OpenSSL FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the OpenSSL v0.9.8 product." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1110", "Certificate Number": "1110", "Vendor Name": "Gesellschaft für sichere Mobile Kommunikation mbH", "Module Name": "CryptoPhone Security Kernel", "Module Type": "Software", "Validation Date": "03/26/200907/08/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1110.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1110", "detail_available": true, "module_name": "CryptoPhone Security Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The CryptoPhone Security Kernel is a portable multi-platform cryptographic module that provides strong encryption, authentication, key exchange, message integrity verification, and secure memory abstraction services to GSMK CryptoPhone encryption products. All GSMK products come with full source code for independent review." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1109", "Certificate Number": "1109", "Vendor Name": "Aruba Networks, Inc.", "Module Name": "Aruba AP-120 Series Wireless Access Points", "Module Type": "Hardware", "Validation Date": "03/26/200905/18/200907/24/200912/10/200902/12/201005/05/201010/25/201001/31/1103/14/201107/19/201102/06/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1109.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1109", "detail_available": true, "module_name": "Aruba AP-120 Series Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evidence seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba's single and multi-radio wireless access points serve as secure network on-ramps, aggregating wireless user traffic and forwarding it to Aruba's highly secure Multi-Service Mobility Controllers, where per-user role based access controls are applied. In the FIPS 140-2 mode of operation, Aruba APs in conjunction with the Mobility Controller support the IEEE 802.11i client standard, the xSec client and 256-bit AES encryption. Also, Aruba APs can provide Air Monitoring for intrusion detection and have Wi-Fi Alliance certification for IEEE 802.11a, IEEE 802.11b, IEEE 802.11g, and IEEE 802.11" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1108", "Certificate Number": "1108", "Vendor Name": "Secure Computing Corporation (Wholly owned subsidiary of McAfee, Inc.)", "Module Name": "Secure Firewall (Sidewinder) 1100E", "Module Type": "Hardware", "Validation Date": "04/09/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1108.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1108", "detail_available": true, "module_name": "Secure Firewall (Sidewinder) 1100E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Secure Firewall (Sidewinder) solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. Secure Computing's Secure Firewall (Sidewinder) appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1107", "Certificate Number": "1107", "Vendor Name": "Secure Computing Corporation (Wholly owned subsidiary of McAfee, Inc.)", "Module Name": "Secure Firewall (Sidewinder) 2150E", "Module Type": "Hardware", "Validation Date": "04/09/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1107.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1107", "detail_available": true, "module_name": "Secure Firewall (Sidewinder) 2150E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Secure Firewall (Sidewinder) solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. Secure Computing's Secure Firewall (Sidewinder) appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1106", "Certificate Number": "1106", "Vendor Name": "Secure Computing Corporation (Wholly owned subsidiary of McAfee, Inc.)", "Module Name": "Secure Firewall (Sidewinder) 4150E", "Module Type": "Hardware", "Validation Date": "04/09/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1106.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1106", "detail_available": true, "module_name": "Secure Firewall (Sidewinder) 4150E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Secure Firewall (Sidewinder) solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. Secure Computing's Secure Firewall (Sidewinder) appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1105", "Certificate Number": "1105", "Vendor Name": "AJA Video Systems, Inc.", "Module Name": "JPG2K", "Module Type": "Hardware", "Validation Date": "03/26/200901/06/201010/13/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1105.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1105", "detail_available": true, "module_name": "JPG2K", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The JPG2K is a PCIe card that provides a platform for secure media processing." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1104", "Certificate Number": "1104", "Vendor Name": "NitroSecurity Inc.", "Module Name": "NitroView Receiver Cryptographic Module", "Module Type": "Hardware", "Validation Date": "03/26/200910/23/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1104.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1104", "detail_available": true, "module_name": "NitroView Receiver Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with module OpenSSL FIPS Object Module validated to FIPS 140-2 under Cert. #918 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The NitroView Receiver is a multi-chip standalone cryptographic module consisting of production-grade components contained within an opaque hard production-grade enclosure (the outside case is steel). The removable cover is protected by tamper evident security seals in accordance with FIPS 140-2 Level 2. The cryptographic boundary is the metal enclosure of the device." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1103", "Certificate Number": "1103", "Vendor Name": "NitroSecurity Inc.", "Module Name": "NitroView ESM Cryptographic Module", "Module Type": "Hardware", "Validation Date": "03/26/200910/23/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1103.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1103", "detail_available": true, "module_name": "NitroView ESM Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with module OpenSSL FIPS Object Module validated to FIPS 140-2 under Cert. #918 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The NitroView ESM is a multi-chip standalone cryptographic module consisting of production-grade components contained within an opaque hard production-grade enclosure (the outside case is steel). The removable cover is protected by tamper evident security seals in accordance with FIPS 140-2 Level 2. The cryptographic boundary is the metal enclosure of the device." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1102", "Certificate Number": "1102", "Vendor Name": "Hewlett Packard®, Enterprise", "Module Name": "HP StorageWorks Secure Key Manager", "Module Type": "Hardware", "Validation Date": "04/14/200909/19/201101/25/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1102.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1102", "detail_available": true, "module_name": "HP StorageWorks Secure Key Manager", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The HP Secure Key Manager automates encryption key generation and management based on security policies. It is a hardened security appliance delivering identity-based access, administration and logging. Additionally, the Secure Key Manager provides reliable lifetime key archival with automatic multi-site key replication and failover capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1101", "Certificate Number": "1101", "Vendor Name": "PGP Corporation", "Module Name": "PGP Software Developer's Kit (SDK) Cryptographic Module", "Module Type": "Software", "Validation Date": "03/26/200907/02/201007/30/201001/13/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1101.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1101", "detail_available": true, "module_name": "PGP Software Developer's Kit (SDK) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The PGP SDK Cryptographic Module is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for PGP products including: PGP Whole Disk Encryption, PGP NetShare, PGP Command Line, PGP Universal, and PGP Desktop. It includes a wide range of field-tested and standards-based encryption, digital signature, and encoding algorithms as well as a variety of secure network protocol implementations. The PGP SDK offers developers this same cryptographic library that is at the heart of PGP products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1100", "Certificate Number": "1100", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "Check Point Crypto Core", "Module Type": "Software", "Validation Date": "03/26/200905/28/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1100.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1100", "detail_available": true, "module_name": "Check Point Crypto Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Check Point Crypto Core is a 140-2 Level 1 cryptographic module for Windows Mobile 6. The module provides cryptographic services accessible user mode on the respective platforms through implementation of platform specific binaries." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1099", "Certificate Number": "1099", "Vendor Name": "Gemalto", "Module Name": "Gemalto .NET Smart Card", "Module Type": "Hardware", "Validation Date": "03/10/200903/19/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1099.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1099", "detail_available": true, "module_name": "Gemalto .NET Smart Card", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The Gemalto .NET v2.2 Smart Card Platform implements a subset of the .NET Framework with high end cryptographic capabilities, including Random Number Generation, on Board Key Generation, and encryption and hashing algorithms such as 3DES, AES, SHA, and 2048 bit RSA. The combination of advanced programmability provided by the .NET Framework and the high end security features make .NET v2.2 a perfect support for Enterprise and Government security solutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1098", "Certificate Number": "1098", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-3016B, FortiGate-3600A and FortiGate-3810A-E4", "Module Type": "Hardware", "Validation Date": "03/10/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1098.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1098", "detail_available": true, "module_name": "FortiGate-3016B, FortiGate-3600A and FortiGate-3810A-E4", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "FortiGate Multi-Threat Security Solutions are dedicated, hardware-based devices that deliver complete content protection against blended threats at the network perimeter or within the internal network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1097", "Certificate Number": "1097", "Vendor Name": "NitroSecurity Inc.", "Module Name": "NitroGuard IPS cryptographic module", "Module Type": "Hardware", "Validation Date": "03/03/200910/23/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1097.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1097", "detail_available": true, "module_name": "NitroGuard IPS cryptographic module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with module OpenSSL FIPS Object Module validated to FIPS 140-2 under Cert. #918 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The NitroGuard IPS is a multi-chip standalone cryptographic module consisting of production-grade components contained within an opaque hard production-grade enclosure (the outside case is steel). The removable cover is protected by tamper evident security seals in accordance with FIPS 140-2 Level 2. The cryptographic boundary is the metal enclosure of the device. The network interface cards do not contain any security-relevant functionality. They are within the cryptographic boundary but are excluded from the evaluation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1096", "Certificate Number": "1096", "Vendor Name": "", "Module Name": "", "Module Type": "Firmware", "Validation Date": "02/24/200904/03/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1096.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1096", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "module_type": "Firmware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1095", "Certificate Number": "1095", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiWiFi-50B", "Module Type": "Hardware", "Validation Date": "03/03/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1095.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1095", "detail_available": true, "module_name": "FortiWiFi-50B", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "FortiGate Multi-Threat Security Solutions are dedicated, hardware-based devices that deliver complete content protection against blended threats at the network perimeter or within the internal network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1094", "Certificate Number": "1094", "Vendor Name": "ERUCES, Inc.", "Module Name": "Tricryption Cryptographic Module", "Module Type": "Software", "Validation Date": "03/03/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1094.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1094", "detail_available": true, "module_name": "Tricryption Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Tricryption Cryptographic Module is a software library providing cryptographic services for ERUCES' Tricryption family of high volume encryption & key management products including key servers, file, database, executables encryption, and special services (anonymization, de-identification, & privacy protection)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1093", "Certificate Number": "1093", "Vendor Name": "Vertex Standard LMR, Inc.", "Module Name": "Vertex Standard Cryptographic Module 001", "Module Type": "Hardware", "Validation Date": "03/03/200906/05/201407/31/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1093.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1093", "detail_available": true, "module_name": "Vertex Standard Cryptographic Module 001", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Vertex Standard Cryptographic Module 001 (VSCM) is a cryptographic module (also processes digital data) that is to be incorporated into two-way digital radio products. These digital radios are for use in communication with other APCO Project 25 compatible devices." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1092", "Certificate Number": "1092", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-C Micro Edition", "Module Type": "Software", "Validation Date": "02/24/200903/06/200909/07/201003/28/201110/04/201104/02/201212/12/201201/24/201304/03/201406/27/201412/31/201402/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1092.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1092", "detail_available": true, "module_name": "RSA BSAFE® Crypto-C Micro Edition", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Crypto-C Micro Edition (ME) Module is RSA Security, Inc.'s cryptographic library designed for securing mobile devices like wireless phones and personal digital assistants. It contains assembly-level optimizations on key wireless processors. Its functionality includes a wide range of data encryption and signing algorithms, including Triple-DES, the Advanced Encryption Standard (AES) algorithm, the RSA Public Key Cryptosystem, the DSA government signature algorithm, MD5 and SHA1 message digest routines, and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1091", "Certificate Number": "1091", "Vendor Name": "Kanguru Solutions", "Module Name": "KanguruLock", "Module Type": "Software", "Validation Date": "02/24/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1091.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1091", "detail_available": true, "module_name": "KanguruLock", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Kanguru Solutions is the leader in portable secure storage devices. KanguruLockaddresses security concerns and information assurance by incorporating 256-bit AES encryption technology to portable storage devices." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1090", "Certificate Number": "1090", "Vendor Name": "Proxim Wireless Corporation", "Module Name": "Tsunami MP.11 HS 245054_R, Tsunami MP.11 HS 245054_RC and Tsunami MP.11 HS 245054_S", "Module Type": "Hardware", "Validation Date": "02/24/200909/18/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1090.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1090", "detail_available": true, "module_name": "Tsunami MP.11 HS 245054_R, Tsunami MP.11 HS 245054_RC and Tsunami MP.11 HS 245054_S", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Proxim Tsunami MP.11 HS 245054_R, 245054_RC, and 245054_S wireless products offer fixed and mobile WiMAX capabilities to distribute wireless broadband access supporting video, voice, and data applications. In FIPS mode, the modules support proprietary WORP protocol for wireless transmission and serial, TLS, SSH, and SNMP for management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1089", "Certificate Number": "1089", "Vendor Name": "Motorola, Inc.", "Module Name": "RFS7000 RF Switch", "Module Type": "Hardware", "Validation Date": "02/09/200906/01/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1089.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1089", "detail_available": true, "module_name": "RFS7000 RF Switch", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Designed for large scale, high bandwidth deployments, the RFS7000 Wireless Switch from Motorola provides robust, highly scalable support for seamless enterprise mobility. Motorola's Wi-NG architecture, optimized for enterprise mobility and multimedia applications, simplifies network deployment and management, provides superior performance, security and scalability, and supports emerging RF technologies. Built on this platform, the RFS7000 enables campus wide roaming across subnets, and offers powerful failover capabilities, exceptional quality of service (QoS) and increased voice capacity." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1088", "Certificate Number": "1088", "Vendor Name": "Motorola, Inc.", "Module Name": "WS5100 Wireless Switch", "Module Type": "Hardware", "Validation Date": "02/09/200906/01/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1088.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1088", "detail_available": true, "module_name": "WS5100 Wireless Switch", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The WS5100 Wireless Switch from Motorola provides enhanced support for enterprise mobility and multimedia applications, as well as security and manageability. Based on Motorola's Wi-NG (Wireless Next Generation) architecture, the WS5100 enables seamless campus-wide roaming, more robust failover capabilities, enhanced security, improved mobile client battery life, and increased voice capacity. Robust security features includes an IPSec VPN gateway, and secure guest access provisioning. The WS5100 supports 48 802.11 a/b/g Access Ports/Points for L2/L3 adoption and mobility." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1087", "Certificate Number": "1087", "Vendor Name": "UTC Fire & Security Americas Corporation, Inc.", "Module Name": "Lenel OnGuard FIPS Key Generator", "Module Type": "Software", "Validation Date": "02/09/200903/14/201208/14/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1087.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1087", "detail_available": true, "module_name": "Lenel OnGuard FIPS Key Generator", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with [(Windows 7 Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #1330 operating in FIPS mode), (Windows Server 2008 R2 Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #1337 operating in FIPS mode) or (Windows Server 2003 Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #382 operating in FIPS mode)]", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Lenel OnGuard FIPS Key Generator module's primary purpose is to provide a cryptographically secure means for generating 128-bit AES keys to be used as Master Keys within Lenel's Communication Server module. The FIPS Key Generator module is part of the Lenel advanced access control and alarm monitoring system which is built on an open architecture platform, offers unlimited scalability, database segmentation, fault tolerance, biometrics and smart card support, is fully customizable, and can be seamlessly integrated into the OnGuard total security solution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1086", "Certificate Number": "1086", "Vendor Name": "UTC Fire & Security Americas Corporation, Inc.", "Module Name": "Lenel OnGuard Communication Server", "Module Type": "Software", "Validation Date": "02/09/200908/14/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1086.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1086", "detail_available": true, "module_name": "Lenel OnGuard Communication Server", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Windows Server 2003 Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #382 operating in FIPS mode and FIPS Key Generator validated to FIPS 140-2 under Cert. #1087", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Lenel OnGuard Communication Server module's primary purpose is to provide secure communications with external access control devices. The module is part of the Lenel advanced access control and alarm monitoring system. The Lenel advanced access control and alarm monitoring system is built on an open architecture platform, offers unlimited scalability, database segmentation, fault tolerance, and biometrics and smart card support. The Lenel advanced access control and alarm monitoring system is fully customizable, and can be seamlessly integrated into the OnGuard total security solution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1085", "Certificate Number": "1085", "Vendor Name": "Gemalto and ActivIdentity Inc.", "Module Name": "SafesITe TOP DL GX4 - FIPS with ActivIdentity Digital Identity Applet Suite V2 for Extended PIV", "Module Type": "Hardware", "Validation Date": "02/03/200902/23/200902/24/201102/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1085.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1085", "detail_available": true, "module_name": "SafesITe TOP DL GX4 - FIPS with ActivIdentity Digital Identity Applet Suite V2 for Extended PIV", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This module is based on a Gemalto Dual Interface (Contact ISO7816 and Contactless ISO14443) Open OS Smart Card with a large (128K EEPROM) memory, with a cryptographic applet suite V 2.6.2b developed by ActivIdentity. The SmartCard platform has on board Triple DES and RSA up to 2048 algorithms and provides X9.31 on board key generation. The Applet Suite supports management of 3DES keys and PINs, and provides services for authentication, access control, generic container, PKI, One Time password and Secure Messaging (SMA). The module conforms to Java Card 2.2.1, Global Platform 2.1.1 and GSC/IS 2" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1084", "Certificate Number": "1084", "Vendor Name": "NetLib®", "Module Name": "NetLib® Encryptionizer® for SQL Server", "Module Type": "Software", "Validation Date": "02/03/200906/04/200904/12/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1084.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1084", "detail_available": true, "module_name": "NetLib® Encryptionizer® for SQL Server", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The NetLib® Encryptionizer® for SQL Server 8.601.1 provides encryption of data stored in MS SQL Server databases and backups. It can be deployed without programming and without adding any administrative overhead. The purpose of whole database encryption is to make a database unusable if it is stolen, copied, downloaded, lost, or otherwise improperly accessed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1083", "Certificate Number": "1083", "Vendor Name": "Research In Motion Ltd.", "Module Name": "BlackBerry Cryptographic Kernel", "Module Type": "Firmware", "Validation Date": "01/22/200901/30/200902/24/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1083.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1083", "detail_available": true, "module_name": "BlackBerry Cryptographic Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-to-end solution. The BlackBerry Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1082", "Certificate Number": "1082", "Vendor Name": "Teletec Corporation", "Module Name": "\"Guardian\" Subscriber Encryption Module", "Module Type": "Hardware", "Validation Date": "01/22/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1082.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1082", "detail_available": true, "module_name": "\"Guardian\" Subscriber Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "\"Guardian\" Subscriber Encryption Module (SEM) is a multi-chip embedded cryptographic module intended to be installed in conventional FM radio equipment to provide digital level of encryption with 256-bit AES cipher. Key and configuration are loaded using programming cable and specific software executed on a generic Windows personal computer. Module supports secure update of internal firmware, providing a mean for future enhancements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1081", "Certificate Number": "1081", "Vendor Name": "IBM® Corporation", "Module Name": "IBM Java JCE FIPS 140-2 Cryptographic Module", "Module Type": "Software", "Validation Date": "01/22/200903/13/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1081.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1081", "detail_available": true, "module_name": "IBM Java JCE FIPS 140-2 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for Multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework that is part of all JVM's at the 1.6 level and higher." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1080", "Certificate Number": "1080", "Vendor Name": "BigFix, Inc.", "Module Name": "BigFix Cryptographic Module", "Module Type": "Software", "Validation Date": "01/07/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1080.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1080", "detail_available": true, "module_name": "BigFix Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The BigFix Cryptographic Module 1.0 is a software library that runs on a wide variety of computing platforms and performs encryption, hashing, and random number generation functions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1079", "Certificate Number": "1079", "Vendor Name": "Secuware", "Module Name": "Secuware Security Framework - Crypt4000 Module", "Module Type": "Software", "Validation Date": "12/24/200801/26/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1079.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1079", "detail_available": true, "module_name": "Secuware Security Framework - Crypt4000 Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When obtained, built, installed, protected and initialized as assumed by the Crypto Officer role and specified in Section 8.2 of the provided Security Policy. Section 8.2 of the provided Security Policy specifies the complete set of source files of this module. There shall be no additions, deletions or alterations of this set as used during module build. All source files shall be obtained via secure FTP. Any deviation from the specified verification, protection, installation and initialization procedures will result in a FIPS 140-2 non-compliant module.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The SCM is a function library implementing crypto services which is delivered to the final user as a SW cryptographic object module, running on Windows operating system in a General Purpose Computer. The logical cryptographic boundary for the SCM is the discrete block of object code containing the machine instructions and data generated from the SCM FIPS source, which will be allocated continuously in a main memory address space, as used by the calling application.", "algorithms": [ "AES", "HMAC", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1078", "Certificate Number": "1078", "Vendor Name": "MRV Communications", "Module Name": "LX-4000T Series Console Servers", "Module Type": "Hardware", "Validation Date": "12/24/200812/11/20095/16/201305/31/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1078.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1078", "detail_available": true, "module_name": "LX-4000T Series Console Servers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The LX-4000T Series Console Servers are a key component of MRV's Out-of-Band Network solution. Out-of-Band Networks provide secure remote service port access and remote power control to devices in an organization's networks and infrastructures. This nearly eliminates the need for physical presence at a device to correct problems or manage its everyday operation. MRV's Out-of-Band Network solution includes console servers, terminal servers, device servers, remote power control and management system, making the LX Series an ideal choice for secure remote access." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1077", "Certificate Number": "1077", "Vendor Name": "Aruba Networks, Inc.", "Module Name": "Aruba 200, 800, and 6000/SCII Mobility Controllers with ArubaOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "12/24/200803/30/200907/29/200910/23/200910/25/201001/07/201103/14/201107/19/201102/06/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1077.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1077", "detail_available": true, "module_name": "Aruba 200, 800, and 6000/SCII Mobility Controllers with ArubaOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba Networks' Mobility Controller system with an integrated ICSA-certified stateful firewall and hardware-based encryption, is the industry's highest performing and most scalable enterprise mobility platform on the market today. Aruba offers the industry's only modular and stackable mobility controllers from every enterprise environment. Now, administrators are freed from the costly and time-consuming process of managing individual APs. And as security standards change and new mobile services emerge, they are easily implemented at the controller and propagated throughout the enterprise." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1076", "Certificate Number": "1076", "Vendor Name": "JVC KENWOOD Corporation", "Module Name": "Secure Cryptographic Module (SCM)", "Module Type": "Hardware", "Validation Date": "12/24/200801/26/200902/19/201012/07/201101/31/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1076.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1076", "detail_available": true, "module_name": "Secure Cryptographic Module (SCM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Secure Cryptographic Module (SCM) meets overall FIPS 140-2 Level 1 requirements providing KENWOOD radios secure and encrypted digital communication. The SCM supports 256 bit key AES encryption as well as DES encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1075", "Certificate Number": "1075", "Vendor Name": "Aruba Networks, Inc.", "Module Name": "Aruba 3000 and 6000/M3 Mobility Controllers with ArubaOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "12/24/200803/30/200907/29/200910/23/200910/25/201001/07/201103/14/201107/19/201102/06/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1075.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1075", "detail_available": true, "module_name": "Aruba 3000 and 6000/M3 Mobility Controllers with ArubaOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba Networks' Mobility Controller system completely changes how 802.11 networks are deployed, secured, and managed. The only mobile security system with an integrated ICSA-certified stateful firewall and hardware-based encryption, the Aruba mobility controller is the industry's highest performing and most scalable enterprise mobility platform on the market today. Aruba offers the industry's only modular and stackable mobility controllers from every enterprise environment. Now, administrators are freed from the costly and time-consuming process of managing individual APs. And as security stan" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1074", "Certificate Number": "1074", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "Nokia VPN Appliance", "Module Type": "Hardware", "Validation Date": "12/24/200805/28/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1074.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1074", "detail_available": true, "module_name": "Nokia VPN Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Nokia VPN Applicances are full-featured enterprise systems designed for small to medium enterprises, with Service Provider flexibility and rapid serviceability option in a single rack space. When combined with Check Point VPN-1 these platforms provide reliable, easy to manage distributed security and access." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1073", "Certificate Number": "1073", "Vendor Name": "Nortel Networks", "Module Name": "VPN Router 1750, 2700, 2750 and 5000 with VPN Router Security Accelerator", "Module Type": "Hardware", "Validation Date": "12/24/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1073.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1073", "detail_available": true, "module_name": "VPN Router 1750, 2700, 2750 and 5000 with VPN Router Security Accelerator", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FIPS 140-2 Level 2 compliant VPN Routers are the ideal solution for enterprises requiring secure, low-cost connectivity across the Internet or managed IP networks. The VPN Routers provide, IP routing, Virtual Private Networking (VPN), stateful firewall, encryption, authentication, directory and policy services, Quality of Service (QoS), and bandwidth management services in a single integrated platform. These devices provide a solution for small, medium, and large sites requiring Internet connectivity for both secure VPN communications and for basic IP/Internet access" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1072", "Certificate Number": "1072", "Vendor Name": "RELM Wireless Corporation", "Module Name": "FIPSCOM Cryptographic Module", "Module Type": "Hardware", "Validation Date": "12/24/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1072.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1072", "detail_available": true, "module_name": "FIPSCOM Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The FIPSCOM is an embedded cryptographic module that provides encryption functions for secure digital communications products. The FIPSCOM can be incorporated into any BK Radio brand subscriber equipment requiring FIPS 140-2, Level 1 security." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1071", "Certificate Number": "1071", "Vendor Name": "CipherMax, Inc.", "Module Name": "CM140T", "Module Type": "Hardware", "Validation Date": "12/24/200802/23/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1071.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1071", "detail_available": true, "module_name": "CM140T", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "CM140T provides a scalable, easy-to-manage storage security solution for tape backup in a compact 1U chassis. With support for 16 FC-port, any-to-any connectivity, storage access control, line-speed data compression, data integrity authentication, and automated key management, the CM140T delivers a complete solution for all tape-based applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1070", "Certificate Number": "1070", "Vendor Name": "CipherMax, Inc.", "Module Name": "CM180D", "Module Type": "Hardware", "Validation Date": "12/24/200802/23/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1070.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1070", "detail_available": true, "module_name": "CM180D", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "CM180D delivers a complete solution for all primary and secondary disk-based storage application, with in-line encryption processing, discrete security administration controls, and a comprehensive, automated key management system. The integration of powerful encryption processing and high port count, any-to-any connectivity allows for CM180D to deliver an enormous amount of functionality with far less consumption space, power, and cooling than first generation in-line encryption appliances." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1069", "Certificate Number": "1069", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "12/09/200812/11/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1069.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1069", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1068", "Certificate Number": "1068", "Vendor Name": "Nortel Networks", "Module Name": "VPN Router 1750, 2700, 2750 and 5000 with Hardware Accelerator", "Module Type": "Hardware", "Validation Date": "12/15/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1068.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1068", "detail_available": true, "module_name": "VPN Router 1750, 2700, 2750 and 5000 with Hardware Accelerator", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FIPS 140-2 Level 2 compliant VPN Routers are the ideal solution for enterprises requiring secure, low-cost connectivity across the Internet or managed IP networks. The VPN Routers provide, IP routing, Virtual Private Networking (VPN), stateful firewall, encryption, authentication, directory and policy services, Quality of Service (QoS), and bandwidth management services in a single integrated platform. These devices provide a solution for small, medium, and large sites requiring Internet connectivity for both secure VPN communications and for basic IP/Internet access" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1067", "Certificate Number": "1067", "Vendor Name": "Nortel Networks", "Module Name": "Nortel VPN Router 1010, 1050 and 1100", "Module Type": "Hardware", "Validation Date": "12/15/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1067.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1067", "detail_available": true, "module_name": "Nortel VPN Router 1010, 1050 and 1100", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FIPS 140-2 Level 1 compliant VPN Routers are the ideal solution for enterprises requiring secure, low-cost connectivity across the Internet or managed IP networks. The VPN Routers provide IP routing, Virtual Private Networking (VPN), stateful firewall, encryption, authentication, directory and policy services, Quality of Service (QoS), and bandwidth management services in a single integrated platform. These devices provide a solution for small, medium, and large sites requiring Internet connectivity for both secure VPN communications and for basic IP/Internet access." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1066", "Certificate Number": "1066", "Vendor Name": "Nortel Networks", "Module Name": "Nortel VPN Router 600, 1750, 2700, 2750 and 5000", "Module Type": "Hardware", "Validation Date": "12/15/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1066.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1066", "detail_available": true, "module_name": "Nortel VPN Router 600, 1750, 2700, 2750 and 5000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FIPS 140-2 Level 2 compliant VPN Routers are the ideal solution for enterprises requiring secure, low-cost connectivity across the Internet or managed IP networks. The VPN Routers provide, IP routing, Virtual Private Networking (VPN), stateful firewall, encryption, authentication, directory and policy services, Quality of Service (QoS), and bandwidth management services in a single integrated platform. These devices provide a solution for small, medium, and large sites requiring Internet connectivity for both secure VPN communications and for basic IP/Internet access." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1065", "Certificate Number": "1065", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F2 6000e, nShield F2 1500e, nShield F2 500e and nShield F2 10e", "Module Type": "Hardware", "Validation Date": "12/15/200808/28/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1065.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1065", "detail_available": true, "module_name": "nShield F2 6000e, nShield F2 1500e, nShield F2 500e and nShield F2 10e", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher modules: nShield F2 6000e, Shield F2 1500e, nShield F2 500e, and nShield 10e family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1064", "Certificate Number": "1064", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F3 6000e [1], nShield F3 1500e [2], nShield F3 500e [3], nShield F3 10e [4], nShield F3 6000e for\nnShield Connect [5], nShield F3 1500e for nShield\nConnect [6] and nShield F3 500e for nShield Connect [7]", "Module Type": "Hardware", "Validation Date": "12/15/200808/28/200901/28/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1064.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1064", "detail_available": true, "module_name": "nShield F3 6000e [1], nShield F3 1500e [2], nShield F3 500e [3], nShield F3 10e [4], nShield F3 6000e for nShield Connect [5], nShield F3 1500e for nShield Connect [6] and nShield F3 500e for nShield Connect [7]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher modules: nShield F3 6000e, Shield F3 1500e, nShield F3 500e, and nShield 10e family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1063", "Certificate Number": "1063", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F3 6000e [1], nShield F3 1500e [2], nShield F3 500e [3], nShield F3 10e [4], nShield F3 6000e for\nnShield Connect [5], nShield F3 1500e for nShield\nConnect [6] and nShield F3 500e for nShield Connect [7]", "Module Type": "Hardware", "Validation Date": "12/15/200808/28/200901/28/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1063.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1063", "detail_available": true, "module_name": "nShield F3 6000e [1], nShield F3 1500e [2], nShield F3 500e [3], nShield F3 10e [4], nShield F3 6000e for nShield Connect [5], nShield F3 1500e for nShield Connect [6] and nShield F3 500e for nShield Connect [7]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher modules: nShield F3 6000e, Shield F3 1500e, nShield F3 500e, and nShield 10e family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1062", "Certificate Number": "1062", "Vendor Name": "BeCrypt Limited", "Module Name": "BeCrypt DISK Protect", "Module Type": "Software", "Validation Date": "12/15/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1062.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1062", "detail_available": true, "module_name": "BeCrypt DISK Protect", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "BeCrypt DISK Protect is a full-disk encryption product that provides up to three layers of security: full disk encryption, strong pre-boot authentication, and optional removable media encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1061", "Certificate Number": "1061", "Vendor Name": "Sybase iAnywhere, A subsidiary of Sybase", "Module Name": "DISK Protect for Afaria Security Manager", "Module Type": "Software", "Validation Date": "12/15/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1061.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1061", "detail_available": true, "module_name": "DISK Protect for Afaria Security Manager", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "DISK Protect for Afaria Security Manager is a full-disk encryption product that provides up to three layers of security: full disk encryption, strong pre-boot authentication, and optional removable media encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1060", "Certificate Number": "1060", "Vendor Name": "Secured User Inc.", "Module Name": "SUSK Security Module", "Module Type": "Software", "Validation Date": "12/01/200812/15/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1060.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1060", "detail_available": true, "module_name": "SUSK Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The SUSK Security Module is a software-based cryptographic module. Secured UserÆs product performs all of its work by transparently intercepting and transforming the data stream between entities. All of the cryptographic functionalities of the Secured User product are provided by the central shared library, SUSK Security Module. The cryptographic module offers Transport Layer Security (TLS) services along with bulk encryption and hashing services exclusively to Secured User application. This application is considered as host application to the module." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1059", "Certificate Number": "1059", "Vendor Name": "ViaSat UK Ltd.", "Module Name": "PICOfreedom", "Module Type": "Hardware", "Validation Date": "12/01/200807/27/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1059.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1059", "detail_available": true, "module_name": "PICOfreedom", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The PICOfreedom provides FIPS 140-2 Approved security functionality to DiskOnKey USB flash drives. The PICOfreedom employs Federal Information Processing Standard (FIPS 140-2) encryption and key management functionality to ensure the protection of data stored on FLASH memory. The module is a multi-chip standalone cryptographic module, as defined by FIPS 140-2, and consists of the S2 controller and an EEPROM. Both components are encased in a hard, opaque, production grade integrated circuit packaging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1058", "Certificate Number": "1058", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-C Micro Edition", "Module Type": "Software", "Validation Date": "12/01/200809/07/201003/28/201101/24/201302/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1058.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1058", "detail_available": true, "module_name": "RSA BSAFE® Crypto-C Micro Edition", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Crypto-C Micro Edition (ME) Module is RSA Security Inc.'s cryptographic library designed for securing mobile devices like wireless phones and personal digital assistants. It contains assembly-level optimizations on key wireless processors. Its functionality includes a wide range of data encryption and signing algorithms, including Triple-DES, the Advanced Encryption Standard (AES) algorithm, the RSA Public Key Cryptosystem, the DSA government signature algorithm, MD5 and SHA1 message digest routines, and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1057", "Certificate Number": "1057", "Vendor Name": "Vormetric, Inc.", "Module Name": "NetBackup Media Server Encryption Option (MSEO) Driver", "Module Type": "Software", "Validation Date": "11/25/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1057.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1057", "detail_available": true, "module_name": "NetBackup Media Server Encryption Option (MSEO) Driver", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The \"Powered by Vormetric\", NetBackup Media Server Encryption Option (MSEO) product from Symantec, provides a cost-effective, easy to manage data encryption solution for securing enterprise backup tapes. It is based on robust encryption methods and provides a centralized approach for the encryption process and key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1056", "Certificate Number": "1056", "Vendor Name": "Certicom Corp.", "Module Name": "Security Builder FIPS Java Module", "Module Type": "Software", "Validation Date": "11/25/200803/06/200910/02/200912/08/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1056.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1056", "detail_available": true, "module_name": "Security Builder FIPS Java Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Security Builder FIPS Java Module is a standards-based cryptographic toolkit written in Java. It supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into Java-based applications. The Security Builder FIPS Java Module is intended for use by developers who want government level security and can also be used in conjunction with other Certicom developer toolkits including Security Builder PKI and Security Builder SSL." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1055", "Certificate Number": "1055", "Vendor Name": "Keycorp Limited", "Module Name": "Keycorp MULTOS I4F 80K with MULTOS PIV Card Application", "Module Type": "Hardware", "Validation Date": "11/25/200805/28/201002/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1055.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1055", "detail_available": true, "module_name": "Keycorp MULTOS I4F 80K with MULTOS PIV Card Application", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Keycorp MULTOS I4F 80K Smart Card with MULTOS PIV Card Application can be employed in a wide range of solutions. The smart card provides a highly portable, secure token for enhancing the security of network access and ensuring secure electronic communications. Combined with the PIV Card Application it provides enhanced I&A functionality." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1054", "Certificate Number": "1054", "Vendor Name": "Microsoft Corporation", "Module Name": "BitLocker™ Drive Encryption", "Module Type": "Software", "Validation Date": "11/25/200807/29/200901/20/201110/04/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1054.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1054", "detail_available": true, "module_name": "BitLocker™ Drive Encryption", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Microsoft Kernel Mode Security Support Provider Interface and Microsoft Windows Cryptographic Primitives Library (Bcrypt.dll) validated to FIPS 140-2 under Cert. #1007 and Cert. #1008 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Windows BitLocker Drive Encryption is a data protection feature available in Windows Vista Enterprise and Windows Vista Ultimate for client computers. BitLocker provides enhanced protection against data theft or exposure on computers that are lost or stolen, and more secure data deletion when BitLocker-protected computers are decommissioned." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1053", "Certificate Number": "1053", "Vendor Name": "Microsoft Corporation", "Module Name": "BitLocker™ Drive Encryption", "Module Type": "Software", "Validation Date": "11/25/200807/29/200905/28/201010/04/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1053.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1053", "detail_available": true, "module_name": "BitLocker™ Drive Encryption", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Microsoft Kernel Mode Security Support Provider Interface and Microsoft Windows Cryptographic Primitives Library (Bcrypt.dll) validated to FIPS 140-2 under Cert. #1000 and Cert. #1001 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Windows BitLocker Drive Encryption is a data protection feature available in Windows Vista Enterprise and Windows Vista Ultimate for client computers. BitLocker provides enhanced protection against data theft or exposure on computers that are lost or stolen, and more secure data deletion when BitLocker-protected computers are decommissioned." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1052", "Certificate Number": "1052", "Vendor Name": "Gemalto", "Module Name": "TOP IM CY2 with ACS PKI applet (formerly Cyberflex Access 64K V2 with PKI applets)", "Module Type": "Hardware", "Validation Date": "11/17/200811/21/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1052.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1052", "detail_available": true, "module_name": "TOP IM CY2 with ACS PKI applet (formerly Cyberflex Access 64K V2 with PKI applets)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The Cyberflex Access 64K V2 with PKI applets provides secure PKI (public key infrastructure) and digital signature technology. Cyberflex Access 64K V2 serves as a highly portable, secure device for enhancing the security of network access and ensuring secure electronic communications. Cyberflex Access 64K V2 supports on-card Triple-DES, AES and 2048-bit RSA algorithms with on-card key generation. It is compliant to Java Card v2.1.1 and Open Platform v2.0.1. The Cyberflex Access 64K V2 smart card fits well into physical and logical access, e-transactions and other applications.", "algorithms": [ "AES", "DES", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1051", "Certificate Number": "1051", "Vendor Name": "Open Source Software Institute", "Module Name": "OpenSSL FIPS Object Module", "Module Type": "Software", "Validation Date": "11/17/200811/20/200912/08/201005/12/201103/07/201203/14/201205/29/201206/21/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1051.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1051", "detail_available": true, "module_name": "OpenSSL FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix B of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file, shall be verified as specified in Appendix B of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 2.3 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a FIPS 140-2 non-compliant module.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The OpenSSL FIPS Object Module is a cryptographic library that can be downloaded from www.openssl.org/source/" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1050", "Certificate Number": "1050", "Vendor Name": "Sun Microsystems, Inc.", "Module Name": "Sun Crypto Accelerator 6000", "Module Type": "Hardware", "Validation Date": "11/04/200812/17/200805/18/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1050.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1050", "detail_available": true, "module_name": "Sun Crypto Accelerator 6000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The SCA-6000 is a high performance hardware security module for Sun SPARC, x86, x64 platforms in a lowprofile, short PCI-E (X8) card. Supported on Linux and Solaris-10, it provides on-board cryptographic acceleration hardware and key store. It supports remote management with serial and USB ports for local administration. It enhances performance by off-loading compute intensive cryptographic calculations, accelerating IPsec and SSL processing and performs many financial service functions. The SCA6000 performs primary cryptographic functions for the Sun KMS 2.X Key Management System." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1049", "Certificate Number": "1049", "Vendor Name": "PGP Corporation", "Module Name": "PGP Software Developer's Kit (SDK) Cryptographic Module", "Module Type": "Software", "Validation Date": "10/27/200812/03/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1049.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1049", "detail_available": true, "module_name": "PGP Software Developer's Kit (SDK) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The PGP SDK Cryptographic Module is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for PGP products including: PGP Whole Disk Encryption, PGP NetShare, PGP Command Line, PGP Universal, and PGP Desktop. It includes a wide range of field-tested and standards-based encryption, digital signature, and encoding algorithms as well as a variety of secure network protocol implementations. The PGP SDK offers developers this same cryptographic library that is at the heart of PGP products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1048", "Certificate Number": "1048", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-J JCE Provider Module", "Module Type": "Software", "Validation Date": "10/27/200801/26/200909/07/201003/28/201101/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1048.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1048", "detail_available": true, "module_name": "RSA BSAFE® Crypto-J JCE Provider Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. RSA BSAFE Crypto-J supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1047", "Certificate Number": "1047", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-J Software Module", "Module Type": "Software", "Validation Date": "10/27/200801/26/200909/07/201003/28/201101/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1047.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1047", "detail_available": true, "module_name": "RSA BSAFE® Crypto-J Software Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. RSA BSAFE Crypto-J supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1046", "Certificate Number": "1046", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "Fortress Secure Wireless Access Bridge (SWAB) ES520", "Module Type": "Hardware", "Validation Date": "12/08/200807/09/200907/28/200903/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1046.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1046", "detail_available": true, "module_name": "Fortress Secure Wireless Access Bridge (SWAB) ES520", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Fortress Secure Wireless Access Bridge is an all-in-one network access device housed in a rugged compact chassis, with the most stringent security available today built in. It can serve as a wireless bridge, a WLAN access point, and an eight-port LAN switch, while performing all the functions of a Fortress controller device: encrypting wireless traffic and providing Multi-factor Authentication for devices on the network it protects." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1045", "Certificate Number": "1045", "Vendor Name": "Chunghwa Telecom Co., Ltd.", "Module Name": "HiPKI SafGuard 1000 HSM", "Module Type": "Hardware", "Validation Date": "10/16/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1045.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1045", "detail_available": true, "module_name": "HiPKI SafGuard 1000 HSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Hi PKI SafGuard 1000 HSM is a multi-chip standalone cryptographic module that is used to provide highly-secure cryptographic services and key storage for PKI applications. (e.g., secure private key storage, high-speed math accelerator for 1024-2048 bit public key signatures, and hashing). The HiPKI SafGuard 1000 HSM provides secure identity-based challenge-response authentication using smart cards and data encryption using FIPS approved Triple-DES and AES encryption.", "algorithms": [ "AES", "DES", "RSA", "SHA", "SHS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1044", "Certificate Number": "1044", "Vendor Name": "Gemalto", "Module Name": "Protiva PIV Applet v1.55 on Protiva TOP DL Card", "Module Type": "Hardware", "Validation Date": "10/15/200802/23/200906/09/201102/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1044.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1044", "detail_available": true, "module_name": "Protiva PIV Applet v1.55 on Protiva TOP DL Card", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This module is based on a Java platform (GemCombiXpresso R4) with 144K EEPROM memory and on the SafesITe FIPS201 applet loaded on the Java Card platform. The Cryptographic Module provides dual interfaces (i.e. contact and contact-less) where the same security level is achieved. Module Ref# A1005963 - Card Ref# M1002255." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1043", "Certificate Number": "1043", "Vendor Name": "Entrust, Inc.", "Module Name": "Entrust Entelligence™ Kernel-Mode Cryptomodule", "Module Type": "Software", "Validation Date": "10/15/200805/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1043.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1043", "detail_available": true, "module_name": "Entrust Entelligence™ Kernel-Mode Cryptomodule", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Entrust Entelligence Kernel-Mode Cryptomodule is a software module that implements AES encryption and decryption functions suitable for use in kernel-mode drivers on Windows platforms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1042", "Certificate Number": "1042", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet HighAssurance 4000 Gateway", "Module Type": "Hardware", "Validation Date": "10/15/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1042.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1042", "detail_available": true, "module_name": "SafeNet HighAssurance 4000 Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeNet HighAssurance 4000 Gateway is a high performance, integrated security appliance that offers Gigabit IPSec encryption. Housed in a tamper evident chassis, have two gigabit ethernet ports. Traffic on the local port is received in the clear, while traffic on the remote port has security processing applied to it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1041", "Certificate Number": "1041", "Vendor Name": "Optica Technologies Incorporated", "Module Name": "Optica Technologies Eclipz ESCON Tape Encryptor", "Module Type": "Hardware", "Validation Date": "10/15/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1041.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1041", "detail_available": true, "module_name": "Optica Technologies Eclipz ESCON Tape Encryptor", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Optica Technologies Eclipz ESCON Tape Encryptor is an inline encryption appliance that directly integrates hardware accelerated encryption into native ESCON channels. It provides fully transparent, high performance data encryption for legacy ESCON tape systems. Eclipz preserves legacy ESCON tape device investments and interoperates with leading appliance-based key management solutions. . It supports 4 ESCON channels within a single appliance. The encryptor provides encryption for tape backup and recovery operations, and tape-based information sharing with business partners." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1040", "Certificate Number": "1040", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 3825 and Cisco 3845 Integrated Services Routers", "Module Type": "Hardware", "Validation Date": "10/14/200808/28/200910/23/200905/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1040.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1040", "detail_available": true, "module_name": "Cisco 3825 and Cisco 3845 Integrated Services Routers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 3800 Series features the ability to deliver multiple high-quality simultaneous services at wire speeds up to T3 connection. The Cisco 3800 Series routers offer embedded encryption acceleration on the motherboard." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1039", "Certificate Number": "1039", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 2851 Integrated Services Router", "Module Type": "Hardware", "Validation Date": "10/14/200808/28/200910/23/200905/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1039.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1039", "detail_available": true, "module_name": "Cisco 2851 Integrated Services Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 2800 Series features the ability to deliver multiple high-quality simultaneous services at wire speeds up to multiple T1/E1/xDSL connections. The Cisco 2800 Series routers offer embedded encryption acceleration on the motherboard." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1038", "Certificate Number": "1038", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 2811 and Cisco 2821 Integrated Services Routers", "Module Type": "Hardware", "Validation Date": "10/14/200808/28/200910/23/200905/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1038.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1038", "detail_available": true, "module_name": "Cisco 2811 and Cisco 2821 Integrated Services Routers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 2800 Series features the ability to deliver multiple high-quality simultaneous services at wire speeds up to multiple T1/E1/xDSL connections. The Cisco 2800 Series routers offer embedded encryption acceleration on the motherboard." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1037", "Certificate Number": "1037", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 1841 and Cisco 2801 Integrated Services Routers", "Module Type": "Hardware", "Validation Date": "10/14/200808/28/200910/23/200905/28/201006/07/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1037.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1037", "detail_available": true, "module_name": "Cisco 1841 and Cisco 2801 Integrated Services Routers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident labels installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 1841 and 2801 routers feature the ability to deliver multiple high-quality simultaneous services at wire speeds up to multiple T1/E1/xDSL connections. These routers offer embedded encryption acceleration on the motherboard." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1036", "Certificate Number": "1036", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 1841 Integrated Services Routers with AIM-VPN/BPII-Plus and Cisco 2801 Integrated Services Routers with AIM-VPN/EPII-Plus", "Module Type": "Hardware", "Validation Date": "10/14/200808/28/200910/23/200905/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1036.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1036", "detail_available": true, "module_name": "Cisco 1841 Integrated Services Routers with AIM-VPN/BPII-Plus and Cisco 2801 Integrated Services Routers with AIM-VPN/EPII-Plus", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 1841 and 2801 routers feature the ability to deliver multiple high-quality simultaneous services at wire speeds up to multiple T1/E1/xDSL connections. These routers offer embedded encryption acceleration on the motherboard. For additional performance, the Cisco 1841 and 2801 routers feature the ability to optionally add encryption acceleration advanced integration modules (AIM-VPN/BPII-Plus and AIM-VPN/EPII-Plus)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1035", "Certificate Number": "1035", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 2811 and Cisco 2821 Integrated Services Routers with AIM-VPN/EPII-Plus", "Module Type": "Hardware", "Validation Date": "10/07/200808/28/200910/23/200905/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1035.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1035", "detail_available": true, "module_name": "Cisco 2811 and Cisco 2821 Integrated Services Routers with AIM-VPN/EPII-Plus", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 2800 Series features the ability to deliver multiple high-quality simultaneous services at wire speeds up to multiple T1/E1/xDSL connections. The Cisco 2800 Series routers offer embedded encryption acceleration on the motherboard. For additional performance, the Cisco 2811 and 2821 routers feature the ability to optionally add encryption acceleration advanced integration modules (AIM-VPN/EPII-Plus)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1034", "Certificate Number": "1034", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 2851 Integrated Services Router with AIM-VPN/EPII-Plus", "Module Type": "Hardware", "Validation Date": "10/07/200808/28/200910/23/200905/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1034.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1034", "detail_available": true, "module_name": "Cisco 2851 Integrated Services Router with AIM-VPN/EPII-Plus", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 2800 Series features the ability to deliver multiple high-quality simultaneous services at wire speeds up to multiple T1/E1/xDSL connections. The Cisco 2800 Series routers offer embedded encryption acceleration on the motherboard. For additional performance, the Cisco 2851 router features the ability to optionally add encryption acceleration advanced integration modules (AIM-VPN/EPII-Plus)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1033", "Certificate Number": "1033", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 3825 Integrated Services Routers with AIM-VPN/EPII-Plus and Cisco 3845 Integrated Services Routers with AIM-VPN/HPII-Plus", "Module Type": "Hardware", "Validation Date": "10/07/200808/28/200910/23/200905/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1033.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1033", "detail_available": true, "module_name": "Cisco 3825 Integrated Services Routers with AIM-VPN/EPII-Plus and Cisco 3845 Integrated Services Routers with AIM-VPN/HPII-Plus", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 3800 Series features the ability to deliver multiple high-quality simultaneous services at wire speeds up to T3 connection. The Cisco 3800 Series routers offer embedded encryption acceleration on the motherboard. For additional performance, the Cisco 3825 and 3845 routers feature the ability to optionally add encryption acceleration advanced integration modules (AIM-VPN/EPII-Plus and AIM-VPN/HPII-Plus)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1032", "Certificate Number": "1032", "Vendor Name": "Nortel Networks", "Module Name": "VPN Client Software", "Module Type": "Software", "Validation Date": "10/07/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1032.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1032", "detail_available": true, "module_name": "VPN Client Software", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Microsoft® Enhanced Cryptographic Provider validated to FIPS 140-1 under Cert. #238 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Contivity VPN Client provides stable, secure network access via Nortel VPN routers and VPN gateways. The client can be preconfigured and customized by IT administrators for quick install and connect, or easily configured by end users via the connection wizard. The VPN client works over all IP infrastructures including all wireless, broadband, and satellite services. The VPN client also supports seamless roaming, enabling a user to roam wirelessly without losing the virtual connection." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1031", "Certificate Number": "1031", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 1841 with AIM-VPN/SSL-1 and Cisco 2801 with AIM-VPN/SSL-2 Integrated Services Routers", "Module Type": "Hardware", "Validation Date": "10/07/200808/28/200910/23/200905/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1031.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1031", "detail_available": true, "module_name": "Cisco 1841 with AIM-VPN/SSL-1 and Cisco 2801 with AIM-VPN/SSL-2 Integrated Services Routers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 1841 and 2801 routers feature the ability to deliver multiple high-quality simultaneous services at wire speeds up to multiple T1/E1/xDSL connections. These routers offer embedded encryption acceleration on the motherboard. For additional performance, the Cisco 1841 and 2801 routers feature the ability to optionally add encryption acceleration advanced integration modules (AIM-VPN/SSL-1 and AIM-VPN/SSL-2)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1030", "Certificate Number": "1030", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 2811 and Cisco 2821 Integrated Services Routers with AIM-VPN/SSL-2", "Module Type": "Hardware", "Validation Date": "10/07/200808/28/200910/23/200905/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1030.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1030", "detail_available": true, "module_name": "Cisco 2811 and Cisco 2821 Integrated Services Routers with AIM-VPN/SSL-2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 2800 Series features the ability to deliver multiple high-quality simultaneous services at wire speeds up to multiple T1/E1/xDSL connections. The Cisco 2800 Series routers offer embedded encryption acceleration on the motherboard. For additional performance, the Cisco 2811 and 2821 routers feature the ability to optionally add encryption acceleration advanced integration modules (AIM-VPN/SSL-2)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1029", "Certificate Number": "1029", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 3825 and Cisco 3845 Integrated Services Routers with AIM-VPN/SSL-3", "Module Type": "Hardware", "Validation Date": "10/07/200808/28/200910/23/200905/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1029.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1029", "detail_available": true, "module_name": "Cisco 3825 and Cisco 3845 Integrated Services Routers with AIM-VPN/SSL-3", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 3800 Series features the ability to deliver multiple high-quality simultaneous services at wire speeds up to T3 connection. The Cisco 3800 Series routers offer embedded encryption acceleration on the motherboard. For additional performance, the Cisco 3825 and 3845 routers feature the ability to optionally add encryption acceleration advanced integration modules (AIM-VPN/SSL-3)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1028", "Certificate Number": "1028", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 2851 Integrated Services Router with AIM-VPN/SSL-2", "Module Type": "Hardware", "Validation Date": "10/07/200808/28/200910/23/200905/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1028.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1028", "detail_available": true, "module_name": "Cisco 2851 Integrated Services Router with AIM-VPN/SSL-2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 2800 Series features the ability to deliver multiple high-quality simultaneous services at wire speeds up to multiple T1/E1/xDSL connections. The Cisco 2800 Series routers offer embedded encryption acceleration on the motherboard. For additional performance, the Cisco 2851 router features the ability to optionally add encryption acceleration advanced integration modules (AIM-VPN/SSL-2)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1027", "Certificate Number": "1027", "Vendor Name": "Attachmate Corporation", "Module Name": "Attachmate Cryptographic Module", "Module Type": "Software", "Validation Date": "10/07/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1027.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1027", "detail_available": true, "module_name": "Attachmate Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Attachmate Crypto Module is used in a range of solutions from Attachmate, provider of host connectivity, secure communications and systems and security management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1026", "Certificate Number": "1026", "Vendor Name": "Sun Microsystems, Inc.", "Module Name": "Sun Crypto Accelerator 6000", "Module Type": "Hardware", "Validation Date": "10/07/200812/17/200805/18/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1026.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1026", "detail_available": true, "module_name": "Sun Crypto Accelerator 6000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Sun Cryptographic Accelerator 6000 (SCA-6000) is a high performance hardware security module for Sun platforms (SPARC, x86, x64). It is a low-profile, short PCI-E (X8) card consisting of on-board cryptographic acceleration hardware and a secure cryptographic key store. SCA-6000 supports remote management functions. It has serial and USB ports for local administration. It enhances platform performance by off-loading compute intensive cryptographic calculations by accelerating both IPsec and SSL processing, and by performing many financial service functions. Supported on Linux and Solaris-10" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1025", "Certificate Number": "1025", "Vendor Name": "BeCrypt Limited", "Module Name": "BeCrypt Cryptographic Library", "Module Type": "Software", "Validation Date": "10/07/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1025.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1025", "detail_available": true, "module_name": "BeCrypt Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The BeCrypt Cryptographic Library provides core cryptographic functionality for BeCrypt's Enterprise security products including a range of market leading disk encryption, media encryption and data protection products. The cryptographic library provides a capability to develop complex and flexible security applications that require cryptographic functionality in both pre-OS and 32 bit operating environments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1024", "Certificate Number": "1024", "Vendor Name": "Inter-4, A Division of Sierra Nevada Corporation", "Module Name": "STS Secure for Linux", "Module Type": "Software", "Validation Date": "09/24/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1024.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1024", "detail_available": true, "module_name": "STS Secure for Linux", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The STS Secure for Linux is a FIPS 140-2 Level 1 software module, comprised of the Security Manager Application Service (SMA), Key Generator Application, and the AES NetFilter Driver, that runs on a general purpose computer. It is the basis for Inter-4's TACTI-NET networking technology. The primary purpose for the STS Secure software module is to provide data security for all network wireless and/or wired traffic." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1023", "Certificate Number": "1023", "Vendor Name": "3e Technologies International, Inc.", "Module Name": "3e-525A-3, 3e-525A-3 BASIC, 3e-525A-3 BASIC with TEC, 3e-525A-3MP, 3e-525A-3MP with TEC, 3e-525V-3, 3e-525Ve-3 and 3e-525Ve-4 AirGuard™ Wireless Access Points", "Module Type": "Hardware", "Validation Date": "09/24/200812/09/200802/05/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1023.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1023", "detail_available": true, "module_name": "3e-525A-3, 3e-525A-3 BASIC, 3e-525A-3 BASIC with TEC, 3e-525A-3MP, 3e-525A-3MP with TEC, 3e-525V-3, 3e-525Ve-3 and 3e-525Ve-4 AirGuard™ Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The AirGuard™ model 525A-3 and model 525V-3/4 Wireless Access Points are packaged in rugged IP 66 weatherproof enclosure and conforms to 802.11a/b/g wireless standards. They provide access point, gateway, bridge/repeater, and mesh networking for wireless applications. In access point or gateway mode, the 525A-3 can establish links to laptops, PDAs and other wireless devices at data rates from 11 Mbps up to 108 Mbps. The 525V-3/4 incorporates an extra video module to provide capability for remote video surveillance and camera control." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1022", "Certificate Number": "1022", "Vendor Name": "Imation Corp.", "Module Name": "Outbacker MXP", "Module Type": "Hardware", "Validation Date": "09/10/200802/24/200905/31/201104/24/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1022.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1022", "detail_available": true, "module_name": "Outbacker MXP", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Outbacker MXP is a USB Portable Security Device with authentication and cryptographic services. It provides up to 320 gigabytes of encrypted portable storage and digital identity operations for enterprise security and user authentication via biometric and password." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1021", "Certificate Number": "1021", "Vendor Name": "CoCo Communications", "Module Name": "The CoCo Crypto Module", "Module Type": "Software", "Validation Date": "09/02/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1021.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1021", "detail_available": true, "module_name": "The CoCo Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The CoCo Crypto Module provides cryptographic services for the core components of CoCo Communications' tactical and military product lines. With the CoCo Crypto Module, users of CoCo's mobile digital network systems can be assured that their communications are safe from spoofing, eavesdropping, and other forms of information attack. As used within the CoCo Communications product suite, the CoCo Crypto module is interchangeable with the OpenSSL DLL, allowing for easy deployment-time transition to suit the needs of the problem domain." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1020", "Certificate Number": "1020", "Vendor Name": "Aruba Networks, Inc.", "Module Name": "Aruba 200, 800 and 6000 Mobility Controller with ArubaOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "09/02/200810/16/200803/19/200902/12/201009/07/201003/14/201106/09/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1020.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1020", "detail_available": true, "module_name": "Aruba 200, 800 and 6000 Mobility Controller with ArubaOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba Networks' Mobility Controller system with an integrated ICSA-certified stateful firewall and hardware-based encryption, is the industry's highest performing and most scalable enterprise mobility platform on the market today. Aruba offers the industry's only modular and stackable mobility controllers from every enterprise environment. Now, administrators are freed from the costly and time-consuming process of managing individual APs. And as security standards change and new mobile services emerge, they are easily implemented at the controller and propagated throughout the enterprise." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1019", "Certificate Number": "1019", "Vendor Name": "Aruba Networks, Inc.", "Module Name": "Aruba 200, 800 and 6000 Mobility Controller with ArubaOS FIPS Firmware", "Module Type": "Hardware", "Validation Date": "09/02/200812/15/200803/14/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1019.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1019", "detail_available": true, "module_name": "Aruba 200, 800 and 6000 Mobility Controller with ArubaOS FIPS Firmware", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba Networks' Mobility Controller system with an integrated ICSA-certified stateful firewall and hardware-based encryption, is the industry's highest performing and most scalable enterprise mobility platform on the market today. Aruba offers the industry's only modular and stackable mobility controllers from every enterprise environment. Now, administrators are freed from the costly and time-consuming process of managing individual APs. And as security standards change and new mobile services emerge, they are easily implemented at the controller and propagated throughout the enterprise." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1018", "Certificate Number": "1018", "Vendor Name": "Inter-4, A Division of Sierra Nevada Corporation", "Module Name": "STS Secure for Windows XP, Embedded XP", "Module Type": "Software", "Validation Date": "09/02/200812/15/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1018.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1018", "detail_available": true, "module_name": "STS Secure for Windows XP, Embedded XP", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The STS Secure for Windows XP, Embedded XP is a FIPS 140-2 Level 1 software module, comprised of the Security Manager Application Service (SMA), Key Generator Application, and the AES NDIS Filter Driver, that runs on a general purpose computer. It is the basis for Inter-4's Tactinet networking technology. The primary purpose for the STS Secure software module is to provide data security for all network wireless/wired traffic. In addition to data in transit (DIT), file based encryption protects files transferred to/from the platform via external USB drives." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1017", "Certificate Number": "1017", "Vendor Name": "Inter-4, A Division of Sierra Nevada Corporation", "Module Name": "STS Secure for Windows CE", "Module Type": "Software", "Validation Date": "09/02/200812/15/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1017.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1017", "detail_available": true, "module_name": "STS Secure for Windows CE", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The STS Secure for Windows CE is a FIPS 140-2 Level 1 software module, comprised of the Security Manager Application Service (SMA) & AES NDIS Filter Driver, that runs on a general purpose computer. It is the basis for Inter-4's Tactinet networking technology. The primary purpose for the STS Secure software module is to provide data security for all network wireless/wired traffic. In addition to data in transit (DIT), file based encryption protects files tranferred to/from the platform via external USB drives, and sensitive data at rest (DAR) stored internally is also encrypted and zeroizable." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1016", "Certificate Number": "1016", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Secure Services Client FIPS Module", "Module Type": "Software", "Validation Date": "08/22/200808/22/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1016.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1016", "detail_available": true, "module_name": "Cisco Secure Services Client FIPS Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Cisco Secure Services Client FIPS Module is a self contained crypto module that supports IEEE 802.11i (WPA2) key exchange and IEEE 802.1X wired and wireless authentication. The module provides cryptographic support for 802.1X EAP types such as EAP-TLS, EAP-FAST and PEAP as well as WPA2-PSK (Pre-shared key)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1015", "Certificate Number": "1015", "Vendor Name": "Lexmark International, Inc.", "Module Name": "Lexmark Encryption Plug-In", "Module Type": "Software", "Validation Date": "08/22/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1015.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1015", "detail_available": true, "module_name": "Lexmark Encryption Plug-In", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "A secure rendering plug-in that provides AES encryption of print data from the host through a print server with the AES encrypted data continuing on to a Lexmark decryption-enabled device. The rendering plug-in uses the Lexmark device's public key such that only the target device will be able to decrypt the data." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1014", "Certificate Number": "1014", "Vendor Name": "Motorola, Inc.", "Module Name": "Motorola Network Router (MNR) S2500", "Module Type": "Hardware", "Validation Date": "08/22/200801/26/200907/28/200912/23/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1014.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1014", "detail_available": true, "module_name": "Motorola Network Router (MNR) S2500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "MNR S2500 routers are versatile, secure-capable devices that can ensure timely delivery of delay-sensitive traffic. Supporting secure integrated voice and data applications as well as high-speed site-to-site WAN connections, S2500 routers perform simultaneous functions - including compression and data prioritization - without compromising their ability to accomplish additional packet-handling functions as needed. In addition to the normal routing functions, the MNR S2500 supports data encryption and authentication over Ethernet and Frame Relay links using the IPSec and FRF.17 protocols." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1013", "Certificate Number": "1013", "Vendor Name": "Motorola, Inc.", "Module Name": "Motorola Network Router (MNR) S6000", "Module Type": "Hardware", "Validation Date": "08/22/200801/26/200907/28/200912/23/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1013.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1013", "detail_available": true, "module_name": "Motorola Network Router (MNR) S6000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "MNR S6000 routers are versatile, secure-capable devices that can ensure timely delivery of delay-sensitive traffic. Supporting secure integrated voice and data applications as well as high-speed site-to-site WAN connections, S6000 routers perform simultaneous functions - including compression and data prioritization - without compromising their ability to accomplish additional packet-handling functions as needed. In addition to the normal routing functions, the MNR S6000 supports data encryption and authentication over Ethernet and Frame Relay links using the IPSec and FRF.17 protocols." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1012", "Certificate Number": "1012", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Server 2003 Enhanced Cryptographic Provider (RSAENH)", "Module Type": "Software", "Validation Date": "08/22/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1012.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1012", "detail_available": true, "module_name": "Windows Server 2003 Enhanced Cryptographic Provider (RSAENH)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Microsoft Enhanced Cryptographic Provider is a FIPS 140-2 compliant, software-based, cryptographic module.RSAENH encapsulates several different cryptographic algorithms (including SHA-1, 3DES, AES, RSA, HMAC) in a cryptographic module accessible via the Microsoft CryptoAPI." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1011", "Certificate Number": "1011", "Vendor Name": "Francotyp-Postalia GmbH", "Module Name": "Revenector2008", "Module Type": "Hardware", "Validation Date": "08/15/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1011.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1011", "detail_available": true, "module_name": "Revenector2008", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Revenector2008 is an embedded security device that can enhance the security of various kinds of appliances and computerized devices. The hardware of the Revenector2008 is designed to protect critical security parameters as well as application specific revenues. Its firmware enables hosting systems to load or update signed application specific firmware." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1010", "Certificate Number": "1010", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Server 2008 Enhanced Cryptographic Provider (RSAENH)", "Module Type": "Software", "Validation Date": "08/15/200807/24/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1010.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1010", "detail_available": true, "module_name": "Windows Server 2008 Enhanced Cryptographic Provider (RSAENH)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #1006 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSAENH encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. Developers dynamically link the Microsoft RSAENH module into their applications to provide FIPS 140-2 compliant cryptographic support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1009", "Certificate Number": "1009", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Server 2008 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)", "Module Type": "Software", "Validation Date": "08/15/200807/24/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1009.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1009", "detail_available": true, "module_name": "Windows Server 2008 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #1006 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "DSSENH encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. Software developers dynamically link the Microsoft DSSENH module into their applications to provide FIPS 140-2 compliant cryptographic support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1008", "Certificate Number": "1008", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Windows Server 2008 Cryptographic Primitives Library (bcrypt.dll)", "Module Type": "Software", "Validation Date": "08/15/200807/24/200909/06/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1008.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1008", "detail_available": true, "module_name": "Microsoft Windows Server 2008 Cryptographic Primitives Library (bcrypt.dll)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #1006 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "BCRYPT.DLL provides cryptographic services, through its documented interfaces, to Windows Vista components and applications running on Windows Vista. The cryptographic module, BCRYPT.DLL, encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CNG (Cryptography, Next Generation) API. It can be dynamically linked into applications by software developers to permit the use of general-purpose FIPS 140-2 compliant cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1007", "Certificate Number": "1007", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Windows Server 2008 Kernel Mode Security Support Provider Interface (ksecdd.sys)", "Module Type": "Software", "Validation Date": "08/15/200802/23/200907/30/200910/16/200902/09/201209/27/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1007.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1007", "detail_available": true, "module_name": "Microsoft Windows Server 2008 Kernel Mode Security Support Provider Interface (ksecdd.sys)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Windows Server 2008 OS Loader (winload.exe) validated to FIPS 140-2 under Cert. #1005 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "KSECDD.SYS runs as a kernel mode export driver, and provides cryptographic services, through their documented interfaces, to Windows Vista kernel components. It supports several cryptographic algorithms accessible via a FIPS function table request irp (I/O request packet)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1006", "Certificate Number": "1006", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Server 2008 Code Integrity (ci.dll)", "Module Type": "Software", "Validation Date": "08/15/200807/24/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1006.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1006", "detail_available": true, "module_name": "Windows Server 2008 Code Integrity (ci.dll)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Winload OS Loader (winload.exe) validated to FIPS 140-2 under Cert. #1005 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This is a dynamically linked library that runs as ntoskrnl.exe. It verifies the integrity of executable files, including kernel mode drivers, critical system components and user mode crypto modules, before these files are loaded from disk into memory by the memory manager." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1005", "Certificate Number": "1005", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Server 2008 Winload OS Loader (winload.exe)", "Module Type": "Software", "Validation Date": "08/15/200807/24/200901/20/201110/17/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1005.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1005", "detail_available": true, "module_name": "Windows Server 2008 Winload OS Loader (winload.exe)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Boot Manager (bootmgr) validated to FIPS 140-2 under Cert. #1004 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This is the OS loader. It loads the boot-critical driver image files and the OS kernel image file itself." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1004", "Certificate Number": "1004", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Server 2008 Boot Manager (bootmgr)", "Module Type": "Software", "Validation Date": "08/15/200807/24/200901/20/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1004.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1004", "detail_available": true, "module_name": "Windows Server 2008 Boot Manager (bootmgr)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This is the system boot manager, called by the bootstrapping code that resides in the boot sector. It checks its own integrity and then checks the integrity of the OS loader and launches it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1003", "Certificate Number": "1003", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Vista Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)", "Module Type": "Software", "Validation Date": "08/15/200807/24/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1003.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1003", "detail_available": true, "module_name": "Windows Vista Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #980 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "DSSENH encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. Software developers dynamically link the Microsoft DSSENH module into their applications to provide FIPS 140-2 compliant cryptographic support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1002", "Certificate Number": "1002", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Vista Enhanced Cryptographic Provider (RSAENH)", "Module Type": "Software", "Validation Date": "08/15/200807/24/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1002.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1002", "detail_available": true, "module_name": "Windows Vista Enhanced Cryptographic Provider (RSAENH)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #980 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSAENH encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. Developers dynamically link the Microsoft RSAENH module into their applications to provide FIPS 140-2 compliant cryptographic support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1001", "Certificate Number": "1001", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Windows Vista Cryptographic Primitives Library (bcrypt.dll)", "Module Type": "Software", "Validation Date": "08/15/200807/24/200909/06/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1001.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1001", "detail_available": true, "module_name": "Microsoft Windows Vista Cryptographic Primitives Library (bcrypt.dll)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #980 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "BCRYPT.DLL provides cryptographic services, through its documented interfaces, to Windows Vista components and applications running on Windows Vista. The cryptographic module, BCRYPT.DLL, encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CNG (Cryptography, Next Generation) API. It can be dynamically linked into applications by software developers to permit the use of general-purpose FIPS 140-2 compliant cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1000", "Certificate Number": "1000", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Windows Vista Kernel Mode Security Support Provider Interface (ksecdd.sys)", "Module Type": "Software", "Validation Date": "08/15/200807/24/200910/16/200902/09/201209/27/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1000.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1000", "detail_available": true, "module_name": "Microsoft Windows Vista Kernel Mode Security Support Provider Interface (ksecdd.sys)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Windows Vista OS Loader (winload.exe) validated to FIPS 140-2 under Cert. #979 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "KSECDD.SYS runs as a kernel mode export driver, and provides cryptographic services, through their documented interfaces, to Windows Vista kernel components. It supports several cryptographic algorithms accessible via a FIPS function table request irp (I/O request packet)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/999", "Certificate Number": "999", "Vendor Name": "Hewlett Packard®, Enterprise", "Module Name": "HP StorageWorks Secure Key Manager", "Module Type": "Hardware", "Validation Date": "08/15/200809/19/201101/25/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp999.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/999", "detail_available": true, "module_name": "HP StorageWorks Secure Key Manager", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The HP Secure Key Manager automates encryption key generation and management based on security policies. It is a hardened security appliance delivering identity-based access, administration and logging. Additionally, the Secure Key Manager provides reliable lifetime key archival with automatic multi-site key replication and failover capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/998", "Certificate Number": "998", "Vendor Name": "Dell Software, Inc.", "Module Name": "NSA E7500", "Module Type": "Hardware", "Validation Date": "08/15/200804/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp998.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/998", "detail_available": true, "module_name": "NSA E7500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Dell SonicWALL E-Class Network Security Appliance (NSA) series is engineered to meet the needs of the expanding enterprise network by providing a high performance, scalable, multifunction threat prevention appliance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/997", "Certificate Number": "997", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Windows XP Kernel Mode Cryptographic Module (FIPS.SYS)", "Module Type": "Software", "Validation Date": "08/15/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp997.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/997", "detail_available": true, "module_name": "Microsoft Windows XP Kernel Mode Cryptographic Module (FIPS.SYS)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "FIPS.sys is a general-purpose, software-based, cryptographic module residing at the Kernel level of the Windows Operating System. It runs as a kernel mode export driver (a kernel-mode DLL) and encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible by other kernel mode services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/996", "Certificate Number": "996", "Vendor Name": "Alcatel-Lucent", "Module Name": "Alcatel-Lucent VPN Firewall Bricks® 150, 700 AC and 700 DC", "Module Type": "Hardware", "Validation Date": "08/15/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp996.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/996", "detail_available": true, "module_name": "Alcatel-Lucent VPN Firewall Bricks® 150, 700 AC and 700 DC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Alcatel-Lucent VPN Firewall Brick portfolio offers a broad range of enterprise-class security solutions to protect corporate networks and deliver mission-critical IP applications to headquarters, branch offices, trading partners, road warriors and customers. The Alcatel- Lucent VPN Firewall Brick solution provides simplified management - unique client/server design, centralized staging, real-time monitoring and \"no-touch\" management of all VPN, security and service quality assurance capabilities via the scalable, proven Lucent Security Management Server system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/995", "Certificate Number": "995", "Vendor Name": "Alcatel-Lucent", "Module Name": "Alcatel-Lucent VPN Firewall Brick® 1200", "Module Type": "Hardware", "Validation Date": "08/15/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp995.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/995", "detail_available": true, "module_name": "Alcatel-Lucent VPN Firewall Brick® 1200", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Alcatel-Lucent VPN Firewall Brick portfolio offers a broad range of enterprise-class security solutions to protect corporate networks and deliver mission-critical IP applications to headquarters, branch offices, trading partners, road warriors and customers. The Alcatel- Lucent VPN Firewall Brick solution provides simplified management - unique client/server design, centralized staging, real-time monitoring and \"no-touch\" management of all VPN, security and service quality assurance capabilities via the scalable, proven Lucent Security Management Server system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/994", "Certificate Number": "994", "Vendor Name": "Alcatel-Lucent", "Module Name": "Alcatel-Lucent VPN Firewall Brick® 50", "Module Type": "Hardware", "Validation Date": "08/15/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp994.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/994", "detail_available": true, "module_name": "Alcatel-Lucent VPN Firewall Brick® 50", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Alcatel-Lucent VPN Firewall Brick portfolio offers a broad range of enterprise-class security solutions to protect corporate networks and deliver mission-critical IP applications to headquarters, branch offices, trading partners, road warriors and customers. The Alcatel- Lucent VPN Firewall Brick solution provides simplified management - unique client/server design, centralized staging, real-time monitoring and \"no-touch\" management of all VPN, security and service quality assurance capabilities via the scalable, proven Lucent Security Management Server system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/993", "Certificate Number": "993", "Vendor Name": "Oracle Corporation", "Module Name": "Key Token", "Module Type": "Hardware", "Validation Date": "11/06/200805/05/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp993.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/993", "detail_available": true, "module_name": "Key Token", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Key Token is a part of the larger Encrypted Data-At-Rest Solution (EDRS). The primary purpose for this device is to provide secure key storage and key transport between the two other EDRS components. The additional two components that the EDRS includes are the Key Management Station (KMS) and the Encrypting Tape Drive (ETD)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/992", "Certificate Number": "992", "Vendor Name": "Dell Software, Inc.", "Module Name": "NSA 4500, NSA 5000 and NSA E5500", "Module Type": "Hardware", "Validation Date": "08/15/200804/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp992.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/992", "detail_available": true, "module_name": "NSA 4500, NSA 5000 and NSA E5500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Dell SonicWALL E-Class Network Security Appliance (NSA) series is engineered to meet the needs of the expanding enterprise network by providing a high performance, scalable, multifunction threat prevention appliance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/991", "Certificate Number": "991", "Vendor Name": "Athena Smartcard Inc.", "Module Name": "Athena IDProtect Duo PIV", "Module Type": "Hardware", "Validation Date": "08/15/200804/12/201302/06/201405/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp991.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/991", "detail_available": true, "module_name": "Athena IDProtect Duo PIV", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The Athena IDProtect Duo PIV cryptographic module is compliant with FIPS 201 as an end point compliant card. The PIV application is hosted by the Athena IDProtect dual interface smart card operating system compliant with the Java Card 2.2.2 and GlobalPlatform 2.1.1 specifications and FIPS 140-2 Level 2 (Level 4 for Physical Security). IDProtect supports FIPS Approved Random Number Generator, TDES, AES, SHA-1, SHA-256, and RSA up to 2048 bits including on board key generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/990", "Certificate Number": "990", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows XP Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)", "Module Type": "Software", "Validation Date": "07/24/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp990.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/990", "detail_available": true, "module_name": "Windows XP Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider, designed for FIPS 140-2 compliance, is a software-based, cryptographic module. DSSENH encapsulates several different cryptographic algorithms (including SHA-1, DES, TDES, DSA) in a cryptographic module accessible via the Microsoft CryptoAPI." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/989", "Certificate Number": "989", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows XP Enhanced Cryptographic Provider (RSAENH)", "Module Type": "Software", "Validation Date": "07/24/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp989.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/989", "detail_available": true, "module_name": "Windows XP Enhanced Cryptographic Provider (RSAENH)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Microsoft Enhanced Cryptographic Provider, designed for FIPS 140-2 compliance, is a software-based, cryptographic module. RSAENH encapsulates several different cryptographic algorithms (including SHS, DES, TDES, AES, RSA, HMAC) in a cryptographic module accessible via the Microsoft CryptoAPI." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/988", "Certificate Number": "988", "Vendor Name": "Imation Corp.", "Module Name": "Stealth MXP Passport", "Module Type": "Hardware", "Validation Date": "07/24/200808/22/200805/31/201104/24/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp988.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/988", "detail_available": true, "module_name": "Stealth MXP Passport", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Stealth MXP Passport is a USB mass storage device which implements hardware encryption dependant on user authentication. It provides not only secure encrypted storage, but management of digital identity credentials used for authentication and verification to enterprise and personal services" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/987", "Certificate Number": "987", "Vendor Name": "Imation Corp.", "Module Name": "Stealth MXP", "Module Type": "Hardware", "Validation Date": "07/24/200808/22/200805/31/201104/24/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp987.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/987", "detail_available": true, "module_name": "Stealth MXP", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Stealth MXP is a USB mass storage device which implements hardware encryption dependant on user authentication. It provides not only secure encrypted storage, but management of digital identity credentials used for authentication and verification to enterprise and personal services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/986", "Certificate Number": "986", "Vendor Name": "Research In Motion Ltd.", "Module Name": "BlackBerry Cryptographic Kernel", "Module Type": "Firmware", "Validation Date": "07/24/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp986.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/986", "detail_available": true, "module_name": "BlackBerry Cryptographic Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-to-end solution. The BlackBerry Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/985", "Certificate Number": "985", "Vendor Name": "Route1® Inc.", "Module Name": "Route1® FIPS Cryptographic Module", "Module Type": "Software", "Validation Date": "07/17/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp985.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/985", "detail_available": true, "module_name": "Route1® FIPS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Route1 FIPS Cryptographic Module lies at the core of Route1®'s MobiNET™ a communications and service delivery platform focused on identity management and entitlement-based access to systems and resources. MobiNET™services are delivered on a number of digital form factors, such as mobile phones, handheld devices and Route1 MobiKEY™ an ultra-portable, smart-card enabled USB device. The Route1 FIPS Cryptographic Module's functionality includes a wide range of data encryption and asymmetric algorithms including AES, the RSA Public Key Cryptosystem, DSA, and the SHA family of message digests." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/984", "Certificate Number": "984", "Vendor Name": "Dell Software, Inc.", "Module Name": "NSA 3500", "Module Type": "Hardware", "Validation Date": "07/17/200804/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp984.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/984", "detail_available": true, "module_name": "NSA 3500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Dell SonicWALL E-Class Network Security Appliance (NSA) series is engineered to meet the needs of the expanding enterprise network by providing a high performance, scalable, multifunction threat prevention appliance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/983", "Certificate Number": "983", "Vendor Name": "Dell Software, Inc.", "Module Name": "NSA E6500", "Module Type": "Hardware", "Validation Date": "07/17/200804/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp983.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/983", "detail_available": true, "module_name": "NSA E6500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Dell SonicWALL E-Class Network Security Appliance (NSA) series is engineered to meet the needs of the expanding enterprise network by providing a high performance, scalable, multifunction threat prevention appliance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/982", "Certificate Number": "982", "Vendor Name": "Dell Software, Inc.", "Module Name": "TZ 180, TZ 180W, TZ 190 and TZ 190W", "Module Type": "Hardware", "Validation Date": "07/17/200804/21/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp982.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/982", "detail_available": true, "module_name": "TZ 180, TZ 180W, TZ 190 and TZ 190W", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Dell SonicWALL's TZ Series is a high performance security platform that combines a deep packet inspection firewall, anti-virus, anti-spyware, intrusion prevention, content filtering, optional modular modem backup, and optional 802.11 b/g WLAN. These solutions allow small, remote, and branch offices to implement protection from the wide spectrum of emerging network threats." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/981", "Certificate Number": "981", "Vendor Name": "FRAMA AG", "Module Name": "FRAMA PSD-I", "Module Type": "Hardware", "Validation Date": "07/17/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp981.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/981", "detail_available": true, "module_name": "FRAMA PSD-I", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The cryptographic module (called Postal Security Device, PSD) supports booking processes within postal meters as well as value loading processes in order to increase the postage credits. The postage credits are kept as CSPs within the PSD. In detail the use of cryptographic services, like the production of cryptographic keys, the encoding, decoding or signature and signature verification is part of PSD internal purposes to the booking processes mentioned above. The PSD uses the following algorithms in the approved mode of operation: Triple-DES; RSA; SHA-1; RNG acc. to FIPS 186-2." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/980", "Certificate Number": "980", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Vista Code Integrity (ci.dll)", "Module Type": "Software", "Validation Date": "07/21/200807/29/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp980.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/980", "detail_available": true, "module_name": "Windows Vista Code Integrity (ci.dll)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Winload OS Loader (winload.exe) validated to FIPS 140-2 under Cert. #979 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This is a dynamically linked library that runs as ntoskrnl.exe. It verifies the integrity of executable files, including kernel mode drivers, critical system components and user mode crypto modules, before these files are loaded from disk into memory by the memory manager." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/979", "Certificate Number": "979", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Vista Winload OS Loader (winload.exe)", "Module Type": "Software", "Validation Date": "07/21/200807/29/200910/17/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp979.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/979", "detail_available": true, "module_name": "Windows Vista Winload OS Loader (winload.exe)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Boot Manager (bootmgr) validated to FIPS 140-2 under Cert. #978 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This is the OS loader. It loads the boot-critical driver image files and the OS kernel image file itself." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/978", "Certificate Number": "978", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Vista Boot Manager (bootmgr)", "Module Type": "Software", "Validation Date": "07/21/200807/24/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp978.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/978", "detail_available": true, "module_name": "Windows Vista Boot Manager (bootmgr)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This is the system boot manager, called by the bootstrapping code that resides in the boot sector. It checks its own integrity and then checks the integrity of the OS loader and launches it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/977", "Certificate Number": "977", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F2 4000, nShield F2 2000, nShield F2 500", "Module Type": "Hardware", "Validation Date": "07/31/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp977.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/977", "detail_available": true, "module_name": "nShield F2 4000, nShield F2 2000, nShield F2 500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nShield modules: nShield F2 4000, nShield F2 2000, and nShield F2 500 family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/976", "Certificate Number": "976", "Vendor Name": "SafeNet, Inc.", "Module Name": "DataSecure Appliance i430, i426, and i116", "Module Type": "Hardware", "Validation Date": "06/30/200811/06/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp976.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/976", "detail_available": true, "module_name": "DataSecure Appliance i430, i426, and i116", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Ingrian Networks DataSecure Appliance is a dedicated hardware product designed specifically for security and cryptographic processing, allowing organizations to protect structured and unstructured data, from within the data center out to remote locations, and ensure compliance with legislative and policy mandates for security. With its capabilities for granular encryption, seamless integration, and centralized key and policy management, DataSecure enables organizations to guard against a range of security threats, with unparalleled ease and cost effectiveness." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/975", "Certificate Number": "975", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 3201 Wireless Mobile Interface Card with thermal plates", "Module Type": "Hardware", "Validation Date": "06/30/200805/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp975.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/975", "detail_available": true, "module_name": "Cisco 3201 Wireless Mobile Interface Card with thermal plates", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The C3201WMIC-TPAK9 provides wireless connectivity for the Cisco 3200 Series Mobile Access Router. The module can be configured as 802.11g Wireless Access Point, 802.11g Wireless Root Bridge or 802.11g Wireless Work Group Bridge and supports the 802.11b/g wi-fi standards for communications, and 802.11i for security." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/974", "Certificate Number": "974", "Vendor Name": "Giesecke & Devrient", "Module Name": "Sm@rtCafé Expert 3.2", "Module Type": "Hardware", "Validation Date": "06/30/200801/11/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp974.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/974", "detail_available": true, "module_name": "Sm@rtCafé Expert 3.2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Giesecke & Devrient (G&D) Smart Card Chip Operating System Sm@rtCafé Expert 3.2 is a Java Card 2.2.1 and Global Platform v2.1.1 compliant smart card module supporting both contact and contactless interfaces. It also supports, at a minimum, RSA up to 2048 bits(RSA and RSA-CRT) with on-card key generation, Hash algorithms(including SHA256), SEED(128 bit), AES(up to 256 bits), DSA(up to 1024 bits), OAEP Padding and Triple-DES. The Sm@rtCafé Expert 3.2 is suitable for government and corporate identification, payment and banking, health care, and Web applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/973", "Certificate Number": "973", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F2 500 and nShield F2 10 PCI", "Module Type": "Hardware", "Validation Date": "06/30/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp973.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/973", "detail_available": true, "module_name": "nShield F2 500 and nShield F2 10 PCI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nShield modules: nShield F2 500 & nShield F2 10 PCI family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/972", "Certificate Number": "972", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "MiniHSM, MiniHSM for nShield Edge and MiniHSM for Time Stamp Master Clock", "Module Type": "Hardware", "Validation Date": "06/30/200805/28/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp972.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/972", "detail_available": true, "module_name": "MiniHSM, MiniHSM for nShield Edge and MiniHSM for Time Stamp Master Clock", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher MiniHSM is a fully featured HSM supplied in a single chip package. The MiniHSM offers all the security and key management features of other nCipher modules - but with reduced processing speed. The MiniHSM is an OEM part and will be included within other appliances or products, for example switches or routers. The MiniHSM's real time clock, also makes it suitable for use as a time-stamping engine." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/971", "Certificate Number": "971", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "MiniHSM [1], MiniHSM for nShield Edge [2] and MiniHSM for Time Stamp Master Clock [3]", "Module Type": "Hardware", "Validation Date": "06/30/200805/28/201007/02/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp971.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/971", "detail_available": true, "module_name": "MiniHSM [1], MiniHSM for nShield Edge [2] and MiniHSM for Time Stamp Master Clock [3]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher MiniHSM is a fully featured HSM supplied in a single chip package. The MiniHSM offers all the security and key management features of other nCipher modules - but with reduced processing speed. The MiniHSM is an OEM part and will be included within other appliances or products, for example switches or routers. The MiniHSM's real time clock, also makes it suitable for use as a time-stamping engine." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/970", "Certificate Number": "970", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F3 500, nShield F3 500 for NetHSM and nShield F3 10 PCI", "Module Type": "Hardware", "Validation Date": "06/24/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp970.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/970", "detail_available": true, "module_name": "nShield F3 500, nShield F3 500 for NetHSM and nShield F3 10 PCI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nShield modules: nShield F3 500, F3 500 for NetHSM, & nShield 10 family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/969", "Certificate Number": "969", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco MDS 9506, 9509, 9216i and 9513 Multi-Layer SAN Switches", "Module Type": "Hardware", "Validation Date": "06/24/200810/16/200905/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp969.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/969", "detail_available": true, "module_name": "Cisco MDS 9506, 9509, 9216i and 9513 Multi-Layer SAN Switches", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco MDS 9506, 9509, 9513, and 9216i deliver intelligent network services such as virtual storage-area networks (VSANs), comprehensive security, advanced traffic management, sophisticated diagnostics, and unified SAN management. In addition, these modules provide multiprotocol and multitransport integration and an open platform for embedding intelligent storage services such as network-based virtualization; as well as a multilayer approach to network and storage intelligence." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/968", "Certificate Number": "968", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F3 4000, nShield F3 2000, nShield F3 2000 for netHSM, nShield F3 500 and nShield F3 500 for netHSM", "Module Type": "Hardware", "Validation Date": "06/24/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp968.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/968", "detail_available": true, "module_name": "nShield F3 4000, nShield F3 2000, nShield F3 2000 for netHSM, nShield F3 500 and nShield F3 500 for netHSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nShield modules: nCipher 4000, nShield 2000, nShield 2000 for netHSM, nShield 500 and nShield 500 for netHSM family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/967", "Certificate Number": "967", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nToken", "Module Type": "Hardware", "Validation Date": "06/24/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp967.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/967", "detail_available": true, "module_name": "nToken", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher nToken Hardware Security Module improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/966", "Certificate Number": "966", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F3 500, nShield F3 500 for NetHSM and nShield F3 10 PCI", "Module Type": "Hardware", "Validation Date": "06/24/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp966.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/966", "detail_available": true, "module_name": "nShield F3 500, nShield F3 500 for NetHSM and nShield F3 10 PCI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher modules: nShield F3 500, Shield F3 500 for NetHSM, and nShield 10 family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/965", "Certificate Number": "965", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F3 4000, nShield F3 2000, nShield F3 2000 for netHSM, nShield F3 500 and nShield F3 500 for netHSM", "Module Type": "Hardware", "Validation Date": "06/24/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp965.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/965", "detail_available": true, "module_name": "nShield F3 4000, nShield F3 2000, nShield F3 2000 for netHSM, nShield F3 500 and nShield F3 500 for netHSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nShield modules: nCipher 4000, nShield 2000, nShield 2000 for netHSM, nShield 500, and nShield 500 for netHSM family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/964", "Certificate Number": "964", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Motorola Gold Elite Gateway Secure Card Crypto Engine (MGEG SCCE)", "Module Type": "Hardware", "Validation Date": "06/24/200812/08/201001/30/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp964.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/964", "detail_available": true, "module_name": "Motorola Gold Elite Gateway Secure Card Crypto Engine (MGEG SCCE)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The MGEG Secure Card is a cPCI device which performs encryption and decryption for all voice traffic through the Motorola Gold Elite Gateway (MGEG)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/963", "Certificate Number": "963", "Vendor Name": "Gemalto and ActivIdentity Inc.", "Module Name": "SafesITe TOP FIPS DM GX4 with ActivIdentity Digital Identity Applet Suite v2 for PIV", "Module Type": "Hardware", "Validation Date": "06/24/200807/09/200811/18/200805/11/201102/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp963.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/963", "detail_available": true, "module_name": "SafesITe TOP FIPS DM GX4 with ActivIdentity Digital Identity Applet Suite v2 for PIV", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This module is based on a Gemalto Dual Interface (ISO7816 & ISO14443) Open OS Smart Card with a large (72K EEPROM) memory, with a cryptographic applet suite V 2.6.2 developed by ActivIdentity. The SmartCard platform has on board Triple DES and RSA up to 2048 algorithms and provides X9.31 on board key generation. The Applet Suite provides services for authentication, access control, generic container and PKI. The module conforms to SP800-73-1 Transitional & End-Point Card Edge (for HSPD-12/PIV). The product allows issuance and post-issuance support for PIV End Point Card Edge and Data Model." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/962", "Certificate Number": "962", "Vendor Name": "ActivIdentity, Inc.", "Module Name": "ActivIdentity Digital Identity Applet Suite V2 for Extended PIV", "Module Type": "Hardware", "Validation Date": "06/12/200806/23/200802/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp962.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/962", "detail_available": true, "module_name": "ActivIdentity Digital Identity Applet Suite V2 for Extended PIV", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This version of the product can be used over contact and contactless interface (with some restrictions) and can be configured for use with ActivIdentity applet suite v2.6.2 for the support of GSC-IS v2.1, NIST SP800-73-1 Transitional and End-Point Card Edge (for HSPD-12/PIV). The product allows issuance and post-issuance support for PIV End Point Card Edge and Data Model. The validated product is similar to Applet v2.6.2a (FIPS 140-2 Cert. #880), but added the One Time Password applet." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/961", "Certificate Number": "961", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-5050 and FortiGate-5140", "Module Type": "Hardware", "Validation Date": "06/05/200806/13/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp961.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/961", "detail_available": true, "module_name": "FortiGate-5050 and FortiGate-5140", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "FortiGate Multi-Threat Security Solutions are dedicated, hardware-based devices that deliver complete content protection against blended threats at the network perimeter or within the internal network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/960", "Certificate Number": "960", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Cygnus X3 PSD Cryptographic Module", "Module Type": "Hardware", "Validation Date": "06/05/200805/18/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp960.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/960", "detail_available": true, "module_name": "Cygnus X3 PSD Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When configured with the listed FIPS-Approved algorithms", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The Pitney Bowes Cygnus X3 Postal Security Device (PSD) has been designed in compliance with FIPS 140-2 and IPMAR security protection profile in order to support the USPS IBIP and international digital indicia standards globally. The Cygnus X3 PSD Cryptographic Module employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes Postage Metering products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/959", "Certificate Number": "959", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeEnterpriseTM Encryptor, Model 650", "Module Type": "Hardware", "Validation Date": "06/05/200808/28/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp959.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/959", "detail_available": true, "module_name": "SafeEnterpriseTM Encryptor, Model 650", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeEnterpriseTM SONET Encryptor provides data privacy and access control for connections between vulnerable public and private SONET/SDH networks. It employs federally endorsed AES and Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in a SONET OC-192 network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/958", "Certificate Number": "958", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 3750G Integrated Wireless LAN Controller", "Module Type": "Hardware", "Validation Date": "06/05/200811/17/200808/22/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp958.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/958", "detail_available": true, "module_name": "Cisco Catalyst 3750G Integrated Wireless LAN Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 3750G Wireless LAN Controller provides centralized control and scalability for medium to large-scale wireless LAN networks and supports IEEE 802.11i wireless security and is Wi-Fi certified for WPA2. Cisco WLAN Controllers support voice, video, data services, intrusion protection (including Management Frame Protection (MFP), intelligent radio resource management and comply with the wireless security policies issued by the U.S. Federal Government and the U.S. Department of Defense (DoD)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/957", "Certificate Number": "957", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with Wireless Services Module (WiSM)", "Module Type": "Hardware", "Validation Date": "06/05/200811/17/200803/06/200908/22/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp957.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/957", "detail_available": true, "module_name": "Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with Wireless Services Module (WiSM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with Wireless Services Module (WiSM) provide unparalleled security, mobility, redundancy, centralized control and scalability for large-scale Government and Enterprise wireless LAN networks and supports the IEEE 802.11i wireless security standard in conjunction with meeting the Wi-Fi Alliances interoperability specification WPA2 to enable a Secure Wireless Architecture. The module supports voice, video and data services, location & asset tracking, integrated intrusion detection & intrusion protection and intelligent radio.", "algorithms": [ "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/956", "Certificate Number": "956", "Vendor Name": "AEP Networks", "Module Name": "AEP Advanced Configurable Cryptographic Environment (ACCE)", "Module Type": "Hardware", "Validation Date": "06/05/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp956.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/956", "detail_available": true, "module_name": "AEP Advanced Configurable Cryptographic Environment (ACCE)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 4, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "AEP Advanced Configurable Cryptographic Environment (ACCE) crypto module offers the next generation security platform for managing cryptographic keys and protecting sensitive applications. The ACCE crypto module is a hardware security module (HSM) designed for managing mission critical applications that demand maximum security. It is ideally suited for companies that need secure key management for certification authorities, registration authorities, OCSP responders, smart card issuers, web servers and other applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/955", "Certificate Number": "955", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 4402 and 4404 Wireless LAN Controllers", "Module Type": "Hardware", "Validation Date": "06/05/200811/17/200808/22/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp955.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/955", "detail_available": true, "module_name": "Cisco 4402 and 4404 Wireless LAN Controllers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 4400 Series Wireless LAN Controllers provide centralized control and scalability for medium to large-scale Government and Enterprise wireless LAN networks and support the IEEE 802.11i wireless security standard while meeting the Wi-Fi Alliances interoperability specification WPA2 for Secure Wireless Architecture. The Cisco WLAN Controllers support voice, video and data services, intrusion detection, intrusion protection and intelligent radio resource management and comply with the wireless security policies issued by the U.S. Federal Government and the Department of Defense (DoD)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/954", "Certificate Number": "954", "Vendor Name": "Trapeze Networks", "Module Name": "MX-200R-GS/MX-216R-GS Mobility Exchange WLAN Controllers", "Module Type": "Hardware", "Validation Date": "06/05/200811/13/200808/28/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp954.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/954", "detail_available": true, "module_name": "MX-200R-GS/MX-216R-GS Mobility Exchange WLAN Controllers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Trapeze Networks delivers Smart Mobile WLAN network solutions, enabling govt. agencies and enterprises to deploy and manage scalable, secure, mobile applications. It supports the IEEE 802.11i security specification and wireless IDS, application-aware switching, location tracking, voice and seamless indoor/outdoor mobility. The Smart Mobile family of wireless products includes high-performance Mobility Exchange® WLAN controllers and Mobility Point® access points for secure indoor and outdoor wireless networks, Mobility System Software« and RingMaster® lifecycle WLAN management software." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/953", "Certificate Number": "953", "Vendor Name": "Semtek Innovative Solutions Corporation", "Module Name": "Cipher Cryptographic Module", "Module Type": "Hardware", "Validation Date": "06/05/200806/23/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp953.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/953", "detail_available": true, "module_name": "Cipher Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The Cipher Cryptographic Module is a hardware module that provides physical protection for cryptographic keys and sensitive application code. The module can be used by point-of-sale manufacturers as a secure, drop-in solution to provide cardholder data encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/952", "Certificate Number": "952", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "MCC7500 Secure Card Crypto Engine Cryptographic Module", "Module Type": "Hardware", "Validation Date": "06/05/200806/05/200912/06/201001/30/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp952.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/952", "detail_available": true, "module_name": "MCC7500 Secure Card Crypto Engine Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The MCC7500 Secure Card Crypto Engine is a multiprocessor, cryptographic PCI card that provides encryption services for up to 60 audio streams for the Secure Operator Position (B1908) and Secure Archiving Interface Server (B1918). Each Secure Operator Position will contain one Secure Card providing encryption services for 60 simultaneous audio streams. Each Secure AIS will contain 1 or 2 Secure Cards providing encryption services for 60 or 120 audio streams, respectively. The Spare Crypto Card (B1924) may be used to upgrade an Operator Position or AIS." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/951", "Certificate Number": "951", "Vendor Name": "TANDBERG Telecom AS", "Module Name": "TANDBERG MXP Codec", "Module Type": "Firmware", "Validation Date": "05/22/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp951.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/951", "detail_available": true, "module_name": "TANDBERG MXP Codec", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The TANDBERG MXP Codec is the firmware installed on nineteen various TANDBERG codec servers supporting a full line of videoconferencing systems designed for medium-to-large groups, as well as individual desktops. The firmware provides secure video conferencing through encryption and authentication for point-to-point calls and multipoint calls with the speed of up to 768 kbps." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/950", "Certificate Number": "950", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiClient Crypto Module", "Module Type": "Software", "Validation Date": "05/22/200806/13/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp950.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/950", "detail_available": true, "module_name": "FortiClient Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip embedded", "description": "The FortiClient Crypto Module provides cryptographic services for Fortinet's FortiClient Host Security product (hereafter referred to as FortiClient). The primary purpose of the module is providing cryptographic support for FortiClient's IPSec feature. The module also provides cryptographic support for protecting FortiClient's critical security parameters, passwords and configuration information. The module is distributed as part of the FortiClient software package." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/949", "Certificate Number": "949", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiClient Crypto Module", "Module Type": "Software", "Validation Date": "05/22/200806/13/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp949.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/949", "detail_available": true, "module_name": "FortiClient Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip embedded", "description": "The FortiClient Crypto Module provides cryptographic services for Fortinet's FortiClient Host Security product (hereafter referred to as FortiClient). The primary purpose of the module is providing cryptographic support for FortiClient's IPSec feature. The module also provides cryptographic support for protecting FortiClient's critical security parameters, passwords and configuration information. The module is distributed as part of the FortiClient software package." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/948", "Certificate Number": "948", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Secure ACS FIPS Module", "Module Type": "Software", "Validation Date": "05/22/200808/22/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp948.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/948", "detail_available": true, "module_name": "Cisco Secure ACS FIPS Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Cisco Secure ACS FIPS Module is a software library that supports WPA2 security and is contained within a defined cryptographic boundary. It provides FIPS 140-2 validated support for EAP-TLS, EAP-FAST, PEAP and AES key wrap for 802.11i PMK transfer." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/947", "Certificate Number": "947", "Vendor Name": "Microsoft Corporation", "Module Name": "BitLocker™ Drive Encryption", "Module Type": "Software", "Validation Date": "05/22/200808/22/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp947.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/947", "detail_available": true, "module_name": "BitLocker™ Drive Encryption", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Microsoft Kernel Mode Security Support Provider Interface and Microsoft Windows Cryptographic Primitives Library (Bcrypt.dll) validated to FIPS 140-2 under Cert. #891 and Cert. #892 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Windows BitLocker Drive Encryption is a data protection feature available in Windows Vista Enterprise and Windows Vista Ultimate for client computers. BitLocker provides enhanced protection against data theft or exposure on computers that are lost or stolen, and more secure data deletion when BitLocker-protected computers are decommissioned." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/946", "Certificate Number": "946", "Vendor Name": "Authernative, Inc.", "Module Name": "Authernative® Cryptographic Module", "Module Type": "Software", "Validation Date": "05/16/200806/23/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp946.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/946", "detail_available": true, "module_name": "Authernative® Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Authernative Cryptographic Module is a software cryptographic module that is implemented as a software library. This software library provides cryptographic services for all Authernative products. The module provides FIPS-Approved cryptographic services for encryption, decryption, key generation, secure hashing, and random number generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/945", "Certificate Number": "945", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-50B", "Module Type": "Hardware", "Validation Date": "05/16/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp945.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/945", "detail_available": true, "module_name": "FortiGate-50B", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "FortiGate Multi-Threat Security Solutions are dedicated, hardware-based devices that deliver complete content protection against blended threats at the network perimeter or within the internal network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/944", "Certificate Number": "944", "Vendor Name": "Oberthur Card Systems", "Module Name": "Oberthur ID-One Cosmo 128 v5.5 D", "Module Type": "Hardware", "Validation Date": "05/16/200805/20/200806/23/200808/02/201012/07/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp944.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/944", "detail_available": true, "module_name": "Oberthur ID-One Cosmo 128 v5.5 D", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This new generation Oberthur Smart Card programmable module offers a highly secure architecture with state of the art on board cryptographic services that includes NSA SUITE-B cryptography for Top Secret classified information (symmetric encryption, message digest, and digital signature). Additional features include Logical Channels and Delegated Management. The module supports Java Card 2.2.2 and Global Platform 2.1.1.A and offers a full 128KB of EEPROM for customer data and keys. It is available with two communication interfaces (ISO 7816 for contact and ISO 14443 for contactless)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/943", "Certificate Number": "943", "Vendor Name": "SafeNet, Inc.", "Module Name": "iKey 4000 USB Token", "Module Type": "Hardware", "Validation Date": "05/16/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp943.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/943", "detail_available": true, "module_name": "iKey 4000 USB Token", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The iKey 4000 is a powerful and portable two-factor authentication USB device suited for applications demanding high security. The iKey 4000 offers wide range of authentication services together with the highest levels of security. It offers powerful implementations for public and secret key encryption supporting RSA, Diffie-Hellman, SHA-1, Triple-DES, and AES." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/942", "Certificate Number": "942", "Vendor Name": "Guidance Software, Inc.", "Module Name": "EnCase Enterprise Cryptographic Module", "Module Type": "Software", "Validation Date": "05/16/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp942.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/942", "detail_available": true, "module_name": "EnCase Enterprise Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Microsoft Enhanced Cryptographic Provider validated to FIPS 140-1 under Cert. #238 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "EnCase Enterprise has changed the landscape of enterprise and computer investigations by providing complete network visibility, immediate response and comprehensive, forensic-level analysis of servers and workstations anywhere on a network. EnCase« Enterprise is a scalable platform that integrates seamlessly with your existing systems to create an enterprise investigative infrastructure. This cutting-edge solution can be tailored to meet your unique needs, including the automation of time-consuming investigative processes, incident response and eDiscovery." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/941", "Certificate Number": "941", "Vendor Name": "Ericsson, Inc.", "Module Name": "AUC-10 GARP Cryptographic Module", "Module Type": "Hardware", "Validation Date": "05/16/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp941.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/941", "detail_available": true, "module_name": "AUC-10 GARP Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The AUC-10 GARP Cryptographic Module (CM) is a multi-chip embedded module composed of the AGEN2R WCDMA Authentication Vectors Generation application executing on an Ericsson proprietary Generic Application Regional Processor (GARP) board. The 3rd Generation Partner Project (3GPP) organization defines standards followed by the telephony industry for 3G networks (GSM and WCDMA). The Authentication Center (AUC) is the specific entity that provides authentication and ciphering data to the WCDMA system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/940", "Certificate Number": "940", "Vendor Name": "IBM® Corporation", "Module Name": "IBM System Storage TS1120 Tape Drive - Machine Type 3592, Model E05", "Module Type": "Hardware", "Validation Date": "05/16/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp940.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/940", "detail_available": true, "module_name": "IBM System Storage TS1120 Tape Drive - Machine Type 3592, Model E05", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The TS1120 / 3592 E05 Tape Drive provides full line speed, fully validated, hardware implemented, AES 256 bit encryption and compression of customer data recorded to tape. It ensures data confidentiality in the event of a lost tape while also supporting additional cryptographic functions for authentication and secure transfer of key material." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/939", "Certificate Number": "939", "Vendor Name": "Research In Motion Ltd.", "Module Name": "BlackBerry Cryptographic Kernel", "Module Type": "Firmware", "Validation Date": "04/23/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp939.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/939", "detail_available": true, "module_name": "BlackBerry Cryptographic Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-to-end solution. The BlackBerry Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/938", "Certificate Number": "938", "Vendor Name": "Imation Corp.", "Module Name": "Imation Secure Flash Drive Cryptographic Module", "Module Type": "Hardware", "Validation Date": "04/17/200802/24/200910/26/201104/24/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp938.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/938", "detail_available": true, "module_name": "Imation Secure Flash Drive Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "Files distributed with the module mounted within the CD Drive are excluded from the validation.", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The IronKey Secure Flash Drive has been designed to be the world's most secure flash drive. The onboard AES, RSA, SHA, and RNG engines deliver the gold standard in data and identity protection for consumers, enterprises, and government users alike. For more information, visit https://www.ironkey.com." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/937", "Certificate Number": "937", "Vendor Name": "Imation Corp.", "Module Name": "MXI Cryptographic NAND Controller (CNC)", "Module Type": "Hardware", "Validation Date": "04/17/200806/23/200806/01/201104/24/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp937.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/937", "detail_available": true, "module_name": "MXI Cryptographic NAND Controller (CNC)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The MXI Cryptographic NAND Controller (CNC) provides FIPS 140-2 Approved security functionality to DiskOnKey USB flash drives. The CNC employs Federal Information Processing Standard (FIPS 140-2) encryption and key management functionality to ensure the protection of data stored on FLASH memory. The module is a multi-chip embedded cryptographic module, as defined by FIPS 140-2, and consists of the S2 controller and an EEPROM. Both components are encased in a hard, opaque, production grade integrated circuit packaging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/936", "Certificate Number": "936", "Vendor Name": "Verbatim Americas LLC", "Module Name": "Store 'n' Go Corporate Secure FIPS", "Module Type": "Hardware", "Validation Date": "04/17/200806/23/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp936.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/936", "detail_available": true, "module_name": "Store 'n' Go Corporate Secure FIPS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Store 'n' Go Corporate Secure FIPS provides FIPS 140-2 Approved security functionality to DiskOnKey flash drives. The Store 'n' Go Corporate Secure FIPS employs Federal Information Processing Standard (FIPS 140-2) encryption and key management functionality to ensure the protection of data stored on DiskOnKey FLASH memory. The module is a multi-chip embedded cryptographic module, as defined by FIPS 140-2, and consists of the S2 controller and an EEPROM. Both components are encased in a hard, opaque, production grade integrated circuit packaging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/935", "Certificate Number": "935", "Vendor Name": "Tait Communications", "Module Name": "TEL_crypto_module", "Module Type": "Firmware", "Validation Date": "04/17/200804/26/201305/22/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp935.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/935", "detail_available": true, "module_name": "TEL_crypto_module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Single-chip", "description": "Firmware implementation of the Tait FIPS 140-2 Crypto module used in the Tait Electronics Ltd digital product range." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/934", "Certificate Number": "934", "Vendor Name": "Neopost Technologies", "Module Name": "PSD Model 105, 106, 115, 116, 125, 126, 127, 128, 101, 102, 111, 112, 121, 122, 130, 132, 137, 138", "Module Type": "Hardware", "Validation Date": "04/17/200809/12/200801/26/200906/18/200904/09/201007/02/201003/15/201107/05/201102/23/201204/12/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp934.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/934", "detail_available": true, "module_name": "PSD Model 105, 106, 115, 116, 125, 126, 127, 128, 101, 102, 111, 112, 121, 122, 130, 132, 137, 138", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Neopost PSD (Postal Secure Device) for Middle to High Range Franking Machines." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/933", "Certificate Number": "933", "Vendor Name": "Trapeze Networks", "Module Name": "MP-422F Mobility Point", "Module Type": "Hardware", "Validation Date": "04/08/200811/06/200808/28/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp933.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/933", "detail_available": true, "module_name": "MP-422F Mobility Point", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Trapeze Networks delivers Smart Mobile WLAN network solutions, enabling govt. agencies and enterprises to deploy and manage scalable, secure, mobile applications. It supports the IEEE 802.11i security specification and wireless IDS, application-aware switching, location tracking, voice and seamless indoor/outdoor mobility. The Smart Mobile family of wireless products includes high-performance Mobility Exchange® LAN controllers and Mobility Point® access points for secure indoor and outdoor wireless networks, Mobility System Software® and RingMaster® lifecycle WLAN management software." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/932", "Certificate Number": "932", "Vendor Name": "SanDisk Corporation", "Module Name": "S2 FIPS DiskOnKey Controller", "Module Type": "Hardware", "Validation Date": "04/08/200805/08/200806/23/200810/16/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp932.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/932", "detail_available": true, "module_name": "S2 FIPS DiskOnKey Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The SanDisk S2 FIPS DiskOnKey Controller provides FIPS 140-2 Approved security functionality to SanDisk DiskOnKey USB flash drives. The S2 FIPS DiskOnKey Controller employs Federal Information Processing Standard (FIPS 140-2) encryption and key management functionality to ensure the protection of data stored on DiskOnKey FLASH memory. The module is a multi-chip embedded cryptographic module, as defined by FIPS 140-2, and consists of the S2 controller and an EEPROM. Both components are encased in a hard, opaque, production grade integrated circuit packaging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/931", "Certificate Number": "931", "Vendor Name": "Secure Computing Corporation (Wholly owned subsidiary of McAfee, Inc.)", "Module Name": "Cryptographic Module for SecureOS® v9.7.1", "Module Type": "Software", "Validation Date": "03/31/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp931.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/931", "detail_available": true, "module_name": "Cryptographic Module for SecureOS® v9.7.1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Cryptographic Module for SecureOS® is software providing cryptographic services for applications on versions of Sidewinder® and Sidewinder G2® Security Appliance™. Sidewinder is a line of comprehensive network gateway security appliances consolidating a variety of Internet security functions including TrustedSource™, IPS, firewall, VPN, anti-virus, anti-spam, SSL decryption, and more. Sidewinder G2® is Common Criteria EAL4+ certified as compliant with the US DoD Application-level Firewall Protection Profile for Medium Robustness." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/930", "Certificate Number": "930", "Vendor Name": "Utimaco Inc.", "Module Name": "Atalla Cryptographic Subsystem (ACS)", "Module Type": "Hardware", "Validation Date": "04/14/200809/19/201101/25/201612/21/201712/04/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp930.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/930", "detail_available": true, "module_name": "Atalla Cryptographic Subsystem (ACS)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 4, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The ACS is a multi-chip embedded cryptographic module. It consists of a secure hardware platform (a full length PCI Card) and a secure firmware loader. The purpose of the module is to load application programs, called \"personalities,\" in a secure manner." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/929", "Certificate Number": "929", "Vendor Name": "Kingston Technology, Inc.", "Module Name": "Kingston S2 CM", "Module Type": "Hardware", "Validation Date": "03/18/200804/04/200806/23/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp929.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/929", "detail_available": true, "module_name": "Kingston S2 CM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Kingston S2 CM is the core component of this performance secure USB Flash Drive. All data stored in the userÆs private partition is encrypted in hardware without reducing performance. The Kingston S2 CM provides encryption, user authentication and access control independent of the host software and hardware." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/928", "Certificate Number": "928", "Vendor Name": "Comtech Mobile Datacom Corporation", "Module Name": "MTM-203 Satellite Mobile Transceiver", "Module Type": "Hardware", "Validation Date": "03/18/200804/29/200812/03/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp928.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/928", "detail_available": true, "module_name": "MTM-203 Satellite Mobile Transceiver", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "CMDC's MTM-203 is a small, low power L-Band satellite transceiver for power, weight and space-restrictive applications. The MTM-203 is designed for easy integration into systems that benefit from secure, near real-time, over-the-horizon communications. The MTM-203 is based on battlefield proven technology that enables many new applications, such as handheld and covert devices. The module provides messaging connectivity worldwide with other mobile and terrestrial connected users of CMDC's proprietary network. CMDC's products operate on a variety of satellite providers without reconfiguration." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/927", "Certificate Number": "927", "Vendor Name": "Mocana Corporation", "Module Name": "Mocana Cryptographic Module", "Module Type": "Software", "Validation Date": "03/14/200805/08/200806/05/200911/20/200912/08/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp927.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/927", "detail_available": true, "module_name": "Mocana Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Mocana Cryptographic Module is used in conjunction with Mocana's scalable, high performance embedded security solutions. These include: Mocana EAP supplicant/authenticator, Mocana SSL/TLS Client & Server, Mocana SSH Client & Server and Mocana IPsec/IKE." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/926", "Certificate Number": "926", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "03/11/200812/03/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp926.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/926", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/925", "Certificate Number": "925", "Vendor Name": "Athena Smartcard Inc.", "Module Name": "Athena IDProtect", "Module Type": "Hardware", "Validation Date": "03/14/200804/12/201305/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp925.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/925", "detail_available": true, "module_name": "Athena IDProtect", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Athena Smartcard Solutions is a global smart card company offering a wide range of smart card products and solutions for Government, Enterprise and Financial institutions. Athena's products include advanced smart card operating systems, cross-platform cryptographic middleware and innovative biometric and card management solutions as well as advanced smart card readers. Athena offers FIPS and VISA certified Java Card solutions for ID and Finance on various smart card silicon and in a variety of form-factors." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/924", "Certificate Number": "924", "Vendor Name": "Certicom Corp.", "Module Name": "Security Builder® FIPS Module", "Module Type": "Firmware", "Validation Date": "03/14/200803/06/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp924.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/924", "detail_available": true, "module_name": "Security Builder® FIPS Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The Security Builder® FIPS Module is a standards-based cryptographic toolkit that supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into both mobile and server-based applications. The Security Builder FIPS Module is part of the Certicom Security Architecture, a comprehensive cross-platform security solution which supports multiple cryptographic software and hardware providers with a single common API." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/923", "Certificate Number": "923", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "AirFortress® Wireless Security Gateways", "Module Type": "Hardware", "Validation Date": "02/29/200803/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp923.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/923", "detail_available": true, "module_name": "AirFortress® Wireless Security Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The AirFortress® Wireless Security Gateways are electronic encryption modules that enforces network access rights and encrypts and decrypts communication across a WLAN. Installed by the vendor onto a production-quality hardware platform and deployable on any LAN or WAN, the AirFortress« Wireless Security Gateways provide encryption, data integrity checking, authentication, access control, and data compression." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/922", "Certificate Number": "922", "Vendor Name": "Software House", "Module Name": "iSTAR eX Controller", "Module Type": "Hardware", "Validation Date": "02/29/200803/07/200802/10/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp922.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/922", "detail_available": true, "module_name": "iSTAR eX Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The iSTAR eX controller is a security door controller which is connected to at least one card reader and a door. The iSTAR eX controller works from a database stored internally in memory for determining access privilege of an individual. When a card is swiped by a reader the data goes to the iSTAR eX controller. The controller then sends a notify message to the access database to determine if access is allowed. If access is granted then the iSTAR eX controller sends an open command back to the door and access is granted. If access is not granted the door remains closed and locked." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/921", "Certificate Number": "921", "Vendor Name": "Sterling Commerce, Inc.", "Module Name": "Sterling Crypto-C", "Module Type": "Software", "Validation Date": "02/29/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp921.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/921", "detail_available": true, "module_name": "Sterling Crypto-C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Sterling Crypto-C is a software module implemented as two dynamic libraries. Sterling Crypto-C provides security capabilities, such as encryption, authentication, and signature generation and verification for Sterling Commerce's managed file transfer solutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/920", "Certificate Number": "920", "Vendor Name": "Security First Corp.", "Module Name": "SecureParser", "Module Type": "Software", "Validation Date": "02/29/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp920.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/920", "detail_available": true, "module_name": "SecureParser", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The SecureParser is a security and high data availability architecture delivered in the form of a software toolkit that provides cryptographic data splitting (data encryption, random or deterministic distribution to multiple shares including additional fault tolerant bits, key splitting, authentication, integrity, share reassembly, key restoration and decryption) of arbitrary data. During the split process, additional redundant data may be optionally written to each share enabling the capability of restoring the original data when all shares are not available." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/919", "Certificate Number": "919", "Vendor Name": "Hughes Network Systems, LLC", "Module Name": "Hughes Crypto Kernel", "Module Type": "Firmware", "Validation Date": "02/29/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp919.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/919", "detail_available": true, "module_name": "Hughes Crypto Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The Hughes Crypto Kernel (HCK) is a FIPS 140-2 Level 1 cryptographic module available for the Hughes HN and HX systems. The HCK enables the use of end-to-end bidirectional encryption between a remote site and the enterprise data center, while still enabling the use of all Hughes satellite acceleration features, as well as Hughes' advanced routing, prioritization and access control capabilities. The HCK uses AES 128 bit encryption to encrypt user traffic, uses IKE to dynamically generate session keys used for encryption, and ensures message authentication and integrity using HMAC-SHA-1." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/918", "Certificate Number": "918", "Vendor Name": "Open Source Software Institute", "Module Name": "OpenSSL FIPS Object Module", "Module Type": "Software", "Validation Date": "02/29/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp918.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/918", "detail_available": true, "module_name": "OpenSSL FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and specified in the provided Security Policy. Appendix B of the provided Security Policy specifies the complete set of source files of this module. There shall be no additions, deletions or alterations of this set as used during module build. All source files, including the specified OpenSSL distribution tar file, shall be verified as specified in Appendix B of the provided Security Policy. Installation, protection, and initialization shall be completed as specified in Appendix C of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a FIPS 140-2 non-compliant module.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The OpenSSL FIPS Object Module is a cryptographic library that can be downloaded from http://www.openssl.org/source/", "algorithms": [ "AES", "DES", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/917", "Certificate Number": "917", "Vendor Name": "CardLogix Corporation", "Module Name": "CardLogix Credentsys-J", "Module Type": "Hardware", "Validation Date": "02/13/200804/29/200802/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp917.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/917", "detail_available": true, "module_name": "CardLogix Credentsys-J", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "CREDENTSYS-J is a secure smart card that is designed for National ID systems and multi-use enterprise security environments. The CREDENTSYS-J card is based on Java Card TM 2.2.1 and Global Platform 2.1.1 architectures and is readily deployable into existing or new PKI environments. CREDENTSYS-J cards offer a combination of high performance and cost-effectiveness by running on advanced 32-bit RISC processor cores with TDES and PKI cryptographic accelerations." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/916", "Certificate Number": "916", "Vendor Name": "SafeNet, Inc.", "Module Name": "DataSecure Appliance i416, i426 and i116", "Module Type": "Hardware", "Validation Date": "02/29/200811/06/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp916.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/916", "detail_available": true, "module_name": "DataSecure Appliance i416, i426 and i116", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeNet DataSecure Appliance is a dedicated hardware product designed specifically for security and cryptographic processing, allowing organizations to protect structured and unstructured data, from within the data center out to remote locations, and ensure compliance with legislative and policy mandates for security. With its capabilities for granular encryption, seamless integration, and centralized key and policy management, DataSecure enables organizations to guard against a range of security threats, with unparalleled ease and cost effectiveness." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/915", "Certificate Number": "915", "Vendor Name": "Hughes Network Systems, LLC", "Module Name": "Hughes Crypto Kernel", "Module Type": "Software", "Validation Date": "02/13/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp915.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/915", "detail_available": true, "module_name": "Hughes Crypto Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Hughes Crypto Kernel (HCK) is a FIPS 140-2 Level 1 cryptographic module available for the Hughes HN and HX systems. The HCK enables the use of end-to-end bidirectional encryption between a remote site and the enterprise data center, while still enabling the use of all Hughes satellite acceleration features, as well as Hughes' advanced routing, prioritization and access control capabilities. The HCK uses AES 128 bit encryption to encrypt user traffic, uses IKE to dynamically generate session keys used for encryption, and ensures message authentication and integrity using HMAC-SHA-1." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/914", "Certificate Number": "914", "Vendor Name": "Focus Systems Corporation", "Module Name": "C4CS Lite and CSL software cryptographic modules", "Module Type": "Software", "Validation Date": "02/07/200808/29/200808/25/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp914.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/914", "detail_available": true, "module_name": "C4CS Lite and CSL software cryptographic modules", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "C4CS Lite and CSL are software cryptographic modules that provide symmetric/asymmetric ciphers, hash functions, and secret sharing schemes in FIPS mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/913", "Certificate Number": "913", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Aironet LWAPP AP1131AG and AP1242AG Wireless LAN Access Points", "Module Type": "Hardware", "Validation Date": "02/07/200803/07/200811/06/200808/22/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp913.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/913", "detail_available": true, "module_name": "Cisco Aironet LWAPP AP1131AG and AP1242AG Wireless LAN Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco LWAPP Aironet 1131 & 1242 access points deliver the versatility, high capacity, security, and enterprise-class features required for small, medium and large Government deployments. In FIPS 140-2 mode of operation, the Cisco APs support the LWAPP, MFP, IEEE 802.11i & IEEE 802.1x standards & AES for WPA2 encryption. WPA2 is the Wi-Fi Alliance certification for interoperable, standards-based WLAN security. The Cisco APs are also Wi-FI CERTIFIED for IEEE 802.11a, IEEE 802.11b and IEEE 802.11g radio standards." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/912", "Certificate Number": "912", "Vendor Name": "Sterling Commerce, Inc.", "Module Name": "Sterling FIPS Crypto-J Module", "Module Type": "Software", "Validation Date": "03/12/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp912.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/912", "detail_available": true, "module_name": "Sterling FIPS Crypto-J Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Sterling FIPS Crypto-J Module is a cryptographic toolkit for Java language users, providing services of various cryptographic algorithms such as hash algorithms, encryption schemes, message authentication, and public key cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/910", "Certificate Number": "910", "Vendor Name": "IBM® Corporation", "Module Name": "IBM CryptoLite for Java", "Module Type": "Software", "Validation Date": "02/07/200803/07/200806/24/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp910.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/910", "detail_available": true, "module_name": "IBM CryptoLite for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The IBM CryptoLite for Java (CLiJ) v4 is a Java Cryptographic Extension (JCE) compliant cross-platform software library which provides APIs for the cryptographic functions specified in NSA Suite B. CLiJ includes specific high performance implementations of a number of cryptographic algorithms and services. CliJ has highly optimized elliptic curve operations and very efficient implementation of finite field arithmetic.CLiJ can be used on any JVM running Java version 1.5 or higher. CLiJ is compliant with ANSI X9.62, ANSI X9.63 and IEEE 1363." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/909", "Certificate Number": "909", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Pitney Bowes Cryptographic Coprocessor for Virtual Meter (CCV)", "Module Type": "Hardware", "Validation Date": "02/07/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp909.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/909", "detail_available": true, "module_name": "Pitney Bowes Cryptographic Coprocessor for Virtual Meter (CCV)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated with module IBM eServer Cryptographic Coprocessor Security Module validated to FIPS 140-2 under Cert. #661 and operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Pitney Bowes Cryptographic Coprocessor for Virtual Meter (CCV) module provides security services to support the secure accounting and cryptographic functions necessary for value evidencing of electronic transactions, such as the United States Postal Service Information-Based Indicium Program (USPS IBIP)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/908", "Certificate Number": "908", "Vendor Name": "GlobalSCAPE, Inc.", "Module Name": "GlobalSCAPE® Cryptographic Module", "Module Type": "Software", "Validation Date": "02/07/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp908.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/908", "detail_available": true, "module_name": "GlobalSCAPE® Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The GlobalSCAPE® Cryptographic Module (GSCM) provides cryptographic services for the GlobalSCAPE family of software products such as Secure FTP Server and EFT Server. The services include symmetric/asymmetric encryption/decryption, digital signatures, message digest, message authentication, random number generation, and SSL/TLS support. The GSCM is intended for use by applications through the moduleÆs Application Programming Interface (API), which is based on the OpenSSL API defined by the OpenSSL Project.", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/907", "Certificate Number": "907", "Vendor Name": "Focus Systems Corporation", "Module Name": "C4CS Lite and CSL software cryptographic modules", "Module Type": "Software", "Validation Date": "02/07/200808/29/200808/25/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp907.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/907", "detail_available": true, "module_name": "C4CS Lite and CSL software cryptographic modules", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "C4CS Lite and CSL are software cryptographic modules that provide symmetric/asymmetric ciphers, hash functions, and secret sharing schemes in FIPS mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/906", "Certificate Number": "906", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "ASA 5505 and ASA 5550", "Module Type": "Hardware", "Validation Date": "01/25/200803/06/200905/18/200905/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp906.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/906", "detail_available": true, "module_name": "ASA 5505 and ASA 5550", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/905", "Certificate Number": "905", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-200A/200A-HD, FortiGate-300A/300A-HD, FortiGate-500A/500A-HD and FortiGate-800", "Module Type": "Hardware", "Validation Date": "01/25/200802/21/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp905.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/905", "detail_available": true, "module_name": "FortiGate-200A/200A-HD, FortiGate-300A/300A-HD, FortiGate-500A/500A-HD and FortiGate-800", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "FortiGate Multi-Threat Security Solutions are dedicated, hardware-based devices that deliver complete content protection against blended threats at the network perimeter or within the internal network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/904", "Certificate Number": "904", "Vendor Name": "Foundry Networks", "Module Name": "Foundry Networks FIPS 140-2 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "01/23/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp904.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/904", "detail_available": true, "module_name": "Foundry Networks FIPS 140-2 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Foundry Networks FIPS 140-2 Cryptographic Modules resides on PCI card and provides cryptographic key protection and acceleration for both asymmetric and symmetric encryption operations. It is contained in its own secure enclosure that provides physical resistance to tampering and zeroization of plaintext cryptographic material in the event the enclosure is opened.", "algorithms": [ "AES", "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/903", "Certificate Number": "903", "Vendor Name": "Foundry Networks", "Module Name": "Foundry Networks FIPS 140-2 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "01/23/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp903.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/903", "detail_available": true, "module_name": "Foundry Networks FIPS 140-2 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Foundry Networks FIPS 140-2 Cryptographic Module resides on a PCI card and provides cryptographic key protection and acceleration for both asymmetric and symmetric encryption operations. It is contained in its own secure enclosure that provides physical resistance to tampering and zeroization of plaintext cryptographic material in the event the enclosure is opened.", "algorithms": [ "AES", "DES", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/902", "Certificate Number": "902", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks NetScreen-5GT", "Module Type": "Hardware", "Validation Date": "01/23/200807/10/200805/18/200901/20/201112/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp902.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/902", "detail_available": true, "module_name": "Juniper Networks NetScreen-5GT", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The NetScreen-5GT appliance is a feature-rich, enterprise-class, network security solution that integrates a complete set of best-in-class UTM security features including IPS, Antivirus (includes Anti-Spyware, Anti-Adware, Anti-Phishing), Anti-Spam, and Web Filtering which allow the NetScreen-5GT to defend the network against worms, Spyware, Trojans, malware and other emerging attacks. The NetScreen-5GT Ethernet solution is ideal for environments that need hardwired connectivity backed by robust network, application and payload level security." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/901", "Certificate Number": "901", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks NetScreen-500", "Module Type": "Hardware", "Validation Date": "01/16/200807/10/200805/18/200901/20/201112/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp901.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/901", "detail_available": true, "module_name": "Juniper Networks NetScreen-500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The NetScreen-500 is a purpose-built, security system designed to provide a flexible, high performance solution for medium and large enterprise central sites and service providers. The NetScreen-500 security system integrates firewall, DoS, VPN and traffic management functionality in a low-profile, modular chassis. It provides high levels of total throughput for firewall and VPN plus support for virtual systems and security zones." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/900", "Certificate Number": "900", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SSG 5 and SSG 20", "Module Type": "Hardware", "Validation Date": "01/16/200807/10/200805/18/200901/20/201112/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp900.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/900", "detail_available": true, "module_name": "Juniper Networks SSG 5 and SSG 20", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Juniper Networks Secure Services Gateway 5 (SSG 5) and Secure Services Gateway 20 (SSG 20) are purpose-built security appliances that deliver a perfect blend of performance, security and LAN\\WAN connectivity for small branch office and small business deployments. Traffic flowing in and out of the branch office can be protected from worms, Spyware, Trojans, and malware by a complete set of Universal Threat Management (UTM) security features including Stateful firewall, IPSec VPN, IPS, Antivirus (includes Anti-Spyware, Anti-Adware, Anti-Phishing), Anti-Spam, and Web Filtering." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/899", "Certificate Number": "899", "Vendor Name": "IBM® Corporation", "Module Name": "IBM CryptoLite for C", "Module Type": "Software", "Validation Date": "01/16/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp899.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/899", "detail_available": true, "module_name": "IBM CryptoLite for C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "IBM CryptoLite is a C software package providing advanced cryptographic services in a very small footprint. CryptoLite supports public key encryption, digital signatures, symmetric ciphers, hash functions, message authentication codes, and other cryptographic algorithms through a simple programming interface. There are no runtime dependencies and the code has been optimized for high performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/898", "Certificate Number": "898", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks NetScreen-204 and NetScreen-208", "Module Type": "Hardware", "Validation Date": "01/16/200807/10/200805/18/200901/20/201112/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp898.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/898", "detail_available": true, "module_name": "Juniper Networks NetScreen-204 and NetScreen-208", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Juniper Networks NetScreen-200 Series is one of the most versatile pair of security appliances available today. They easily integrate and secure many different network environments, including medium and large enterprise offices, e-business sites, data centers, and carrier infrastructure. Complete with either four or eight auto-sensing 10/100 Base-T Ethernet ports, the NetScreen-200 Series performs firewall functions at wire speed (375 Mbps on the NetScreen-204 and NetScreen-208)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/897", "Certificate Number": "897", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks NetScreen-5200 and NetScreen-5400", "Module Type": "Hardware", "Validation Date": "01/16/200807/10/200805/18/200901/20/201112/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp897.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/897", "detail_available": true, "module_name": "Juniper Networks NetScreen-5200 and NetScreen-5400", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Juniper Networks NetScreen-5000 series is a line of purpose-built, high-performance firewall/VPN security systems designed to deliver a new level of high-performance capabilities for large enterprise, carrier, and data center networks. The NetScreen-5000 series consists of two products: the 2-slot NetScreen-5200 system and the 4-slot NetScreen-5400 system. NetScreen-5000 security systems integrate firewall, VPN, DoS and DDoS protection, and traffic-management functionality, in a low-profile modular chassis." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/896", "Certificate Number": "896", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks ISG 1000 and ISG 2000", "Module Type": "Hardware", "Validation Date": "01/16/200807/10/200805/18/200901/20/201112/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp896.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/896", "detail_available": true, "module_name": "Juniper Networks ISG 1000 and ISG 2000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Juniper Networks NetScreen ISG 1000 and ISG 2000 are Internet security devices that integrate firewall, virtual private networking (VPN), and traffic shaping functions. Through the VPN, the NetScreen ISG devices provide the following: IPSec standard security, Triple-DES, and Advanced Encryption Standard (AES) encryption, Manual and automated IKE (ISAKMP), and Use of RSA and DSA certificates." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/895", "Certificate Number": "895", "Vendor Name": "Xirrus, Inc.", "Module Name": "Xirrus Wireless LAN Array", "Module Type": "Hardware", "Validation Date": "01/10/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp895.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/895", "detail_available": true, "module_name": "Xirrus Wireless LAN Array", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Xirrus Wireless LAN Array represents the next generation in enterprise wireless LAN architecture - combining the functionality of a WLAN switch and Integrated Access Points (IAPs) in a single device. The WLAN Array delivers Gigabit-class Wi-Fi bandwidth to an extended coverage area simplifying the wireless LAN setup." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/894", "Certificate Number": "894", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Vista Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)", "Module Type": "Software", "Validation Date": "01/10/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp894.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/894", "detail_available": true, "module_name": "Windows Vista Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #890 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "DSSENH encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. Software developers dynamically link the Microsoft DSSENH module into their applications to provide FIPS 140-2 compliant cryptographic support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/893", "Certificate Number": "893", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Vista Enhanced Cryptographic Provider (RSAENH)", "Module Type": "Software", "Validation Date": "01/10/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp893.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/893", "detail_available": true, "module_name": "Windows Vista Enhanced Cryptographic Provider (RSAENH)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #890 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSAENH encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. Developers dynamically link the Microsoft RSAENH module into their applications to provide FIPS 140-2 compliant cryptographic support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/892", "Certificate Number": "892", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Windows Cryptographic Primitives Library (bcrypt.dll)", "Module Type": "Software", "Validation Date": "01/10/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp892.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/892", "detail_available": true, "module_name": "Microsoft Windows Cryptographic Primitives Library (bcrypt.dll)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #890 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "BCRYPT.DLL provides cryptographic services, through its documented interfaces, to Windows Vista components and applications running on Windows Vista. The cryptographic module, BCRYPT.DLL, encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CNG (Cryptography, Next Generation) API. It can be dynamically linked into applications by software developers to permit the use of general-purpose FIPS 140-2 compliant cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/891", "Certificate Number": "891", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Kernel Mode Security Support Provider Interface (ksecdd.sys)", "Module Type": "Software", "Validation Date": "01/10/200810/16/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp891.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/891", "detail_available": true, "module_name": "Microsoft Kernel Mode Security Support Provider Interface (ksecdd.sys)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #890 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "KSECDD.SYS runs as a kernel mode export driver, and provides cryptographic services, through their documented interfaces, to Windows Vista kernel components. It supports several cryptographic algorithms accessible via a FIPS function table request irp (I/O request packet)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/890", "Certificate Number": "890", "Vendor Name": "Microsoft Corporation", "Module Name": "Code Integrity (ci.dll)", "Module Type": "Software", "Validation Date": "01/10/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp890.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/890", "detail_available": true, "module_name": "Code Integrity (ci.dll)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Winload OS Loader (winload.exe) validated to FIPS 140-2 under Cert. #889 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This is a dynamically linked library that runs as ntoskrnl.exe. It verifies the integrity of executable files, including kernel mode drivers, critical system components and user mode crypto modules, before these files are loaded from disk into memory by the memory manager." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/889", "Certificate Number": "889", "Vendor Name": "Microsoft Corporation", "Module Name": "Winload OS Loader (winload.exe)", "Module Type": "Software", "Validation Date": "01/10/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp889.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/889", "detail_available": true, "module_name": "Winload OS Loader (winload.exe)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Boot Manager (bootmgr) validated to FIPS 140-2 under Cert. #888 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This is the OS loader. It loads the boot-critical driver image files and the OS kernel image file itself." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/888", "Certificate Number": "888", "Vendor Name": "Microsoft Corporation", "Module Name": "Boot Manager (bootmgr)", "Module Type": "Software", "Validation Date": "01/10/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp888.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/888", "detail_available": true, "module_name": "Boot Manager (bootmgr)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This is the system boot manager, called by the bootstrapping code that resides in the boot sector. It checks its own integrity and then checks the integrity of the OS loader and launches it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/887", "Certificate Number": "887", "Vendor Name": "ARX (Algorithmic Research)", "Module Name": "CoSign", "Module Type": "Hardware", "Validation Date": "01/07/200803/07/200810/02/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp887.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/887", "detail_available": true, "module_name": "CoSign", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "CoSign is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organizationÆs end-users. End-users will connect securely to CoSign from their PC for the purpose of signing documents and data." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/886", "Certificate Number": "886", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "Fortress Secure Client Bridge", "Module Type": "Hardware", "Validation Date": "01/07/200803/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp886.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/886", "detail_available": true, "module_name": "Fortress Secure Client Bridge", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Fortress Secure Client Bridge is a hardware module designed to deliver security on wireless and wired devices that cannot run the Fortress Secure Client software. A plug-and-play solution, the Secure Client Bridge encrypts and decrypts communication across the WLAN and LAN and protects the device against attacks without user intervention." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/885", "Certificate Number": "885", "Vendor Name": "L-3 Communications Linkabit", "Module Name": "MPM-1000, 70 MHz Layout 1; MPM-1000, 70 MHz Layout 2; and MPM-1000, L-Band", "Module Type": "Hardware", "Validation Date": "01/07/200802/23/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp885.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/885", "detail_available": true, "module_name": "MPM-1000, 70 MHz Layout 1; MPM-1000, 70 MHz Layout 2; and MPM-1000, L-Band", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The MPM-1000 is a dual-use civilian/military modem used to transport IP data traffic over satellite communication links using a secure Multi-Frequency Time Division Multiple Access (MF-TDMA) protocol. The MPM-1000 also functions as a MIL-STD-165A modem for use in Single Channel Per Carrier (SCPC) Frequency Division Multiple Access (FDMA) satellite communications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/884", "Certificate Number": "884", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks SSG 520M and SSG 550M", "Module Type": "Hardware", "Validation Date": "12/14/200707/10/200805/18/200901/20/201112/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp884.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/884", "detail_available": true, "module_name": "Juniper Networks SSG 520M and SSG 550M", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Juniper Networks Secure Services Gateway 500 Series (SSG) represents a new class of purpose-built security appliance that delivers a perfect mix of performance, security and LAN/WAN connectivity for regional and branch office deployments. Traffic flowing in and out of the branch office is protected from worms, Spyware, Trojans, and malware by a complete set of Unified Threat Management (UTM) security features including Stateful firewall, IPSec VPN, IPS, Antivirus (includes Anti-Spyware, Anti-Adware, Anti-Phishing), Anti-Spam, and Web Filtering." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/883", "Certificate Number": "883", "Vendor Name": "TriCipher, Inc.", "Module Name": "TriCipher Common Core Cryptographic Module", "Module Type": "Software", "Validation Date": "12/14/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp883.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/883", "detail_available": true, "module_name": "TriCipher Common Core Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The CCCM provides all cryptographic functionality used by TriCipher's ID Tool, APIs and other client-side products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/882", "Certificate Number": "882", "Vendor Name": "Certicom Corp.", "Module Name": "Security Builder® FIPS Module", "Module Type": "Software", "Validation Date": "12/14/200711/06/200803/06/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp882.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/882", "detail_available": true, "module_name": "Security Builder® FIPS Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Security Builder® FIPS Module is a standards-based cryptographic toolkit that supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into both mobile and server-based applications. The Security Builder FIPS Module is part of the Certicom Security Architecture, a comprehensive cross-platform security solution which supports multiple cryptographic software and hardware providers with a single common API." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/881", "Certificate Number": "881", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "AirFortress® Wireless Security Gateway", "Module Type": "Hardware", "Validation Date": "11/30/200703/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp881.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/881", "detail_available": true, "module_name": "AirFortress® Wireless Security Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The AirFortress® Wireless Security Gateway is an electronic encryption module that enforces network access rights and encrypts and decrypts communication across a WLAN. Installed by the vendor onto a production-quality hardware platform and deployable on any LAN or WAN, the AirFortress® Wireless Security Gateway provides encryption, data integrity checking, authentication, access control, and data compression." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/880", "Certificate Number": "880", "Vendor Name": "ActivIdentity, Inc.", "Module Name": "ActivIdentity Digital Identity Applet Suite V2 for PIV", "Module Type": "Hardware", "Validation Date": "11/30/200712/18/200701/25/200804/29/200802/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp880.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/880", "detail_available": true, "module_name": "ActivIdentity Digital Identity Applet Suite V2 for PIV", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This version of the product can be used over contact and contactless interface (with some restrictions) and can be configured to use with ActivIdentity applet suite v2.6.2 for the support of GSC-IS v2.1, NIST SP800-73-1 Transitional and End-Point Card Edge (for HSPD-12/PIV). The product allows issuance and post-issuance support for PIV End Point Card Edge and Data Model." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/879", "Certificate Number": "879", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "PIX 515 and PIX 515E", "Module Type": "Hardware", "Validation Date": "11/30/200705/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp879.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/879", "detail_available": true, "module_name": "PIX 515 and PIX 515E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The market-leading Cisco PIX and ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. Cisco PIX Security Appliances and ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes.", "algorithms": [ "AES", "DES", "ECDH", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/878", "Certificate Number": "878", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "Fortress Secure Client", "Module Type": "Software", "Validation Date": "11/30/200704/04/200808/11/200911/20/200903/26/201008/20/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp878.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/878", "detail_available": true, "module_name": "Fortress Secure Client", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Fortress Secure Client is a software module designed to deliver security on wireless devices such as bar scanners, handhelds, and laptops using various operating systems. A plug-and-play solution, the Client encrypts and decrypts communication across the WLAN and protects the device against attacks without user intervention." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/877", "Certificate Number": "877", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "7206VXR NPE-G1, 7206VXR NPE-G2 and 7301 with VAM2+ and 7206VXR NPE-G2 with VSA", "Module Type": "Hardware", "Validation Date": "11/30/200712/18/200705/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp877.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/877", "detail_available": true, "module_name": "7206VXR NPE-G1, 7206VXR NPE-G2 and 7301 with VAM2+ and 7206VXR NPE-G2 with VSA", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cisco Modular Access Routers are routers that provide data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/876", "Certificate Number": "876", "Vendor Name": "Motorola, Inc.", "Module Name": "KVL 3000 Plus", "Module Type": "Hardware", "Validation Date": "11/30/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp876.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/876", "detail_available": true, "module_name": "KVL 3000 Plus", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The KVL 3000 Plus is a portable key distribution device. Encryption keys can be loaded into the KVL manually through its keypad interface or transferred from a Key Management Facility through its serial interface. These keys can then be distributed to various secure communications equipment such as mobile and portable radios, base stations, zone controllers, data controllers, and other fixed network devices. The KVL also includes a PCMCIA interface for software upgrades." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/875", "Certificate Number": "875", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Server 2003 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)", "Module Type": "Software", "Validation Date": "11/30/200712/18/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp875.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/875", "detail_available": true, "module_name": "Windows Server 2003 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Windows Server 2003 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) is a FIPS 140-2 compliant, software-based, cryptographic module. DSSENH encapsulates several different cryptographic algorithms (including SHA-1, 3DES, DSA and Diffie-Hellman) in a cryptographic module accessible via the Microsoft CryptoAPI (CAPI)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/874", "Certificate Number": "874", "Vendor Name": "3e Technologies International, Inc.", "Module Name": "3e Cryptographic Kernel Library", "Module Type": "Software", "Validation Date": "11/30/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp874.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/874", "detail_available": true, "module_name": "3e Cryptographic Kernel Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Cryptographic Kernel Library (CKL) is a software module that implements a set of cryptographic algorithms for use by a software application. The 3eTI CKL is a binary dynamic link library that is compiled from source code written in C, C++. This binary library resides in Windows kernel space." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/873", "Certificate Number": "873", "Vendor Name": "Rockwell Collins, Inc.", "Module Name": "Common Crypto Circuit Card Assembly", "Module Type": "Hardware", "Validation Date": "11/30/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp873.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/873", "detail_available": true, "module_name": "Common Crypto Circuit Card Assembly", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Common Crypto Circuit Card Assembly is a module designed for use in Link 16 communication platforms. The module can be used in an external cryptographic application or embedded in an internal application. The module hosts four commercial cryptographic algorithms for data encryption/decryption. The algorithms are stored in memory. One of the four algorithms is selected for use and loaded. The module accepts up to eight keys which are externally generated and loaded. The AES algorithm operates in a FIPS-approved mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/872", "Certificate Number": "872", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "PIX 525 and PIX 535", "Module Type": "Hardware", "Validation Date": "11/27/200705/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp872.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/872", "detail_available": true, "module_name": "PIX 525 and PIX 535", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The market-leading Cisco PIX and ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. Cisco PIX Security Appliances and ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes.", "algorithms": [ "AES", "DES", "DSA", "ECDH", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/871", "Certificate Number": "871", "Vendor Name": "Cavium Networks", "Module Name": "Nitrox XL NFB FIPS Cryptographic Modules", "Module Type": "Hardware", "Validation Date": "11/27/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp871.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/871", "detail_available": true, "module_name": "Nitrox XL NFB FIPS Cryptographic Modules", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Nitrox XL NFB FIPS Cryptographic Module is a cryptographic module integrated into a PCI card that provides cryptographic key protection and acceleration for both asymmetric and symmetric encryption operations. It is contained in its own secure enclosure that provides physical resistance to tampering and zeroization of plaintext cryptographic material in the event the enclosure is opened.", "algorithms": [ "AES", "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/870", "Certificate Number": "870", "Vendor Name": "Cavium Networks", "Module Name": "Nitrox XL NFB FIPS Cryptographic Modules", "Module Type": "Hardware", "Validation Date": "11/27/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp870.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/870", "detail_available": true, "module_name": "Nitrox XL NFB FIPS Cryptographic Modules", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Cavium Nitrox NFB Cryptographic Modules are a cryptographic component of the Nitrox PCI acceleration board that provides cryptographic key protection and acceleration for both asymmetric and symmetric encryption operations. It is contained in its own secure enclosure that provides physical resistance to tampering and zeroization of plaintext cryptographic material in the event the enclosure is opened.", "algorithms": [ "AES", "DES", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/869", "Certificate Number": "869", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Server 2003 Kernel Mode Cryptographic Module (FIPS.SYS)", "Module Type": "Software", "Validation Date": "11/27/200712/18/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp869.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/869", "detail_available": true, "module_name": "Windows Server 2003 Kernel Mode Cryptographic Module (FIPS.SYS)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Kernel Mode Cryptographic Module (FIPS.SYS) is a FIPS 140-2 Level 1 compliant, general-purpose, software-based, cryptographic module residing at the Kernel Mode level of the Windows Operating System. It runs as a kernel mode export driver (a kernel-mode DLL) and encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible by other kernel mode drivers. It can be linked into other kernel mode services to permit the use of FIPS 140-2 Level 1 compliant cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/868", "Certificate Number": "868", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Server 2003 Enhanced Cryptographic Provider (RSAENH)", "Module Type": "Software", "Validation Date": "11/19/200712/18/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp868.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/868", "detail_available": true, "module_name": "Windows Server 2003 Enhanced Cryptographic Provider (RSAENH)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Microsoft Enhanced Cryptographic Provider is a FIPS 140-2 compliant, software-based, cryptographic module. RSAENH encapsulates several different cryptographic algorithms (including SHA-1, 3DES, AES, RSA, HMAC) in a cryptographic module accessible via the Microsoft CryptoAPI." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/867", "Certificate Number": "867", "Vendor Name": "Chunghwa Telecom Co., Ltd.", "Module Name": "HICOS PKI Smart Card Chip", "Module Type": "Hardware", "Validation Date": "11/19/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp867.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/867", "detail_available": true, "module_name": "HICOS PKI Smart Card Chip", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The HICOS PKI Smart Card Chip module is a single chip implementation of a cryptographic module. The HICOS PKI Smart Card Chip module is mounted in an ID-1 class smart card body that adheres to ISO/IEC specifications for Integrated Circuit Chip (ICC) based identification cards. The HICOS PKI Smart Card Chip cryptographic module contains an implementation of the Open Platform (OP) Version 2.0.1 specification defining a secure infrastructure for post-issuance programmable smart card chips." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/866", "Certificate Number": "866", "Vendor Name": "3e Technologies International, Inc.", "Module Name": "3e-527A3 AirGuard™ Wireless Access Point,\n3e-527A3 AirGuard™ Wireless Access Point with Outdoor Option and\n3e-527A3MP AirGuard™ Wireless Access Point with Mobile Power", "Module Type": "Hardware", "Validation Date": "11/27/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp866.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/866", "detail_available": true, "module_name": "3e-527A3 AirGuard™ Wireless Access Point, 3e-527A3 AirGuard™ Wireless Access Point with Outdoor Option and 3e-527A3MP AirGuard™ Wireless Access Point with Mobile Power", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The 3e-527A3 is a device that consists of electronic hardware, firmware, and a strong metal case. For purposes of FIPS 140-2, the module is considered to be a multi-chip standalone product. The 3e-527A3 operates as either a gateway connecting a local area network to wide area network (WAN) or as an access point within a local area network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/865", "Certificate Number": "865", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-C Micro Edition (ME)", "Module Type": "Software", "Validation Date": "11/19/200712/20/200701/04/200810/16/200804/03/200908/20/201009/07/201003/28/201101/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp865.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/865", "detail_available": true, "module_name": "RSA BSAFE® Crypto-C Micro Edition (ME)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Crypto-C Micro Edition (ME) Module is RSA Security Inc.'s cryptographic library designed for securing mobile devices like wireless phones and personal digital assistants. It contains assembly-level optimizations on key wireless processors. Its functionality includes a wide range of data encryption and signing algorithms, including Triple-DES, the Advanced Encryption Standard (AES) algorithm, the RSA Public Key Cryptosystem, the DSA government signature algorithm, MD5 and SHA1 message digest routines, and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/864", "Certificate Number": "864", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Key Management Facility Crypto Card (KMF CC)", "Module Type": "Hardware", "Validation Date": "11/13/200702/10/201101/30/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp864.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/864", "detail_available": true, "module_name": "Key Management Facility Crypto Card (KMF CC)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The KMF CC provides encryption and decryption services for secure key management and Over-the-Air-Rekeying (OTAR) for Motorola's Key Management Facility (KMF). The KMF and KMF CC combine to provide these cryptographic services for Motorola's APCO-25 compliant Astro radio systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/863", "Certificate Number": "863", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "11/16/200712/07/200703/07/200802/17/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp863.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/863", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/862", "Certificate Number": "862", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "11/07/200712/13/201302/12/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp862.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/862", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/861", "Certificate Number": "861", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Cryptographic Libraries for SSL", "Module Type": "Software", "Validation Date": "12/18/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp861.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/861", "detail_available": true, "module_name": "Oracle Cryptographic Libraries for SSL", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Oracle Cryptographic Libraries for SSL 10g (10.1.5) is a generic module used by the Oracle Corporation in a variety of its application suites. The module is used to provide support to cryptography, authentication, PKCS and certificate management for applications like the Oracle database server (Server and Client), Oracle Applications Server, Oracle Internet Directory, Web Cache and Apache. It provides a rich set of functionality and uses PKCS wallet structures for managing identities and trustpoints." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/860", "Certificate Number": "860", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Digital Interface Unit Crypto Module (DIU CM)", "Module Type": "Hardware", "Validation Date": "11/06/200701/30/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp860.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/860", "detail_available": true, "module_name": "Digital Interface Unit Crypto Module (DIU CM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The DIU CM provides secure voice and Over-the-Air-Rekeying (OTAR) advanced key management for Motorola's Digital Interface Unit (DIU). The DIU and DIU CM combine to provide these cryptographic services for Motorola's APCO-25 compliant family of console and base station radio infrastructure equipment." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/859", "Certificate Number": "859", "Vendor Name": "VMware, Inc.", "Module Name": "ACE Encryption Engine", "Module Type": "Software", "Validation Date": "11/06/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp859.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/859", "detail_available": true, "module_name": "ACE Encryption Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The ACE Encryption Engine allows virtual machines to be encapsulated into files which can be saved, copied, and provisioned. VMware Software Cryptographic Implementation is the kernel implementation that enables the VMware ACE application to perform its cryptographic functions such as hashing, encryption, digital signing, etc." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/858", "Certificate Number": "858", "Vendor Name": "Motorola, Inc.", "Module Name": "Radio Network Controller Encryption Module Controller (RNC EMC)", "Module Type": "Hardware", "Validation Date": "11/06/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp858.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/858", "detail_available": true, "module_name": "Radio Network Controller Encryption Module Controller (RNC EMC)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The RNC 3000 provides data communications between mobile data and host applications in an ASTRO integrated voice and data system. The RNC Encryption Module Controller provides data encryption services for the RNC 3000." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/857", "Certificate Number": "857", "Vendor Name": "Tumbleweed Communications Corp.", "Module Name": "Tumbleweed Security Kernel", "Module Type": "Software", "Validation Date": "10/26/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp857.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/857", "detail_available": true, "module_name": "Tumbleweed Security Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Tumbleweed Security Kernel is a software module implemented as two dynamic libraries that provide all security functionalities for several products of Tumbleweed Communications Corp., including Validation Authority, SecureTransport, and MailGate." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/856", "Certificate Number": "856", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI Cryptographic Module V2.2", "Module Type": "Hardware", "Validation Date": "10/26/200711/20/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp856.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/856", "detail_available": true, "module_name": "Luna® PCI Cryptographic Module V2.2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Luna PCI offers dedicated hardware key management to protect sensitive cryptographic keys from attack. The high-security hardware design ensures the integrity and protection of encryption keys throughout their life cycle. All digital signing and verification operations are performed within the HSM to increase performance and maintain security. Luna PCI HSMs provide hardware secured key generation, storage, secure key backup and accelerated encryption in a range of models and configurations offering a wide selection of security, performance and operational capabilities.", "algorithms": [ "AES", "DES" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/855", "Certificate Number": "855", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI Cryptographic Module for Luna® IS", "Module Type": "Hardware", "Validation Date": "10/26/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp855.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/855", "detail_available": true, "module_name": "Luna® PCI Cryptographic Module for Luna® IS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Luna® PCI for Luna ® IS offers hardware-based key management and cryptographic operations to protect sensitive keys. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI card.", "algorithms": [ "AES", "DES", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/854", "Certificate Number": "854", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI Cryptographic Module V2.2", "Module Type": "Hardware", "Validation Date": "10/26/200711/20/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp854.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/854", "detail_available": true, "module_name": "Luna® PCI Cryptographic Module V2.2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Luna PCI offers dedicated hardware key management to protect sensitive cryptographic keys from attack. The high-security hardware design ensures the integrity and protection of encryption keys throughout their life cycle. All digital signing and verification operations are performed within the HSM to increase performance and maintain security. Luna PCI HSMs provide hardware secured key generation, storage, secure key backup and accelerated encryption in a range of models and configurations offering a wide selection of security, performance and operational capabilities.", "algorithms": [ "AES", "DES", "DSA", "ECDH", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/853", "Certificate Number": "853", "Vendor Name": "Aladdin Knowledge Systems, Ltd.", "Module Name": "eToken PRO HD", "Module Type": "Hardware", "Validation Date": "10/24/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp853.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/853", "detail_available": true, "module_name": "eToken PRO HD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The eToken product offering provides a robust and flexible framework for integration with many of today's leading security solutions, providing a solution for strong authentication and password management needs. The eToken provides a complete set of easy-to-use password management applications that enable the user to securely store and manage all of their logon credentials on a single eToken device. They no longer need to remember numerous passwords for all of their applications and accounts - just the single eToken password." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/852", "Certificate Number": "852", "Vendor Name": "Aladdin Knowledge Systems, Ltd.", "Module Name": "eToken PRO, eToken NG-OTP and eToken NG-FLASH (128 MB, 512 MB and 1 GB)", "Module Type": "Hardware", "Validation Date": "10/24/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp852.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/852", "detail_available": true, "module_name": "eToken PRO, eToken NG-OTP and eToken NG-FLASH (128 MB, 512 MB and 1 GB)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The eToken product offering provides a robust and flexible framework for integration with many of today's leading security solutions, providing a solution for strong authentication and password management needs. The eToken provides a complete set of easy-to-use password management applications that enable the user to securely store and manage all of their logon credentials on a single eToken device. They no longer need to remember numerous passwords for all of their applications and accounts - just the single eToken password." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/851", "Certificate Number": "851", "Vendor Name": "QUALCOMM Inc.", "Module Name": "Cryptographic Extension for BREW® Cryptographic Engine", "Module Type": "Software", "Validation Date": "10/24/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp851.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/851", "detail_available": true, "module_name": "Cryptographic Extension for BREW® Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "QUALCOMMs Binary Runtime Environment for Wireless (BREW®) provides an integrated platform for developing, selling, and distributing wireless applications. The Cryptographic Extension for BREW® is a general-purpose, software-based cryptographic module packaged as a BREW® extension that can be invoked by BREW® applications to permit FIPS 140-2 Level 1 validated general-purpose cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/850", "Certificate Number": "850", "Vendor Name": "Doremi Labs", "Module Name": "Dolphin Board", "Module Type": "Hardware", "Validation Date": "10/18/200710/29/200711/12/200811/13/200806/07/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp850.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/850", "detail_available": true, "module_name": "Dolphin Board", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Dolphin Board is a PCI-card that provides a standard definition/high definition serial digital interface. This is the Doremi decoder card that contains the JPEG-2000 decoder hardware and BNC serial digital interface connectors used in the Doremi DCP-2000 Digital Cinema Server. The Dolphin Board utilizes a dual-link encoded serial digital interface for output of DCIcompliant resolutions up to 2040x1080p24 (2K-film). It can also operate single link for lower resolution material (i.e., trailers, advertisements, etc.)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/849", "Certificate Number": "849", "Vendor Name": "Comtech Mobile Datacom Corporation", "Module Name": "MTM-203 Satellite Mobile Transceiver", "Module Type": "Hardware", "Validation Date": "10/18/200704/29/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp849.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/849", "detail_available": true, "module_name": "MTM-203 Satellite Mobile Transceiver", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "CMDC's MTM-203 is a small, low power L-Band satellite transceiver for power, weight and space-restrictive applications. The MTM-203 is designed for easy integration into systems that benefit from secure, near real-time, over-the-horizon communications. The MTM-203 is based on battlefield proven technology that enables many new applications, such as handheld and covert devices. The module provides messaging connectivity worldwide with other mobile and terrestrial connected users of CMDC's proprietary network. CMDC's products operate on a variety of satellite providers without reconfiguration." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/848", "Certificate Number": "848", "Vendor Name": "NetApp", "Module Name": "Decru DataFort SCSI SEP v1.0", "Module Type": "Hardware", "Validation Date": "10/18/200702/23/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp848.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/848", "detail_available": true, "module_name": "Decru DataFort SCSI SEP v1.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Decru's Storage Encryption Processor (SEP) is the primary cryptographic and key management engine for Decru DataFort products. Decru DataFort is a wire-speed storage security appliance. DataFort uses hardware-based encryption, authentication, secure access controls, and secure logging to protect networked storage in NAS, SAN, DAS and Tape environments. DataFort can be deployed transparently, with no changes to desktops, servers, applications, or user workflow." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/847", "Certificate Number": "847", "Vendor Name": "NetApp", "Module Name": "Decru DataFort LKM SEP v1.0", "Module Type": "Hardware", "Validation Date": "10/18/200712/18/200702/23/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp847.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/847", "detail_available": true, "module_name": "Decru DataFort LKM SEP v1.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Decru's Storage Encryption Processor (SEP) is the primary cryptographic and key management engine for Decru DataFort products. Decru DataFort is a wire-speed storage security appliance. DataFort uses hardware-based encryption, authentication, secure access controls, and secure logging to protect networked storage in NAS, SAN, DAS and Tape environments. DataFort can be deployed transparently, with no changes to desktops, servers, applications, or user workflow." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/846", "Certificate Number": "846", "Vendor Name": "NetApp", "Module Name": "Decru DataFort NAS SEP v1.0", "Module Type": "Hardware", "Validation Date": "10/18/200702/23/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp846.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/846", "detail_available": true, "module_name": "Decru DataFort NAS SEP v1.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Decru's Storage Encryption Processor (SEP) is the primary cryptographic and key management engine for Decru DataFort products. Decru DataFort is a wire-speed storage security appliance. DataFort uses hardware-based encryption, authentication, secure access controls, and secure logging to protect networked storage in NAS, SAN, DAS and Tape environments. DataFort can be deployed transparently, with no changes to desktops, servers, applications, or user workflow." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/845", "Certificate Number": "845", "Vendor Name": "Utimaco® Safeware AG", "Module Name": "SafeGuard Cryptographic Engine", "Module Type": "Software", "Validation Date": "10/18/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp845.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/845", "detail_available": true, "module_name": "SafeGuard Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SafeGuard Cryptographic Engine (SGCE) is a high-performance cryptographic library. It provides cryptographic services to the following products from the SafeGuard solutions: SafeGuard Enterprise, SafeGuard PrivateDisk, SafeGuard LAN Crypt and SafeGuard PrivateCrypto." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/844", "Certificate Number": "844", "Vendor Name": "Giesecke & Devrient", "Module Name": "Sm@rtCafé Expert Embedded Security", "Module Type": "Hardware", "Validation Date": "10/18/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp844.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/844", "detail_available": true, "module_name": "Sm@rtCafé Expert Embedded Security", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Sm@rtCafé Expert Embedded Security was developed by G&D and constitutes a complete operating system for smart cards. Providing a complete set of International Organization for Standardization (ISO), Europay, MasterCard and Visa (EMV) and proprietary enhanced commands, the Sm@rtCafé Expert Embedded Security incorporates standards-based functionality along with its own optimized command set." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/843", "Certificate Number": "843", "Vendor Name": "iDirect", "Module Name": "7350 iNFINITI Satellite Router [1], iConnex-700 [2], iConnex-100 [3], M1D1-T Universal Line Card [4] and 8350 iNFINITI Satellite Router [5]", "Module Type": "Hardware", "Validation Date": "10/18/200702/06/200812/23/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp843.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/843", "detail_available": true, "module_name": "7350 iNFINITI Satellite Router [1], iConnex-700 [2], iConnex-100 [3], M1D1-T Universal Line Card [4] and 8350 iNFINITI Satellite Router [5]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "An iDirect Time Division Multiple Access (TDMA) network is composed of a single outroute Single Channel Per Carrier (SCPC) and multiple inroute TDMA carriers. The iDirect TDMA network is optimized for satellite transmissions, squeezing the maximum performance out of the bandwidth provided by satellite links. The system is fully integrated with iDirectÆs Network Management System that provides configuration and monitoring functions. The iDirect network components consist of the Protocol Processor, Hub Line Card (also known as Universal Line Card), and the Ethernet switch with remote modem." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/842", "Certificate Number": "842", "Vendor Name": "Dolby Laboratories, Inc.", "Module Name": "CAT904 Dolby® JPEG2000/MPEG2 Processor", "Module Type": "Hardware", "Validation Date": "10/18/200703/19/200810/16/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp842.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/842", "detail_available": true, "module_name": "CAT904 Dolby® JPEG2000/MPEG2 Processor", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The CAT904 Dolby® JPEG2000/MPEG2 processor performs all the cryptography, license management, and video decoding functions for the DSP100 Dolby Show Player, which forms the nucleus of the Dolby Digital Cinema system. The system offers superb picture quality, outstanding reliability, and the highest level of security in the business. It includes support for JPEG 2000 playback, as specified by DCI, and MPEG-2 for compatibility with alternative content such as preshow advertising. The system also meets other key DCI specifications for security, data rate, and storage capacity." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/841", "Certificate Number": "841", "Vendor Name": "M/A Com, Inc.", "Module Name": "P7170IPSystem Portable Two-Way FM Radios", "Module Type": "Hardware", "Validation Date": "09/21/200704/29/200803/06/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp841.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/841", "detail_available": true, "module_name": "P7170 IP System Portable Two-Way FM Radios", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The P7170 IP is M/A COM's premier portable radio for critical communications. Guided by customer feedback, M/A COM designed the P7170 IP to excel in the challenging environments that critical communications users encounter. The P7170 IP provides a superior combination of features, functions, and physical attributes. It is light and extremely durable, easy to use while wearing gloves, and produces loud and clear audio. A rugged high-tier portable, the P7170 IP provides exceptional performance even under adverse conditions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/840", "Certificate Number": "840", "Vendor Name": "M/A Com, Inc.", "Module Name": "P7130IPSelect, P7150IPScan Portable and M7100IPMobile Two-Way FM Radio", "Module Type": "Hardware", "Validation Date": "09/21/200704/29/200803/06/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp840.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/840", "detail_available": true, "module_name": "P7130 IP Select, P7150 IP Scan Portable and M7100 IP Mobile Two-Way FM Radio", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "P7130 IP Select, P7150 IP Scan Portable and M7100 IP Mobile are M/A COM's premier radios for critical communications. Guided by customer feedback, M/A COM designed the P7130 IP , P7150 IP and M7100 IP to excel in the challenging environments that critical communications users encounter. The radios provide a superior combination of features, functions, and physical attributes. They are light and extremely durable, easy to use while wearing gloves, and produces loud and clear audio. A rugged high-tier portable, the radios provide exceptional performance even under adverse conditions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/839", "Certificate Number": "839", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Pitney Bowes iButton Postal Security Device (PSD)", "Module Type": "Hardware", "Validation Date": "09/21/200710/29/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp839.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/839", "detail_available": true, "module_name": "Pitney Bowes iButton Postal Security Device (PSD)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Pitney Bowes iButton Postal Security Device (PSD) has been designed in compliance with the United States Postal Service (USPS), Information-Based Indicia Program (IBIP), and Deutsche Post's FrankIT New Generation Digital Franking program. It employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes global digital metering products. The PSD has been designed to support international postal markets and their rapidly evolving requirements for digital indicia." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/838", "Certificate Number": "838", "Vendor Name": "Mitsubishi Electric Corporation Kamakura Works", "Module Name": "Command Encryption Module", "Module Type": "Firmware", "Validation Date": "09/11/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp838.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/838", "detail_available": true, "module_name": "Command Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "Command Encryption Module is a firmware module designed to perform Triple DES CFB mode encryption functions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/837", "Certificate Number": "837", "Vendor Name": "MRV Communications", "Module Name": "LX-4000T and LX-8000S Series Console Servers", "Module Type": "Hardware", "Validation Date": "09/11/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp837.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/837", "detail_available": true, "module_name": "LX-4000T and LX-8000S Series Console Servers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The LX-4000T and LX-8000S Series Console Servers are a key component of MRV╞s Out-of-Band Network solution. Out-of-Band Networks provide secure remote service port access and remote power control to devices in an organization╞s networks and infrastructures. This nearly eliminates the need for physical presence at a device to correct problems or manage its everyday operation. MRV╞s Out-of-Band Network solution includes console servers, terminal servers, device servers, remote power control and management system, making the LX Series an ideal choice for secure remote access." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/836", "Certificate Number": "836", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Secure Generic Sub-System (SGSS), Version 3.4", "Module Type": "Hardware", "Validation Date": "09/11/200709/25/200712/23/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp836.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/836", "detail_available": true, "module_name": "Secure Generic Sub-System (SGSS), Version 3.4", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Secure Generic Sub-System (SGSS) is a multi-chip embedded module used to provide secure cryptographic resources to a number of products in the Thales e-Security portfolio. This includes the Datacryptor® 2000, Datacryptor® Advanced Performance and Small Form Factor family (Link, Frame Relay, E1/T1, E3/T3, and IP models), WebSentry™ family, HSM 8000 family, P3™ CM family, 3D Security Module and the SafeSign® Crypto Module. The SGSS contains a secure bootstrap and authenticates application loading using the Digital Signature Algorithm (DSA) and SHA-1 hashing." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/835", "Certificate Number": "835", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna®PCM", "Module Type": "Hardware", "Validation Date": "09/05/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp835.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/835", "detail_available": true, "module_name": "Luna®PCM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Luna PCM cryptographic module is a multi-chip standalone hardware cryptographic module in the form of a PCMCIA card that typically resides within a custom computing or secure communications appliance. It is contained in its own secure enclosure that provides physical resistance to tampering. The module provides secure key generation and storage for symmetric keys and asymmetric key pairs along with symmetric and asymmetric cryptographic services. Access to key material and cryptographic services for users and user application software is provided indirectly through the host appliance.", "algorithms": [ "AES", "DES", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/834", "Certificate Number": "834", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "Nokia VPN Appliance", "Module Type": "Hardware", "Validation Date": "09/05/200709/26/200705/28/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp834.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/834", "detail_available": true, "module_name": "Nokia VPN Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Nokia VPN Applicances are full-featured enterprise systems designed for small to medium enterprises, with Service Provider flexibility and rapid serviceability option in a single rack space. When combined with Check Point VPN-1 these platforms provide reliable, easy to manage distributed security and access." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/833", "Certificate Number": "833", "Vendor Name": "NetApp", "Module Name": "Decru DataFort SAN SEP v2.0", "Module Type": "Hardware", "Validation Date": "09/05/200701/26/200902/23/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp833.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/833", "detail_available": true, "module_name": "Decru DataFort SAN SEP v2.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Decru's Storage Encryption Processor (SEP) is the primary cryptographic and key management engine for Decru DataFort products. Decru DataFort is a wire-speed storage security appliance. DataFort uses hardware-based encryption, authentication, secure access controls, and secure logging to protect networked storage in NAS, SAN, DAS and Tape environments. DataFort can be deployed transparently, with no changes to desktops, servers, applications, or user workflow." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/832", "Certificate Number": "832", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® CA4", "Module Type": "Hardware", "Validation Date": "09/05/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp832.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/832", "detail_available": true, "module_name": "Luna® CA4", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Luna CA4 cryptographic module is a multi-chip standalone hardware cryptographic module in the form of a PCMCIA card that typically resides within a custom computing or secure communications appliance. It is contained in its own secure enclosure that provides physical resistance to tampering. The module provides secure key generation and storage for symmetric keys and asymmetric key pairs along with symmetric and asymmetric cryptographic services.", "algorithms": [ "AES", "DES", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/831", "Certificate Number": "831", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "Fortress Secure Client", "Module Type": "Software", "Validation Date": "09/05/200703/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp831.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/831", "detail_available": true, "module_name": "Fortress Secure Client", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Fortress Secure Client identifies network devices and encrypts and decrypts traffic transmitted to and from those devices. A plug-and-play solution, the Client encrypts and decrypts communication across the network and protects the device against attacks without user intervention." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/830", "Certificate Number": "830", "Vendor Name": "Cryptek, Inc.", "Module Name": "CA100", "Module Type": "Software", "Validation Date": "09/05/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp830.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/830", "detail_available": true, "module_name": "CA100", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "CA100 is a centrally managed software IPSec client with VPN and firewall functionality. Unlike traditional IPSec software clients that have both the software client and associated policy locally stored on the client's system, the Cryptek CA100 user policies are stored and dynamically downloaded from our manager, the Cryptek CC200." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/829", "Certificate Number": "829", "Vendor Name": "Certicom Corp.", "Module Name": "Security Builder FIPS Module for Palm OS 5", "Module Type": "Software", "Validation Date": "09/05/200703/06/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp829.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/829", "detail_available": true, "module_name": "Security Builder FIPS Module for Palm OS 5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Security Builder╜ FIPS Module is a standards-based cryptographic toolkit that provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into both mobile and server-based applications. The Security Builder FIPS Module is part of the Certicom Security Architecture, a comprehensive cross-platform security solution which supports multiple cryptographic software and hardware providers with a single common API." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/828", "Certificate Number": "828", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-C Micro Edition (ME)", "Module Type": "Software", "Validation Date": "08/27/200701/04/200810/16/200809/07/201003/28/201101/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp828.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/828", "detail_available": true, "module_name": "RSA BSAFE® Crypto-C Micro Edition (ME)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Crypto-C Micro Edition (ME) Module is RSA Security Inc.'s cryptographic library designed for securing mobile devices like wireless phones and personal digital assistants. It contains assembly-level optimizations on key wireless processors. Its functionality includes a wide range of data encryption and signing algorithms, including Triple-DES, the Advanced Encryption Standard (AES) algorithm, the RSA Public Key Cryptosystem, the DSA government signature algorithm, MD5 and SHA1 message digest routines, and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/827", "Certificate Number": "827", "Vendor Name": "Research in Motion Ltd.", "Module Name": "BlackBerry® Cryptographic Kernel", "Module Type": "Firmware", "Validation Date": "08/27/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp827.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/827", "detail_available": true, "module_name": "BlackBerry® Cryptographic Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-to-end solution. The BlackBerry Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/826", "Certificate Number": "826", "Vendor Name": "Giritech", "Module Name": "Cryptographic Support Library CryptFacility", "Module Type": "Software", "Validation Date": "08/27/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp826.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/826", "detail_available": true, "module_name": "Cryptographic Support Library CryptFacility", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. This module contains the embedded module Crypto++ validated to FIPS 140-2 under Cert. #562 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Girtech Cryptographic Support Library CryptFacility is a library implemented in the Giritech G/ON product line that performs all of its cryptographic functionality using a FIPS 140-2 validated library called Crypto++ (Cert #562)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/825", "Certificate Number": "825", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Windows CE and Windows Mobile Enhanded Cryptographic Provider 6.00.1937 and Microsoft Windows Embedded Compact Enhanced Cryptographic Provider 7.00.1687", "Module Type": "Software", "Validation Date": "08/27/200711/26/200702/21/200801/16/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp825.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/825", "detail_available": true, "module_name": "Microsoft Windows CE and Windows Mobile Enhanded Cryptographic Provider 6.00.1937 and Microsoft Windows Embedded Compact Enhanced Cryptographic Provider 7.00.1687", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Microsoft Windows Embedded Compact Enhanced Cryptographic Provider 7.00.1687 and the Microsoft Windows CE and Windows Mobile Enhanced Cryptographic Provider 6.00.1937 (RSAENH) are general-purpose, software-based, cryptographic modules for Windows Embedded Compact. Like cryptographic providers that ship with Microsoft Windows Embedded Compact, RSAENH encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. It can be dynamically linked into applications by software developers to permit the use of general-purpose cryptography. RSAENH meets the Level 1 FIPS 140-2 Validation requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/824", "Certificate Number": "824", "Vendor Name": "Hummingbird Connectivity, a Division of Open Text Corporation", "Module Name": "Hummingbird Cryptographic Module", "Module Type": "Software", "Validation Date": "08/27/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp824.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/824", "detail_available": true, "module_name": "Hummingbird Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Hummingbird Cryptographic Module is a library which provides encryption and decryption services to Hummingbird Connectivity software during SSL or SSH connections. The Hummingbird Cryptographic Module is used in Exceed, a windows-based X11 server, NFS Maestro, a suite of NFS clients and servers, HostExplorer, a desktop and web-based terminal emulation suite and Connectivity Secure Shell, an implementation of the Secure Shell 2 protocol. The Hummingbird Cryptographic Module is available from Hummingbird Connectivity, a division of Open Text Corporation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/823", "Certificate Number": "823", "Vendor Name": "SafeNet, Inc.", "Module Name": "Model 400 Smart Card", "Module Type": "Hardware", "Validation Date": "08/22/200702/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp823.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/823", "detail_available": true, "module_name": "Model 400 Smart Card", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "SCCOS is a state-of-the-art operating system that offers wide range of authentication services together with the highest levels of security. It offers powerful implementaions for public and secret key encryption supporting RSA, DSA, Diffie-Hellman, SHA-1, Triple-DES, and AES." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/822", "Certificate Number": "822", "Vendor Name": "VIACK Corporation", "Module Name": "VIA3 VkCrypt Cryptographic Module", "Module Type": "Software", "Validation Date": "08/17/200703/07/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp822.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/822", "detail_available": true, "module_name": "VIA3 VkCrypt Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The VIA3 VkCrypt Cryptographic Module is a software cryptographic module that implements symmetric and public key encryption, digital signatures, and hashing. VIA3 is a secure online collaboration solution integrating real-time audio and video, instant messaging, application sharing, and access to workspaces." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/821", "Certificate Number": "821", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "ASA 5510, ASA 5520 and ASA 5540", "Module Type": "Hardware", "Validation Date": "08/17/200706/23/200803/06/200905/18/200905/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp821.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/821", "detail_available": true, "module_name": "ASA 5510, ASA 5520 and ASA 5540", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes.", "algorithms": [ "AES", "DES", "ECDH", "HMAC", "RSA", "SHA", "SSH", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/820", "Certificate Number": "820", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-J JCE Provider Module", "Module Type": "Software", "Validation Date": "08/13/200710/12/200701/04/200810/16/200809/07/201003/28/201101/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp820.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/820", "detail_available": true, "module_name": "RSA BSAFE® Crypto-J JCE Provider Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. RSA BSAFE Crypto-J supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/819", "Certificate Number": "819", "Vendor Name": "Wei Dai", "Module Name": "Crypto++™ Library", "Module Type": "Software", "Validation Date": "08/13/200708/17/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp819.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/819", "detail_available": true, "module_name": "Crypto++™ Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Crypto++ Library is a free, open source C++ class library providing public key encryption, digital signatures, symmetric ciphers, hash functions, message authentication codes, and other cryptographic algorithms. Both 32-bit and 64-bit variants of the dynamic link library (DLL) are FIPS 140-2 Level 1 validated. The source code of the validated module is available upon request." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/818", "Certificate Number": "818", "Vendor Name": "Arcot Systems, Inc.", "Module Name": "Arcot Core Security Module", "Module Type": "Software", "Validation Date": "08/10/200710/16/200812/03/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp818.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/818", "detail_available": true, "module_name": "Arcot Core Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Arcot Core Security Module provides FIPS-certified cryptographic functionality to Arcot's authentication, encryption/decryption and digital signing products -- ArcotID \"software smart card\", Arcot WebFort Authentication Server, Arcot SignFort, and Arcot TransFort for 3-D Secure compliance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/817", "Certificate Number": "817", "Vendor Name": "RELM Wireless Corporation", "Module Name": "DPHx Radio with LZA0577 or LZA0577/LZA0578 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "08/08/200710/15/200712/18/200704/29/200811/06/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp817.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/817", "detail_available": true, "module_name": "DPHx Radio with LZA0577 or LZA0577/LZA0578 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The DPHx Radio with OTAR is a multi-chip standalone cryptographic module encased in an opaque commercial grade enclosure. As a secure radio, the primary purpose for this device is to provide encrypted digital communication." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/816", "Certificate Number": "816", "Vendor Name": "Neopost Industrie", "Module Name": "N95i/255 Secure Metering Module (SMM)", "Module Type": "Hardware", "Validation Date": "08/08/200708/29/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp816.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/816", "detail_available": true, "module_name": "N95i/255 Secure Metering Module (SMM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The IJ40/50/60 are Neopost mid range of Franking products that incorporate the N95i secure metering module for producing highly secure franking impressions to meet USPS postal requirements. These products are connected to Neopost online services server for greater customer options including E-confirmation for mail tracking." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/815", "Certificate Number": "815", "Vendor Name": "Red Hat®, Inc. and Sun Microsystems, Inc.", "Module Name": "Network Security Services (NSS) Cryptographic Module", "Module Type": "Software", "Validation Date": "08/08/200712/07/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp815.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/815", "detail_available": true, "module_name": "Network Security Services (NSS) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major crypto algorithms and Internet security standards, and supports smartcards and hardware crypto devices. NSS is available free of charge under the Mozilla Public License, the GNU General Public License, and the GNU Lesser General Public License. For more information, see http://www.mozilla.org/projects/security/pki/nss/" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/814", "Certificate Number": "814", "Vendor Name": "Red Hat®, Inc. and Sun Microsystems, Inc.", "Module Name": "Network Security Services (NSS) Cryptographic Module", "Module Type": "Software", "Validation Date": "08/27/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp814.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/814", "detail_available": true, "module_name": "Network Security Services (NSS) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major crypto algorithms and Internet security standards, and supports smartcards and hardware crypto devices. NSS is available free of charge under the Mozilla Public License, the GNU General Public License, and the GNU Lesser General Public License. For more information, see http://www.mozilla.org/projects/security/pki/nss/" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/813", "Certificate Number": "813", "Vendor Name": "Xceedium, Inc.", "Module Name": "GateKeeper", "Module Type": "Hardware", "Validation Date": "08/07/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp813.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/813", "detail_available": true, "module_name": "GateKeeper", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Xceedium's GateKeeper is a hardened appliance that functions as a secure centralized management platform that enables IT operations to remotely manage data centers as one integrated system. A standardized security model can be developed to mitigate the risks of \"untrusted\" users; provide centralized access and policy, compartmentalize down to the port, define good and bad behavior, alert and restrict access to applications or commands. GateKeeper provides touch free support and includes all access methods and tools for in-band, out-of-band and power control." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/812", "Certificate Number": "812", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-J Software Module", "Module Type": "Software", "Validation Date": "08/07/200710/12/200701/04/200810/16/200809/07/201003/28/201101/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp812.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/812", "detail_available": true, "module_name": "RSA BSAFE® Crypto-J Software Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. RSA BSAFE Crypto-J supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/811", "Certificate Number": "811", "Vendor Name": "Utimaco® Safeware AG", "Module Name": "CryptoServer CS", "Module Type": "Hardware", "Validation Date": "07/31/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp811.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/811", "detail_available": true, "module_name": "CryptoServer CS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The CryptoServer CS is an encapsulated, highly tamper protected hardware security module which provides secure cryptographic services like encryption or decryption, hashing, signing and verifying of data, random number generation, on-board secure key generation, key storage, and further key management functionality." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/810", "Certificate Number": "810", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-1000A and FortiGate-3600", "Module Type": "Hardware", "Validation Date": "07/31/200702/21/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp810.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/810", "detail_available": true, "module_name": "FortiGate-1000A and FortiGate-3600", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "FortiGate Multi-Threat Security Solutions are dedicated, hardware-based devices that deliver complete content protection against blended threats at the network perimeter or within the internal network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/809", "Certificate Number": "809", "Vendor Name": "AirMagnet, Inc.", "Module Name": "SmartEdge Sensor AM-5010-11-AG, AM-5012-11AG, A5020 and A5023", "Module Type": "Hardware", "Validation Date": "07/31/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp809.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/809", "detail_available": true, "module_name": "SmartEdge Sensor AM-5010-11-AG, AM-5012-11AG, A5020 and A5023", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SmartEdge Sensor is equipped with patent pending AirWISE Analytical Engine that, in real time, monitors and analyzes the security, performance, and reliability of the wireless network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/808", "Certificate Number": "808", "Vendor Name": "CipherOptics Inc.", "Module Name": "CipherOptics SG100 and CipherOptics SG1002", "Module Type": "Hardware", "Validation Date": "07/31/200706/14/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp808.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/808", "detail_available": true, "module_name": "CipherOptics SG100 and CipherOptics SG1002", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The CipherOptics SG100 and SG1002 are high performance, integrated security appliances that offer Gigabit and 10/100 Ethernet IPSec encryption respectively. Housed in a tamper evident chassis, have two ethernet ports. Traffic on the local port is received in the clear, while traffic on the remote port has security processing applied to it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/807", "Certificate Number": "807", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-200A/200A-HD, 300A/300A-HD and 500A/500A-HD", "Module Type": "Hardware", "Validation Date": "07/31/200702/21/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp807.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/807", "detail_available": true, "module_name": "FortiGate-200A/200A-HD, 300A/300A-HD and 500A/500A-HD", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "FortiGate Multi-Threat Security Solutions are dedicated, hardware-based devices that deliver complete content protection against blended threats at the network perimeter or within the internal network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/806", "Certificate Number": "806", "Vendor Name": "Motorola, Inc.", "Module Name": "ASTRO Subscriber Universal Crypto Module (UCM)", "Module Type": "Hardware", "Validation Date": "07/31/200704/04/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp806.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/806", "detail_available": true, "module_name": "ASTRO Subscriber Universal Crypto Module (UCM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Encryption modules used in Motorola Astro family of radios. Provides secure voice and data capabilities as well as APCO Over-the-Air-Rekeying and advanced key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/805", "Certificate Number": "805", "Vendor Name": "NetWeave Integrated Solutions, Inc.", "Module Name": "NetWeave Distributed Services NSK/D30", "Module Type": "Software", "Validation Date": "07/26/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp805.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/805", "detail_available": true, "module_name": "NetWeave Distributed Services NSK/D30", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "NetWeave Distributed Services (NWDS) is a heterogeneous middleware product that provides a broad base of cross-platform computing services built on a secure high-performance messaging core. While NWDS runs on a variety of platforms, HP systems, particularly the HP NonStopTM Kernel can be found at the core of many NWDS implementations. Specifically, the NWDS NSK/D30 implementation supports HP NSK D39 environments. In all environments, NWDS was standardized on the XYGATE® Encryption Software Development Kit by XYPRO® for its cryptographic services, performance, flexibility and platform coverage." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/804", "Certificate Number": "804", "Vendor Name": "XYPRO® Technology Corporation", "Module Name": "XYGATE® /ESDK", "Module Type": "Software", "Validation Date": "07/26/200708/17/200711/26/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp804.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/804", "detail_available": true, "module_name": "XYGATE® /ESDK", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The XYGATE Encryption Software Development Kit [XESDK] is a dynamically linked software library that supplies: symmetric key encryption including the approved AES and TripleDES; hashing algorithms including the approved SHA-1 and SHA-256; public key encryption including RSA; signature algorithms including the approved RSA and DSA; secure session protocols such as SSH, SSL and TLS; and e-mail protocols such as PGP and S/MIME." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/803", "Certificate Number": "803", "Vendor Name": "KoolSpan, Inc.", "Module Name": "SecurEdge Lock", "Module Type": "Hardware", "Validation Date": "07/26/200708/29/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp803.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/803", "detail_available": true, "module_name": "SecurEdge Lock", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "This module contains the embedded module Axalto Cryptoflex e-Gate 32 smart card validated to FIPS 140-2 under Cert. #242 operating in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The KoolSpan Lock is a VHS-Cassette sized device that authenticates users and bridges their Ethernet traffic onto the network. It contains an embedded Smart Card and cryptographic processor. The case is tamper-resistant. Each Lock can support up to 512 simultaneous users each with 256-bit AES encryption. The Lock supports a \"Keyless Exchange\" and provides both Wi-Fi security and Remote Access (VPN) connections." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/802", "Certificate Number": "802", "Vendor Name": "Entrust, Inc.", "Module Name": "Entrust Authority™ Security Toolkit 7.2 for the Java® Platform", "Module Type": "Software", "Validation Date": "07/26/200708/07/200705/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp802.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/802", "detail_available": true, "module_name": "Entrust Authority™ Security Toolkit 7.2 for the Java® Platform", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Entrust Authority™ Toolkits provide customers and partners with the ability to apply best-in-class security to almost any business application. These Toolkits provide a common set of services to permit developers to rapidly deploy applications that solve business problems without having to spend valuable development cycles developing these common services. Entrust Authority's standards-based, application programming interfaces (APIs) make it possible to implement a single enhanced Internet security architecture across multiple applications and platforms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/801", "Certificate Number": "801", "Vendor Name": "Secured User Inc.", "Module Name": "SUSK Security Module", "Module Type": "Software", "Validation Date": "07/23/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp801.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/801", "detail_available": true, "module_name": "SUSK Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The SUSK Security Module is a software-based cryptographic module. Secured User's product performs all of its work by transparently intercepting and transforming the data stream between entities. All of the cryptographic functionalities of the Secured User product are provided by the central shared library, SUSK Security Module. The cryptographic module offers Transport Layer Security (TLS) services along with bulk encryption and hashing services exclusively to Secured User application. This application is considered as host application to the module." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/800", "Certificate Number": "800", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Cygnus X-2 Postal Security Device", "Module Type": "Hardware", "Validation Date": "07/23/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp800.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/800", "detail_available": true, "module_name": "Cygnus X-2 Postal Security Device", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Pitney Bowes Cygnus X-2 Postal Security Device (PSD) has been designed in compliance with FIPS 140-2 and IPMAR security protection profile in order to support the USPS IBIP and international digital indicia standards globally. The PSD employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes Postage Metering products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/799", "Certificate Number": "799", "Vendor Name": "Polycom, Inc.", "Module Name": "VSX 7000e and VSX 8000", "Module Type": "Hardware", "Validation Date": "07/23/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp799.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/799", "detail_available": true, "module_name": "VSX 7000e and VSX 8000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Polycom VSX products are state of the art video-conferencing nodes. These systems provide video-conferencing facilities using all the popular telecommunication protocols such as H.320 H.323, and Session Initiation Protocol (SIP) and include support of Integrated Services Digital Network (ISDN), Primary rate and Basic rate as well as serial interfaces for V.35, RS-499 and RS-530." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/798", "Certificate Number": "798", "Vendor Name": "Polycom, Inc.", "Module Name": "VSX 3000, VSX 5000, and VSX 7000s", "Module Type": "Hardware", "Validation Date": "07/23/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp798.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/798", "detail_available": true, "module_name": "VSX 3000, VSX 5000, and VSX 7000s", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Polycom VSX products are state of the art video-conferencing nodes. These systems provide video-conferencing facilities using all the popular telecommunication protocols such as H.320 H.323, and Session Initiation Protocol (SIP) and include support of Integrated Services Digital Network (ISDN), Primary rate and Basic rate as well as serial interfaces for V.35, RS-499 and RS-530." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/797", "Certificate Number": "797", "Vendor Name": "Entrust, Inc.", "Module Name": "Entrust Security Kernel", "Module Type": "Software", "Validation Date": "07/03/200705/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp797.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/797", "detail_available": true, "module_name": "Entrust Security Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Kernel is a C++ class library of cryptographic functions bound together by a common object-oriented Application Programming Interface (API). Depending on the configuration and the runtime environment of the Kernel, the algorithms may be implemented in software, hardware, or a combination of both. The industry standard Cryptoki API, as described in PCKS #11, is used as the internal interface to hardware-based cryptographic tokens." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/796", "Certificate Number": "796", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "Fortress Security Controller (FC-X)", "Module Type": "Hardware", "Validation Date": "07/02/200711/26/200704/04/200805/09/200801/26/200903/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp796.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/796", "detail_available": true, "module_name": "Fortress Security Controller (FC-X)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Fortress Security Controller (FC-X) is a high performance electronic encryption module that enforces network access rights and encrypts and decrypts communication across a WLAN. Installed by the vendor onto a custom built multiple processor hardware platform and deployable on any LAN or WAN, the Fortress Security Controller (FC-X) provides encryption, data integrity checking, authentication, access control, and data compression." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/795", "Certificate Number": "795", "Vendor Name": "ViaSat, Inc.", "Module Name": "Enhanced Bandwidth Efficient Modem (EBEM) Cryptographic Module", "Module Type": "Hardware", "Validation Date": "06/26/200708/31/200707/09/200807/08/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp795.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/795", "detail_available": true, "module_name": "Enhanced Bandwidth Efficient Modem (EBEM) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The ViaSat Enhanced Bandwidth Efficient Modem (EBEM-500) series Satcom Modem provides the latest in efficient modulation and coding for point-to-point Satcom connections. The EBEM-500 series offers embedded encryption, integrating the security functions into the modem to provide an integrated secure Satcom modem product. The EBEM-500 series is backward compatible with a wide range of legacy Satcom modems currently in use and supports the new improved efficiency modulation and coding. The EBEM-500 series supports user base-band data rates from 64 kbps up to 155.52 Mbps." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/794", "Certificate Number": "794", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "AirFortress® Wireless Security Gateway", "Module Type": "Hardware", "Validation Date": "07/02/200703/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp794.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/794", "detail_available": true, "module_name": "AirFortress® Wireless Security Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The AirFortress® Wireless Security Gateway is an electronic encryption module that enforces network access rights and encrypts and decrypts communication across a WLAN. Installed by the vendor onto a production-quality hardware platform and deployable on any LAN or WAN, the AirFortress® Wireless Security Gateway provides encryption, data integrity checking, authentication, access control, and data compression." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/793", "Certificate Number": "793", "Vendor Name": "Sagem Orga", "Module Name": "J-IDMark 64 Open", "Module Type": "Hardware", "Validation Date": "06/26/200704/29/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp793.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/793", "detail_available": true, "module_name": "J-IDMark 64 Open", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The J-IDMark 64 Open is a single chip cryptographic module, which combines an implementation of the latest Sun Java Card TM (Rev 2.2.1) [JCS] / Global Platform (Rev 2.1.1)[GP] specifications with a dual interface chip (with both ISO 7816 contact and ISO 14443 contactless protocols). The module meets the requirements to the FIPS 140-2, Level 4 for physical security, and to the Level 3 for other areas. The module loads and runs applets written in Java programming language. Additional features include biometric & PKI APIs in order to run \"Match On Card\" and cryptographic services properly.", "algorithms": [ "AES", "DES", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/792", "Certificate Number": "792", "Vendor Name": "Certicom Corp.", "Module Name": "Security Builder® FIPS Java Module", "Module Type": "Software", "Validation Date": "06/26/200707/20/200710/12/200703/06/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp792.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/792", "detail_available": true, "module_name": "Security Builder® FIPS Java Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Security Builder® FIPS Java Module is a standards-based cryptographic toolkit written in Java. It supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into Java-based applications. The Security Builder® FIPS Java Module is intended for use by developers who want government level security and can also be used in conjunction with other Certicom developer toolkits including Security Builder® PKI and Security Builder® SSL." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/791", "Certificate Number": "791", "Vendor Name": "Research in Motion Ltd.", "Module Name": "BlackBerry® Cryptographic Kernel", "Module Type": "Firmware", "Validation Date": "06/21/200706/21/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp791.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/791", "detail_available": true, "module_name": "BlackBerry® Cryptographic Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-to-end solution. The BlackBerry® Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry® ." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/790", "Certificate Number": "790", "Vendor Name": "Oberthur Card Systems", "Module Name": "Oberthur ID-One Cosmo 64 v5.4 D", "Module Type": "Hardware", "Validation Date": "06/19/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp790.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/790", "detail_available": true, "module_name": "Oberthur ID-One Cosmo 64 v5.4 D", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This single chip module offers a highly secure architecture with state of the art on board cryptographic services such as Triple DES (128 and 192), AES (up to 256 bits), RSA (up to 2048) with ANSI X9.31 on board key generation, SHA1 & SHA 256, ISO 9796, ISO 9797, PKCS#1.5, OAEP, OSS, etc. Additional features include fingerprint Match on Card (ISO 19794-2), Logical Channels and Delegated Management. The module supports Java Card 2.2.1 and Global Platform 2.1.1.A. It is available with up to three communication interfaces (ISO 7816, ISO 14443 & USB)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/789", "Certificate Number": "789", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-5050", "Module Type": "Hardware", "Validation Date": "06/19/200702/21/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp789.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/789", "detail_available": true, "module_name": "FortiGate-5050", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "FortiGate Multi-Threat Security Solutions are dedicated, hardware-based devices that deliver complete content protection against blended threats at the network perimeter or within the internal network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/788", "Certificate Number": "788", "Vendor Name": "Neopost Industrie", "Module Name": "IJ25 Secure Metering Module (SMM)", "Module Type": "Hardware", "Validation Date": "06/19/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp788.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/788", "detail_available": true, "module_name": "IJ25 Secure Metering Module (SMM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The module provides services to a small office postal meter. The system's features include hand postage printing using ink jet technology, weighing scale interface, internal modem for remote recrediting, memory card for slogan and rate loading." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/787", "Certificate Number": "787", "Vendor Name": "Attachmate Corporation", "Module Name": "Attachmate Security Component for Java", "Module Type": "Software", "Validation Date": "06/21/200704/29/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp787.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/787", "detail_available": true, "module_name": "Attachmate Security Component for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Attachmate Security Component for Java provides SSL/TLS and cryptographic services for the Attachmate Reflection for the Web product. Reflection for the Web provides centrally managed terminal emulation within a web browser. This cross-platform, server-based solution connects users to applications on IBM, HP, Unix, and OpenVMS hosts, meeting host access needs while minimizing management costs, maximizing IT flexibility, and ensuring high-level security for administrative, terminal emulation, printer emulation, and file transfer operations." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/786", "Certificate Number": "786", "Vendor Name": "L-3 Communications Linkabit", "Module Name": "MPM-1000", "Module Type": "Hardware", "Validation Date": "06/19/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp786.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/786", "detail_available": true, "module_name": "MPM-1000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The MPM-1000 is a dual-use civilian/military modem used to transport IP data traffic over satellite communication links using a secure Multi-Frequency Time Division Multiple Access (MF-TDMA) protocol. The MPM-1000 also functions as a MIL-STD-165A modem for use in Single Channel Per Carrier (SCPC) Frequency Division Multiple Access (FDMA) satellite communications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/785", "Certificate Number": "785", "Vendor Name": "Siemens PLM Software Inc.", "Module Name": "Teamcenter Cryptographic Module", "Module Type": "Software", "Validation Date": "06/14/200704/09/201006/27/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp785.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/785", "detail_available": true, "module_name": "Teamcenter Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Teamcenter powers innovation and productivity by connecting people and processes with knowledge. Teamcenter is the de facto standard for PLM deployment, providing solutions to drive business performance goals. This includes the need to increase the yield of innovation, compress time-to-market, meet business and regulatory requirements, optimize operational resources and maximize globalization advantages. With this FCAP-FIPS certification status, Teamcenter now offers the best in class and highest levels of encryption to our security-conscious customers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/784", "Certificate Number": "784", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "Reflex Magnetics Cryptographic Library", "Module Type": "Software", "Validation Date": "06/14/200705/02/200805/28/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp784.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/784", "detail_available": true, "module_name": "Reflex Magnetics Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Reflex Magnetics Cryptographic Library v1.0 provides cryptographic support for the Check Point Software Technologies Ltd software products. The module is used to perform various cryptographic services including pseudo random number generation, and encryption/decryption using symmetric and asymmetric algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/783", "Certificate Number": "783", "Vendor Name": "Global Relief Technologies, LLC.", "Module Name": "Rapid Data Management Software (RDMS)", "Module Type": "Software", "Validation Date": "06/14/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp783.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/783", "detail_available": true, "module_name": "Rapid Data Management Software (RDMS)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Rapid Data Management Software (RDMS) is a software application developed by Global Relief Technologies (GRT) designed for installation on a Personal Digital Assistant (PDA) and cellular communications devices. The device is used during humanitarian and relief efforts in order to gather data and information quickly about the surrounding area to better decide where to allocate resources and what resources are needed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/782", "Certificate Number": "782", "Vendor Name": "Schweitzer Engineering Laboratories, Inc.", "Module Name": "SEL-3021 Serial Encrypting Transceiver", "Module Type": "Hardware", "Validation Date": "06/14/200706/20/200705/20/200801/26/200903/30/200912/08/200911/16/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp782.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/782", "detail_available": true, "module_name": "SEL-3021 Serial Encrypting Transceiver", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SEL-3021 Serial Encrypting Transceiver is a bump-in-the-wire encryption device providing strong cryptographic security to new serial communications links and an easy and effective security solution for existing serial communications networks. It is for use on both point-to-point byte oriented communications links and multi-drop networks. The SEL-3021 has preset configuration settings for popular SCADA or PCS protocols like DNP and MODBUS common to PLCs and RTUs. The SEL-3021 also has support for standard MODEM communications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/781", "Certificate Number": "781", "Vendor Name": "ARX (Algorithmic Research)", "Module Name": "PrivateServer", "Module Type": "Hardware", "Validation Date": "06/14/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp781.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/781", "detail_available": true, "module_name": "PrivateServer", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The PrivateServer is a high-performance cryptographic service provider. The PrivateServer performs high-speed cryptographic operations while protecting sensitive data. Its features include DES, Triple-DES, AES, DES-MAC, Triple-DES-MAC, RSA, SHA-1, SHA-256, SHA-512, public key database and certificate support, authenticated and encrypted communication with the module, secure storage of secret/private keys, software key medium and smartcard support, tamper-responsive enclosure, high level API requiring no cryptographic expertise, in-depth logging and auditing, and secure backup capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/780", "Certificate Number": "780", "Vendor Name": "Gemalto", "Module Name": "SafesITe Large Memory Dual Interface Open Platform card", "Module Type": "Hardware", "Validation Date": "05/31/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp780.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/780", "detail_available": true, "module_name": "SafesITe Large Memory Dual Interface Open Platform card", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The SafesITe Large Memory Dual Interface Open Platform card provides powerful features that drive PKI applications, digital signature and access control. With a large data storage capacity and two communication interfaces (contact and contactless), the SafesITe smartcard serves as a highly portable credential for securing personal identity, fraud prevention and supporting issuers' e-services strategies" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/779", "Certificate Number": "779", "Vendor Name": "ViaSat UK Ltd.", "Module Name": "FlagStone Core", "Module Type": "Hardware", "Validation Date": "05/18/200709/12/200707/27/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp779.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/779", "detail_available": true, "module_name": "FlagStone Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The FlagStone Core is a multi-chip embedded cryptographic module used within the FlagStone Corporate and the FlagStone Freedom Drives. The FlagStone Core and subsequently the FlagStone Drives utilising the FlagStone Core provide access control and data encryption services to protect access to data stored on a HDD (Hard Disk Drive). All accessible sectors on a HDD connected to a FlagStone Core are encrypted." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/778", "Certificate Number": "778", "Vendor Name": "Sun Microsystems, Inc.", "Module Name": "Sun Cryptographic Accelerator 6000", "Module Type": "Hardware", "Validation Date": "05/18/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp778.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/778", "detail_available": true, "module_name": "Sun Cryptographic Accelerator 6000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Sun Cryptographic Accelerator 6000 (SCA-6000) is a high performance hardware security module for Sun platforms (SPARC, x86, x64). It is a low-profile, short PCI-E (X8) card consisting of on-board cryptographic acceleration hardware and a secure cryptographic key store. SCA-6000 supports remote management functions. It has serial and USB ports for local administration. It enhances platform performance by off-loading compute intensive cryptographic calculations by accelerating both IPsec and SSL processing, and by performing many financial service functions. Supported on Linux and Solaris-10" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/777", "Certificate Number": "777", "Vendor Name": "Imation Corp.", "Module Name": "Stealth MXP Passport", "Module Type": "Hardware", "Validation Date": "05/18/200708/07/200709/25/200711/06/200712/20/200701/28/200806/23/200805/31/201104/24/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp777.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/777", "detail_available": true, "module_name": "Stealth MXP Passport", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Stealth MXP Passport is a USB mass storage device which implements hardware encryption dependant on user authentication. It provides not only secure encrypted storage, but management of digital identity credentials used for authentication and verification to enterprise and personal services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/776", "Certificate Number": "776", "Vendor Name": "F-Secure Corporation", "Module Name": "F-Secure® Kernel Mode Cryptographic Driver™ for Linux", "Module Type": "Software", "Validation Date": "05/18/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp776.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/776", "detail_available": true, "module_name": "F-Secure® Kernel Mode Cryptographic Driver™ for Linux", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The F-Secure« Cryptographic LibraryÖ is a family of software modules for a number of Windows and Unix platforms. The modules provide an assortment of cryptographic services accessible for clients through a C/C++ Application Programming Interface. The modules are designed and implemented to meet the Level 1 requirements of FIPS publication 140-2 when running on a GPC under various popular versions of Windows and Unix operating systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/775", "Certificate Number": "775", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® Crypto for C", "Module Type": "Software", "Validation Date": "05/18/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp775.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/775", "detail_available": true, "module_name": "IBM® Crypto for C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The ICC is a C language implementation of cryptographic functions which uses the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/774", "Certificate Number": "774", "Vendor Name": "Sagem Orga", "Module Name": "J-IDMark 64 PIV", "Module Type": "Hardware", "Validation Date": "05/18/200704/29/200802/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp774.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/774", "detail_available": true, "module_name": "J-IDMark 64 PIV", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The J-IDMark 64 PIV is a single chip cryptographic module, which combines a PIV FIPS 201 compliant applet (SP 800-73) loaded on J-IDMark 64 Open, a dual (contact & contactless) interface platform compliant with the latest Java CardTM 2.2/Global Platform 2.1.1 specifications, FIPS 140-2 Level 3 Approved and Level 4 Approved for physical security. Thus J-IDMark 64 PIV module is a reliable and standardized solution for PIV systems, which allow managing physical and logical access to Federal government facilities and systems, by help of identity credentials.", "algorithms": [ "AES", "DES", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/773", "Certificate Number": "773", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "Fortress Secure Client", "Module Type": "Software", "Validation Date": "05/18/200706/20/200703/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp773.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/773", "detail_available": true, "module_name": "Fortress Secure Client", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Fortress Secure Client is a software module designed to deliver security on wireless devices such as bar scanners, handhelds, and laptops using various operating systems. A plug-and-play solution, the Client encrypts and decrypts communication across the WLAN and protects the device against attacks without user intervention." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/772", "Certificate Number": "772", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "05/08/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp772.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/772", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/771", "Certificate Number": "771", "Vendor Name": "Gemalto", "Module Name": "GemXpresso R4 E36/E72 PK - MultiApp ID 36K/72K - TOP IM GX4", "Module Type": "Hardware", "Validation Date": "05/08/200702/23/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp771.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/771", "detail_available": true, "module_name": "GemXpresso R4 E36/E72 PK - MultiApp ID 36K/72K - TOP IM GX4", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "GemXpresso R4 E36/E72 PK is based on a Gemplus Open OS Smart Card with a large EEPROM memory. The Smart Card platform provides Random Number generation, 3DES, AES, SHA-1 and RSA up to 2048 bits key length as well as RSA On Board Key generation up to 2048 bits long. The module conforms to Java Card 2.2.1 and Global Platform 2.1.1 standards, and is particularly designed to support any application dedicated to meet the very demanding requirements of multi-application government & enterprise security programs." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/770", "Certificate Number": "770", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "Check Point Crypto Core", "Module Type": "Software", "Validation Date": "05/08/200704/29/200809/02/200805/28/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp770.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/770", "detail_available": true, "module_name": "Check Point Crypto Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Check Point Crypto Core is a 140-2 Level 1 cryptographic module for Win 2K/XP/2K3/Vista, Check Point Pre-Boot, Win Mobile 5, Symbian 9 and Mac OS X. The module provides cryptographic services accessible in pre-boot mode, kernel mode and user mode on the respective platforms through implementation of platform specific binaries." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/769", "Certificate Number": "769", "Vendor Name": "Novell, Inc.", "Module Name": "Novell International Cryptographic Infrastructure (NICI)", "Module Type": "Software", "Validation Date": "05/04/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp769.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/769", "detail_available": true, "module_name": "Novell International Cryptographic Infrastructure (NICI)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Novell International Cryptographic Infrastructure (NICI) is a cryptographic module written in C that employs the BSAFE library to provides keys, algorithms, key storage and usage mechanisms, and a key management system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/768", "Certificate Number": "768", "Vendor Name": "Novell, Inc.", "Module Name": "Novell International Cryptographic Infrastructure (NICI)", "Module Type": "Software", "Validation Date": "05/04/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp768.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/768", "detail_available": true, "module_name": "Novell International Cryptographic Infrastructure (NICI)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Novell International Cryptographic Infrastructure (NICI) is a cryptographic module written in C that employs the BSAFE library to provides keys, algorithms, key storage and usage mechanisms, and a key management system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/767", "Certificate Number": "767", "Vendor Name": "Novell, Inc.", "Module Name": "Novell International Cryptographic Infrastructure (NICI)", "Module Type": "Software", "Validation Date": "05/04/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp767.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/767", "detail_available": true, "module_name": "Novell International Cryptographic Infrastructure (NICI)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Novell International Cryptographic Infrastructure (NICI) is a cryptographic module written in C that employs the BSAFE library to provides keys, algorithms, key storage and usage mechanisms, and a key management system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/766", "Certificate Number": "766", "Vendor Name": "Attachmate Corporation", "Module Name": "Attachmate Crypto Module", "Module Type": "Software", "Validation Date": "05/04/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp766.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/766", "detail_available": true, "module_name": "Attachmate Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Attachmate Crypto Module is used in a range of solutions from Attachmate, provider of host connectivity, systems and security management, and PC lifecycle management products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/765", "Certificate Number": "765", "Vendor Name": "PGP Corporation", "Module Name": "PGP Software Developer's Kit (SDK) Cryptographic Module", "Module Type": "Software", "Validation Date": "05/04/200705/08/200710/22/200703/07/200807/28/200808/21/200812/03/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp765.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/765", "detail_available": true, "module_name": "PGP Software Developer's Kit (SDK) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The PGP SDK Cryptographic Module is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for PGP products including: PGP Whole Disk Encryption, PGP NetShare, PGP Command Line, PGP Universal, and PGP Desktop. It includes a wide range of field-tested and standards-based encryption, digital signature, and encoding algorithms as well as a variety of secure network protocol implementations. The PGP SDK offers developers this same cryptographic library that is at the heart of PGP products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/764", "Certificate Number": "764", "Vendor Name": "Futurex", "Module Name": "Excrypt Cryptographic Module", "Module Type": "Hardware", "Validation Date": "05/04/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp764.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/764", "detail_available": true, "module_name": "Excrypt Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Excrypt Cryptographic Module (ECM) is a tamper-resistant / responding PCI compatible universal module that provides secure cryptographic processing. The ECM features an Ethernet 10 / 100 interface supporting up to 999 sockets, a serial port, and 1000 3DES / 1000 4096-bit RSA battery backed key storage. The ECM provides TDES and PKI support for key management and electronic payment / funds transfer security. The ECM is used in the ExcryptTM SSP, RMC, PCE, KMS, and SKI Series products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/763", "Certificate Number": "763", "Vendor Name": "Atmel Corporation", "Module Name": "jNet Citadel-OS on Atmel AT90SC144144CT", "Module Type": "Hardware", "Validation Date": "05/04/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp763.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/763", "detail_available": true, "module_name": "jNet Citadel-OS on Atmel AT90SC144144CT", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The jNet Citadel-OS on Atmel AT90SC144144CT is a Personal Identity Verification Smart Card, HSPD-12 implementation with dual interface I/O. The secure, smart card native OS is fully compliant with NIST 800-73-1 and FIPS PUB 201-1 requirements. The module is used for physical and logical access control to government resources. The AT90SC144144CT is a low-power, high-performance, 8/16-bit microcontroller with Flash program memory and EEPROM data memory, based on the secureAVR enhanced RISC architecture." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/762", "Certificate Number": "762", "Vendor Name": "Data-Pac Mailing Systems Corp.", "Module Name": "AMERICA2 (PSD)", "Module Type": "Hardware", "Validation Date": "05/04/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp762.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/762", "detail_available": true, "module_name": "AMERICA2 (PSD)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The AMERICA2 (PSD) is a cryptographically secure, tamper proof device capable of storing customer postal credit and then dispensing valid postal indicia. As an embedded multi-chip Cryptographic Device, the AMERICA2 is enclosed within a tamper-response envelope that prevents all physically invasive attacks while still ensuring the retention of all postal data. The AMERICA2 (PSD) generates HMAC indicia as part of Data-Pac's IBI Light Symmetric postage system, which obviates the need for the digital signature used in traditional IBI franking. Data-Pac embeds the AMERICA2 into its line of Digit" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/761", "Certificate Number": "761", "Vendor Name": "Gemalto", "Module Name": "Cyberflex Access E-gate V3", "Module Type": "Hardware", "Validation Date": "05/04/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp761.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/761", "detail_available": true, "module_name": "Cyberflex Access E-gate V3", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The Cyberflex Access E-gate V3 smart card can be employed in solutions which provide secure PKI (public key infrastructure) and digital signature technology. The Cyberflex Access E-gate V3 serves as a highly portable, secure token for enhancing the security of network access and ensuring secure electronic communications. The card incorporates the conventional ISO 7816-3 interface, as well as the USB interface normally resident in the smart card reader, making it especially suitable for usage as a USB token." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/760", "Certificate Number": "760", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "AirFortress® Wireless Security Gateway", "Module Type": "Hardware", "Validation Date": "04/23/200705/22/200703/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp760.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/760", "detail_available": true, "module_name": "AirFortress® Wireless Security Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The AirFortress® Wireless Security Gateway is an electronic encryption module that enforces network access rights and encrypts and decrypts communication across a WLAN. Installed by the vendor onto a production-quality hardware platform and deployable on any LAN or WAN, the AirFortress® Wireless Security Gateway provides encryption, data integrity checking, authentication, access control, and data compression." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/759", "Certificate Number": "759", "Vendor Name": "Icom Inc.", "Module Name": "Digital Unit UT-120 #10 and #11", "Module Type": "Hardware", "Validation Date": "04/13/200711/26/200712/03/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp759.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/759", "detail_available": true, "module_name": "Digital Unit UT-120 #10 and #11", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The UT-120 is an optional unit available for Icom radios that provides digital transmission and reception capabilities, as well as, providing secure communication with FIPS approved AES and non-FIPS approved DES." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/758", "Certificate Number": "758", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "PIX 525 and PIX 535", "Module Type": "Hardware", "Validation Date": "04/11/200705/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp758.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/758", "detail_available": true, "module_name": "PIX 525 and PIX 535", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The market-leading Cisco PIX and ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. Cisco PIX Security Appliances and ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/757", "Certificate Number": "757", "Vendor Name": "Lexmark International, Inc.", "Module Name": "Lexmark PrintCryption", "Module Type": "Firmware", "Validation Date": "04/11/200705/22/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp757.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/757", "detail_available": true, "module_name": "Lexmark PrintCryption", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The Lexmark PrintCryption Card is an option for the Lexmark T, C, W, and X series of output devices that enables the printing of host encrypted data. With this option installed, the printer is capable of decrypting print jobs encrypted with the AES algorithm. The Lexmark PrintCryption Card analyses the encrypted data stream, determines if the correct key was used to encrypt the data, decrypts the data and allows the confidential document to be printed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/756", "Certificate Number": "756", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "Fortress Secure Wireless Access Bridge ES520", "Module Type": "Hardware", "Validation Date": "04/11/200705/22/200712/07/200703/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp756.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/756", "detail_available": true, "module_name": "Fortress Secure Wireless Access Bridge ES520", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Fortress Secure Wireless Access Bridge is an all-in-one network access device housed in a rugged compact chassis, with the most stringent security available today built in. It can serve as a wireless bridge, a WLAN access point, and an eight-port LAN switch, while performing all the functions of a Fortress controller device: encrypting wireless traffic and providing Multi-factor Authentication for devices on the network it protects." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/755", "Certificate Number": "755", "Vendor Name": "Sharp Corporation", "Module Name": "SHARP JCOP31ID FIPS", "Module Type": "Hardware", "Validation Date": "04/11/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp755.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/755", "detail_available": true, "module_name": "SHARP JCOP31ID FIPS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The single-chip module is a 16-bit Sharp processor and a specifically modified version of the IBM JCOP 31-ID Java Card software satisfying the FIPS 140-2 requirements. The single-chip module provides an operational environment with up to 640 kBytes of Cryptographic Officer/Issuer available non-volatile memory. The defined user space allows for multiple validated applets to be concurrently loaded and used, as well as supporting re-issuance capability. The primary purpose for this device is to provide data security for Personnel Identification." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/754", "Certificate Number": "754", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "04/02/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp754.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/754", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/753", "Certificate Number": "753", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "04/02/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp753.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/753", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/752", "Certificate Number": "752", "Vendor Name": "SecureLogix Corporation", "Module Name": "ETM® System Software Application Java Comm Crypto Module, Version 5.0", "Module Type": "Software", "Validation Date": "03/23/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp752.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/752", "detail_available": true, "module_name": "ETM® System Software Application Java Comm Crypto Module, Version 5.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The ETM System is a PBX/soft switch-independent, easy-to-use platform that supports security and management applications for real-time visibility, security, and control of telecommunications resources across the enterprise. Some of the key components of the ETM System are: the Management Server, Report Server, Performance Manager, and Usage Manager. These components are written in the Java programming language and are used in a distributed architecture across an enterprise LAN or WAN. These components utilize a library of Triple DES encryption routines to secure their network communications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/751", "Certificate Number": "751", "Vendor Name": "SecureLogix Corporation", "Module Name": "ETM® System Software Application C Comm Crypto Module, Version 5.0", "Module Type": "Software", "Validation Date": "03/23/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp751.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/751", "detail_available": true, "module_name": "ETM® System Software Application C Comm Crypto Module, Version 5.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The ETM System is a PBX/soft switch-independent, easy-to-use platform that supports security and management applications for real-time visibility, security, and control of telecommunications resources across the enterprise. The ETM System's C Language Applications Dynamic Link Library provides Triple DES encryption routines for Windows-based ETM Applications. The C Language DLL is used to secure network communications between the ETM Collection Server and ETM Call Recorder Cache Appliances." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/750", "Certificate Number": "750", "Vendor Name": "IBM® Corporation", "Module Name": "IBM CryptoLite for C", "Module Type": "Software", "Validation Date": "03/23/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp750.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/750", "detail_available": true, "module_name": "IBM CryptoLite for C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "IBM CryptoLite is a C software package providing advanced cryptographic services in a very small footprint. CryptoLite supports public key encryption, digital signatures, symmetric ciphers, hash functions, message authentication codes, and other cryptographic algorithms through a simple programming interface. There are no runtime dependencies and the code has been optimized for high performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/749", "Certificate Number": "749", "Vendor Name": "Hitachi, Ltd.", "Module Name": "Hitachi One-Passport PKI Card Application on Athena Smartcard Solutions OS755 for Renesas XMobile Card Module", "Module Type": "Hardware", "Validation Date": "03/23/200704/26/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp749.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/749", "detail_available": true, "module_name": "Hitachi One-Passport PKI Card Application on Athena Smartcard Solutions OS755 for Renesas XMobile Card Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The One-Passport PKI solution provides a remote access environment through the Internet for general commercial uses by private companies. It consists of XMC Cards, PC Software, and PDA Software. Under the One-Passport PKI environment, employees such as sales persons can access their corporate mail servers and other corporate information from their satellite office, home, or other places outside the office. In order to avoid unexpected leakage of information during such remote access, the One-Passport PKI solution uses the VPN technique and PKI based authentication method.", "algorithms": [ "DES", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/748", "Certificate Number": "748", "Vendor Name": "Imation Corp.", "Module Name": "Stealth MXP", "Module Type": "Hardware", "Validation Date": "03/14/200705/01/200708/07/200709/25/200711/06/200712/20/200701/28/200806/23/200805/31/201104/24/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp748.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/748", "detail_available": true, "module_name": "Stealth MXP", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Stealth MXP is a USB mass storage device which implements hardware encryption dependant on user authentication. It provides not only secure encrypted storage, but management of digital identity credentials used for authentication and verification to enterprise and personal services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/747", "Certificate Number": "747", "Vendor Name": "SecureLogix Corporation", "Module Name": "ETM® System Firmware Appliance C Comm Crypto Module, Version 5.0", "Module Type": "Firmware", "Validation Date": "03/23/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp747.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/747", "detail_available": true, "module_name": "ETM® System Firmware Appliance C Comm Crypto Module, Version 5.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip embedded", "description": "The ETM System is a PBX/soft switch-independent, easy-to-use platform that supports security and management applications for real-time visibility, security, and control of telecommunications resources across the enterprise. Primary components of the ETM System are the ETM Appliances, custom designed devices installed inline on the telecommunication circuits to monitor and control VoIP, PRI, CAS, SS7, and analog voice traffic. The system uses a C library of TDES encryption routines to secure their network communications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/746", "Certificate Number": "746", "Vendor Name": "Sierra Nevada Corporation", "Module Name": "STS Secure for Linux", "Module Type": "Software", "Validation Date": "03/23/200706/13/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp746.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/746", "detail_available": true, "module_name": "STS Secure for Linux", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The STS Secure for Linux is a FIPS 140-2 Level 1 software module, comprised of the Security Manager Application Service (SMA) and the Netfilter Driver, that runs on a general purpose computer. It is the basis for Inter-4's TACTI-NET networking technology. The primary purpose for the STS Secure software module is to provide data security for all network wireless and/or wired traffic." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/745", "Certificate Number": "745", "Vendor Name": "Sierra Nevada Corporation", "Module Name": "STS Secure for Windows CE", "Module Type": "Software", "Validation Date": "03/23/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp745.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/745", "detail_available": true, "module_name": "STS Secure for Windows CE", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The STS Secure for Windows CE is a FIPS 140-2 Level 1 software module, comprised of the Security Manager Application Service (SMA) and the AES NDIS Filter Driver, that runs on a general purpose computer. It is the basis for Inter-4's TACTI-NET networking technology. The primary purpose for the STS Secure software module is to provide data security for all network wireless and/or wired traffic." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/744", "Certificate Number": "744", "Vendor Name": "Sierra Nevada Corporation", "Module Name": "STS Secure for Windows XP, Embedded XP", "Module Type": "Software", "Validation Date": "03/22/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp744.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/744", "detail_available": true, "module_name": "STS Secure for Windows XP, Embedded XP", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The STS Secure for Windows XP, Embedded XP is a FIPS 140-2 Level 1 software module, comprised of the Security Manager Application Service (SMA), Key Generator Application, and the AES NDIS Filter Driver, that runs on a general purpose computer. It is the basis for Inter-4's TACTI-NET networking technology. The primary purpose for the STS Secure software module is to provide data security for all network wireless and/or wired traffic." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/743", "Certificate Number": "743", "Vendor Name": "Encryption Solutions, Inc.", "Module Name": "SkyLOCK™ Encryption Module", "Module Type": "Software", "Validation Date": "03/09/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp743.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/743", "detail_available": true, "module_name": "SkyLOCK™ Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The SkyLOCK cryptographic module will be used by Encryption Solutions, Inc. to provide clients with a fast, efficient, and secure solution for protecting information, data and files. The SkyLOCK cryptographic module is the core of all products in the SkyLOCK family. With uses including data storage, file transfer, streaming, and email, SkyLOCK products cover a wide range of security applications and needs. These robust software products provide security in both wired and wireless environments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/742", "Certificate Number": "742", "Vendor Name": "Certicom Corp.", "Module Name": "Security Builder® FIPS Module for ADS 1.2", "Module Type": "Software", "Validation Date": "03/01/200707/20/200703/06/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp742.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/742", "detail_available": true, "module_name": "Security Builder® FIPS Module for ADS 1.2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Security Builder® FIPS Module for ADS 1.2 is a standards-based cryptographic toolkit that supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into both mobile and server-based applications. The Security Builder FIPS Module is part of the Certicom Security Architecture, a comprehensive cross-platform security solution which supports multiple cryptographic software and hardware providers with a single common API." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/741", "Certificate Number": "741", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "Ultralock Symmetric Module", "Module Type": "Hardware", "Validation Date": "03/01/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp741.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/741", "detail_available": true, "module_name": "Ultralock Symmetric Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and using the nForce Ultra Asymmetric Module validated to FIPS 140-2 under Cert. #740 and nCipher MiniHSM validated to FIPS 140-2 under Cert. #672 when operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Ultralock Symmetric Module performs all the cryptography required for SSL/TLS applications. This module is a common element of the Britestream BN2010 SSL Security ASIC, the industry's first single-chip solution for completely off-loading SSL/TLS processing from host systems. The innovative in-line architecture combines TCP." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/740", "Certificate Number": "740", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nForce Ultra Asymmetric Module", "Module Type": "Hardware", "Validation Date": "03/01/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp740.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/740", "detail_available": true, "module_name": "nForce Ultra Asymmetric Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nForce Ultra Asymmetric Module performs various tasks associated with cryptographic key management including key generation, key wrapping, secure key storage and secure key transport as well as key zeroization. These functions comply with requirements for archieving FIPS 140-2 certification of the overall system that the module is used in." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/739", "Certificate Number": "739", "Vendor Name": "SafeNet, Inc.", "Module Name": "ProtectServer Gold", "Module Type": "Hardware", "Validation Date": "03/01/200703/20/200704/26/200701/26/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp739.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/739", "detail_available": true, "module_name": "ProtectServer Gold", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The SafeNet PSG Adapter is a high-end intelligent PCI adapter card that provides a wide range of cryptographic functions using firmware and dedicated hardware processors. Access to the PSG is provided via a comprehensive PKCS#11 API, allowing extremely flexible use of the module in a multitude of applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/738", "Certificate Number": "738", "Vendor Name": "3e Technologies International, Inc.", "Module Name": "3e-030-2 Security Server Cryptographic Core", "Module Type": "Software", "Validation Date": "02/08/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp738.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/738", "detail_available": true, "module_name": "3e-030-2 Security Server Cryptographic Core", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The 3e-030-2 Security Server Cryptographic Core (Version 3.0) provides FIPS 140-2 validated cryptographic functionality for the 3eTI Security Server product, a RADIUS-like back-end Authentication Server, capable of dynamic key exchange, support of JITC DoD-signed certificates for PKI usage, and full 802.11i support. The 3e-030-2 provides the following FIPS-approved cryptographic algorithms: AES (ECB mode; 256-bit key size), SHA-1, HMAC-SHA1, RSA sign/verify, FIPS 186-2 (Appendix 3.1 and 3.2 3.3) PRNG. The 3e-030-2 also supports the following non-FIPS cryptographic algorithms: Diffie Hellman" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/737", "Certificate Number": "737", "Vendor Name": "TriCipher, Inc.", "Module Name": "TriCipher Armored Credential System (TACS)", "Module Type": "Hardware", "Validation Date": "02/08/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp737.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/737", "detail_available": true, "module_name": "TriCipher Armored Credential System (TACS)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The TriCipher Armored Credential System (TACS) provides a single platform that can issue and support a flexible range of credentials from a single infrastructure.", "algorithms": [ "DES", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/736", "Certificate Number": "736", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "JUNOS-FIPS-L2 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "02/06/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp736.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/736", "detail_available": true, "module_name": "JUNOS-FIPS-L2 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The JUNOS-FIPS-L2 Cryptographic Module is a multi-chip standalone cryptographic module (for Juniper Networks T-Series and M-Series routers) that executes JUNOS-FIPS firmware. JUNOS-FIPS is a release of the JUNOS operating system, the first routing operating system designed specifically for the Internet. JUNOS is currently deployed in the largest and fastest-growing networks worldwide. A full suite of industrial-strength routing protocols, flexible policy language, and leading MPLS implementation efficiently scale to large numbers of network interfaces and routes." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/735", "Certificate Number": "735", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Datacryptor® SONET/SDH v1.00", "Module Type": "Hardware", "Validation Date": "02/06/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp735.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/735", "detail_available": true, "module_name": "Datacryptor® SONET/SDH v1.00", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Datacryptor« SONET/SDH v1.00 is a multi-chip standalone cryptographic module. It secures communications using signed Diffie-Hellman key exchange and AES-256 encryption over SONET/SDH networks. It provides data encryption and OC-3, OC-12 and OC-48 data rates. The unit also provides integrated secure unit management capability employing the same techniques used for traffic encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/734", "Certificate Number": "734", "Vendor Name": "Thales Communications, Inc.", "Module Name": "Thales 25 Portable Radio", "Module Type": "Hardware", "Validation Date": "02/06/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp734.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/734", "detail_available": true, "module_name": "Thales 25 Portable Radio", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Thales 25 portable radio (T25) is a small, light, and rugged radio that meets the requirements of the Association of Public Safety Communications Officials (APCO) Project 25 Common Air Interface (CAI) Standard. The T25 supports Project (P25) digital voice and data encryption operation, as well as Motorola Key Variable Loader (KVL). It supports full multi-mode operation over a frequency range of 136 to 174 MHz and features high quality, error-corrected, digital voice and AES Encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/733", "Certificate Number": "733", "Vendor Name": "Open Source Software Institute", "Module Name": "OpenSSL FIPS Object Module", "Module Type": "Software", "Validation Date": "02/06/200711/30/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp733.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/733", "detail_available": true, "module_name": "OpenSSL FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and specified in the provided Security Policy. Appendix B of the provided Security Policy specifies the complete set of source files of this module. There shall be no additions, deletions or alterations of this set as used during module build. All source files, including the specified OpenSSL distribution tar file, shall be verified as specified in Appendix B of the provided Security Policy. Installation, protection, and initialization shall be completed as specified in Appendix C of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a FIPS 140-2 non-compliant module.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The OpenSSL FIPS Object Module is a cryptographic library that can be downloaded from http://www.openssl.org/source/", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/732", "Certificate Number": "732", "Vendor Name": "Hitachi, Ltd.", "Module Name": "Personal Identity Verification Application on Hitachi MULTOS Smart Chip", "Module Type": "Hardware", "Validation Date": "01/25/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp732.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/732", "detail_available": true, "module_name": "Personal Identity Verification Application on Hitachi MULTOS Smart Chip", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The HITACHI MULTOS Smart Chip is a single chip for smart cards with a dual interface (contact and contactless), which is compliant with MULTOS. The MULTOS OS is a high-security multi-application smart card operating system and Key Management Infrastructure which provides Card Issuers with the opportunity to define their own card programmes, delivering services with their own smart card applications or those of other third-party Application Providers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/731", "Certificate Number": "731", "Vendor Name": "Taua Biomatica S/A", "Module Name": "Zyt Cryptographic Module", "Module Type": "Hardware", "Validation Date": "01/08/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp731.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/731", "detail_available": true, "module_name": "Zyt Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Taua Biomatica has developed an innovative product, the Zyt, created to offer the highest security level for Internet transactions. It was designed to digitally sign documents and transactions, integrating the most modern biometrical technologies, digital certification and cryptography. It is composed of a fingerprint sensor for the user's positive identification, a smart card reader for private key and digital certificate storage, a liquid crystal for transaction display, and a USB port for communication with the PC." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/730", "Certificate Number": "730", "Vendor Name": "Blue Ridge Networks", "Module Name": "BorderGuard X.509 VPN Client", "Module Type": "Software", "Validation Date": "01/08/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp730.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/730", "detail_available": true, "module_name": "BorderGuard X.509 VPN Client", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The BorderGuard VPN Client is a security enhanced VPN Client which is used for establishment of secure Virtual Private Network with a BorderGuard network security appliance and individual remote access users." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/729", "Certificate Number": "729", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with Wireless Services Module (WiSM)", "Module Type": "Hardware", "Validation Date": "12/21/200608/22/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp729.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/729", "detail_available": true, "module_name": "Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with Wireless Services Module (WiSM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with Wireless Services Module (WiSM) provide unparalleled security, mobility, redundancy, centralized control and scalability for large-scale Government and Enterprise wireless LAN networks and supports the IEEE 802.11i wireless security standard in conjunction with meeting the Wi-Fi Alliances interoperability specification WPA2 to enable a Secure Wireless Architecture. The module supports voice, video and data services, location & asset tracking, integrated intrusion detection & intrusion protection and intelligent radio.", "algorithms": [ "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/728", "Certificate Number": "728", "Vendor Name": "Extreme Networks", "Module Name": "Sentriant CE150", "Module Type": "Hardware", "Validation Date": "12/21/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp728.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/728", "detail_available": true, "module_name": "Sentriant CE150", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Sentriant CE150 is a high performance, integrated security appliance that offers Gigabit Ethernet IPSec encryption. Housed in a tamper evident chassis, it has two Gigabit Ethernet ports. Traffic on the local port is received in the clear, while traffic on the remote port has security processing applied to it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/727", "Certificate Number": "727", "Vendor Name": "Ceragon Networks, Ltd.", "Module Name": "FibeAir®1500P™ Secure Basic Indoor Unit", "Module Type": "Hardware", "Validation Date": "12/21/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp727.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/727", "detail_available": true, "module_name": "FibeAir®1500P™ Secure Basic Indoor Unit", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "High capacity broadband wireless system which provide FIPS compliant secure operation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/726", "Certificate Number": "726", "Vendor Name": "3e Technologies International, Inc.", "Module Name": "3e-523-F2 Secure Multi-function Wireless Data Point", "Module Type": "Hardware", "Validation Date": "12/18/200609/25/200701/28/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp726.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/726", "detail_available": true, "module_name": "3e-523-F2 Secure Multi-function Wireless Data Point", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The 3e-523-F2 operates as either a gateway connecting a local area network to wide area network (WAN), an access point within a wireless local area network (WLAN), a client within a WLAN, or a wireless bridging device. 3eTI software provides the following major services in FIPS mode: Wireless 802.11a/b/g Access Point functionality; Wireless 802.11a/b/g Client functionality; Wireless 802.11a/b/g Bridge functionality; Wireless 802.11a/b/g Mesh functionality (auto-forming, self-healing wireless capability); IEEE 802.11i." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/725", "Certificate Number": "725", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "12/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp725.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/725", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "module_type": "Hardware", "embodiment": "Multi-chip embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/724", "Certificate Number": "724", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "12/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp724.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/724", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "module_type": "Hardware", "embodiment": "Multi-chip embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/723", "Certificate Number": "723", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Secure Generic Sub-System (SGSS), Version 3.3", "Module Type": "Hardware", "Validation Date": "12/18/200609/25/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp723.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/723", "detail_available": true, "module_name": "Secure Generic Sub-System (SGSS), Version 3.3", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Secure Generic Sub-System (SGSS) is a multi-chip embedded module used to provide secure cryptographic resources to a number of products in the Thales e-Security portfolio. This includes the Datacryptor® 2000 family, WebSentry™ family, HSM 8000 family, P3™CM family, PaySentry™, 3D Security Module and SafeSign® Crypto Module. The SGSS contains a secure bootstrap and authenticates application loading using the Digital Signature Algorithm (DSA) and SHA-1 hashing." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/722", "Certificate Number": "722", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "VPN-1", "Module Type": "Firmware", "Validation Date": "12/08/200601/04/200705/02/200805/28/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp722.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/722", "detail_available": true, "module_name": "VPN-1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "Check Point's VPN-1 version NGX (R60) with hot fix HFA-03 is a tightly integrated software solution combining the FireWall-1 (FW-1) security suite with sophisticated Virtual Private Network (VPN) technologies and a hardened Secure Platform operating system (OS). The cornerstone of Check Point's Secure Virtual Network (SVN) architecture, VPN-1 meets the demanding requirements of Internet, intranet, and extranet VPNs by providing secure connectivity to corporate networks, remote and mobile users, branch offices, and business partners." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/721", "Certificate Number": "721", "Vendor Name": "Neopost Technologies", "Module Name": "N30i/N30ig - 135/136 Meter", "Module Type": "Hardware", "Validation Date": "12/08/200612/19/200609/12/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp721.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/721", "detail_available": true, "module_name": "N30i/N30ig - 135/136 Meter", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Cryptographic software module used in the N30i/N30ig - 135/136 Postage Meter." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/720", "Certificate Number": "720", "Vendor Name": "Sterling Commerce, Inc.", "Module Name": "Connect:Direct Secure+ Option", "Module Type": "Software-Hybrid", "Validation Date": "11/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp720.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/720", "detail_available": true, "module_name": "Connect:Direct Secure+ Option", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode using IBM eServer zSeries 900 CMOS Cryptographic Coprocessor validated to FIPS 140-1 under Cert. #118 operating in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "Connect:Direct Secure+ Option provides server-based software file-transfer solutions for high-volume applications. Connect:Direct installations typically perform periodic, high-capacity file transfers between specific servers, often for financial services or federal government applications. This software supports multiple server platforms, including mainframe operating systems, UNIX platforms, and Windows servers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/719", "Certificate Number": "719", "Vendor Name": "Sterling Commerce, Inc.", "Module Name": "Connect:Direct Secure+ Option", "Module Type": "Software", "Validation Date": "11/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp719.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/719", "detail_available": true, "module_name": "Connect:Direct Secure+ Option", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Connect:Direct Secure+ Option provides server-based software file-transfer solutions for high-volume applications. Connect:Direct installations typically perform periodic, high-capacity file transfers between specific servers, often for financial services or federal government applications. This software supports multiple server platforms, including mainframe operating systems, UNIX platforms, and Windows servers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/718", "Certificate Number": "718", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "Fortress Security Controller (FC-X)", "Module Type": "Hardware", "Validation Date": "11/15/200608/31/200703/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp718.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/718", "detail_available": true, "module_name": "Fortress Security Controller (FC-X)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Fortress Security Controller (FC-X) is a high performance electronic encryption module that enforces network access rights and encrypts and decrypts communication across a WLAN. Installed by the vendor onto a custom built multiple processor hardware platform and deployable on any LAN or WAN, the Fortress Security Controller (FC-X) provides encryption, data integrity checking, authentication, access control, and data compression." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/717", "Certificate Number": "717", "Vendor Name": "High Density Devices AS", "Module Name": "SecureD v.1.6.1", "Module Type": "Hardware", "Validation Date": "11/15/200601/05/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp717.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/717", "detail_available": true, "module_name": "SecureD v.1.6.1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "SecureD is a hardware based encryption device that offers optimal, fully integrated, protection for stored data in IDE data bus based computer systems. SecureD operates fully transparent at the speed of ATA-6 AT API. SecureD is using AES 128/192/256 bits encryption/decryption, and is 100% operating system independent. No SW is installed. Ideal for encryption of disks in Desktop environment, Laptop, and USB/Firewire connected disks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/716", "Certificate Number": "716", "Vendor Name": "D'Crypt Private Limited", "Module Name": "d'Cryptor ZE Cryptographic Module", "Module Type": "Hardware", "Validation Date": "11/06/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp716.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/716", "detail_available": true, "module_name": "d'Cryptor ZE Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The d'Cryptor ZE Cryptographic Module is a micro-token targeted at high security embedded applications. Central to the next generation of d'Cryptor products where it serves as a secure coprocessor, the ZE provides cryptographic/key management services, secure key storage and supports interfaces such as UARTs, SSP, infrared, contact/contactless Smartcard and GPIOs." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/715", "Certificate Number": "715", "Vendor Name": "RELM Wireless Corporation", "Module Name": "FIPSCOM Cryptographic Module", "Module Type": "Hardware", "Validation Date": "11/06/200604/26/200712/18/200706/23/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp715.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/715", "detail_available": true, "module_name": "FIPSCOM Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The FIPSCOM is an embedded cryptographic module that provides encryption functions for secure digital communications products. The FIPSCOM can be incorporated into any BK Radio brand subscriber equipment requiring FIPS 140-2, Level 1 security." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/714", "Certificate Number": "714", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE Crypto-J JCE Provider Module", "Module Type": "Software", "Validation Date": "11/02/200612/18/200610/12/200701/04/200810/16/200809/07/201003/28/201101/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp714.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/714", "detail_available": true, "module_name": "RSA BSAFE Crypto-J JCE Provider Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. RSA BSAFE Crypto-J supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/713", "Certificate Number": "713", "Vendor Name": "Sagem Orga", "Module Name": "J-IDMark 64", "Module Type": "Hardware", "Validation Date": "11/02/200601/01/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp713.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/713", "detail_available": true, "module_name": "J-IDMark 64", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The J-IDMark 64 is a single chip cryptographic module, compliant with Global Platform 2.0.1 and Sun Java Card TM 2.1.1. It runs a proprietary Applet, ID v1, which includes the following features: - A PKI-based digital signature for secure transactions and digital certificate management. - Secure storage of data and identification management rights (driving licenses, health care entitlement, car certificate, etc.). - A Match On Card mechanism which performs fingerprint verification. The J-IDMark 64 module meets the requirements to the Level 4 of FIPS 140-2 for physical security." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/712", "Certificate Number": "712", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "10/27/200607/28/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp712.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/712", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/711", "Certificate Number": "711", "Vendor Name": "JVC KENWOOD Corporation", "Module Name": "Secure Cryptographic Module (SCM)", "Module Type": "Hardware", "Validation Date": "10/16/200612/07/201101/31/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp711.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/711", "detail_available": true, "module_name": "Secure Cryptographic Module (SCM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Secure Cryptographic Module (SCM) meets overall FIPS 140-2 Level 1 requirements providing KENWOOD radios secure and encrypted digital communication. The SCM supports 256 bit key AES encryption as well as DES (non-compliant) encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/710", "Certificate Number": "710", "Vendor Name": "Ecutel Systems, Inc.", "Module Name": "Ecutel Cryptographic Service Module", "Module Type": "Software", "Validation Date": "10/16/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp710.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/710", "detail_available": true, "module_name": "Ecutel Cryptographic Service Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Ecurtel Cryptographic Service Module (ECSM) is a cryptographic library that offers cryptographic functionalities to Ecutel products only. It is installed on a machine as a constituent of host application." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/709", "Certificate Number": "709", "Vendor Name": "Phoenix Technologies, Ltd.", "Module Name": "TrustConnector 2 v2.0 with StrongClient v4.0 and StrongROM v3.1", "Module Type": "Software-Hybrid", "Validation Date": "10/17/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp709.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/709", "detail_available": true, "module_name": "TrustConnector 2 v2.0 with StrongClient v4.0 and StrongROM v3.1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Microsoft Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-1 under Cert. #238 operating in FIPS mode", "module_type": "Software-Hybrid", "embodiment": "Multi-chip standalone", "description": "The Phoenix Technologies \"TrustConnector 2\" product is a FIPS 140-2 Level 1 compliant module that implements a standard Cryptographic Service Provider (CSP) for Microsoft CryptoAPI. Phoenix TrustConnector enables built-in device authentication and transparently enhances the way Windows protects identity credentials associated with digital certificates and binds the credentials to the platform to which they are issued." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/708", "Certificate Number": "708", "Vendor Name": "Phoenix Technologies, Ltd.", "Module Name": "TrustConnector 2 v2.0 with StrongClient v4.0", "Module Type": "Software", "Validation Date": "10/11/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp708.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/708", "detail_available": true, "module_name": "TrustConnector 2 v2.0 with StrongClient v4.0", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Microsoft Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-1 under Cert. #238 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Phoenix Technologies \"TrustConnector 2\" product is a FIPS 140-2 Level 1 compliant module that implements a standard Cryptographic Service Provider (CSP) for Microsoft CryptoAPI. Phoenix TrustConnector enables built-in device authentication and transparently enhances the way Windows protects identity credentials associated with digital certificates and binds the credentials to the platform to which they are issued." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/707", "Certificate Number": "707", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 871, 876, 877 and 878 Integrated Services Routers", "Module Type": "Hardware", "Validation Date": "10/11/200605/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp707.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/707", "detail_available": true, "module_name": "Cisco 871, 876, 877 and 878 Integrated Services Routers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cisco 870 Series fixed-configuration integrated services routers support multiple types of DSL technologies, broadband cable, and Metro Ethernet connections in small offices. They run concurrent services, including firewall, intrusion prevention, and encryption for VPNs; optional 802.11b/g for WLAN networking; and quality of service (QoS) features for optimizing voice and video applications. These routers also offer Stateful Inspection Firewall, IP security (IPSec) VPNs, intrusion prevention system (IPS), antivirus support, and secure WLAN 802.11b/g option with use of multiple antennas." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/706", "Certificate Number": "706", "Vendor Name": "Britestream Networks, Inc.", "Module Name": "Britestream nCipher Asymmetric Module", "Module Type": "Hardware", "Validation Date": "09/27/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp706.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/706", "detail_available": true, "module_name": "Britestream nCipher Asymmetric Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Britestream nCipher Asymmetric Module performs various tasks associated with cryptographic key management including key generation, key wrapping, secure key storage and secure key transport as well as key zeroization. These functions comply with requirements for achieving FIPS 140-2 certification of the overall system that the module is used in." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/705", "Certificate Number": "705", "Vendor Name": "SETECS Inc. and Gemalto", "Module Name": "SETECS Inc. OneCARD™ PIV-II Java Card Applet on Gemalto GemCombi'Xpresso R4 E72K PK card", "Module Type": "Hardware", "Validation Date": "09/20/200602/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp705.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/705", "detail_available": true, "module_name": "SETECS Inc. OneCARD™ PIV-II Java Card Applet on Gemalto GemCombi'Xpresso R4 E72K PK card", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "SETECS OneCARD™ is the smart card created as the combination of SETECS OneCARD™ PIV-II Java Card Applet and Gemalto GemCombi'Xpresso R4 E72K PK card. SETECS OneCARD™ Card (PIV Card) is the full implementation of the FIPS 201 card application (PIV applet) with all required access rules and protocols. The PIV Card contains all mandatory and optional data objects, as specified in the NIST Special Publication 800-73-1. The GCX4 is based on a Java platform with 72K EEPROM memory. The module provides dual interfaces (i.e. contact and contactless) where the same security level is achieved." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/704", "Certificate Number": "704", "Vendor Name": "Utimaco® Safeware AG", "Module Name": "SafeGuard Easy", "Module Type": "Software", "Validation Date": "09/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp704.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/704", "detail_available": true, "module_name": "SafeGuard Easy", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SafeGuard Easy (SGE) is a software product designed to protect user data on all types of Personal Computers (PCs) running Microsoft Windows 2000 or Microsoft Windows XP as operating system. SafeGuard Easy is installed on a PC to prevent unauthorised access to user data stored on hard disk partitions. In this context, user data means all files on hard disk partitions, i.e. data files, program files and even files of the operating system. The protection of the user data stored on hard disk partitions is realised by encryption. Encryption is done on sector level - not on file level." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/703", "Certificate Number": "703", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Cygnus X-2 Postal Security Device", "Module Type": "Hardware", "Validation Date": "09/05/200604/26/200705/14/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp703.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/703", "detail_available": true, "module_name": "Cygnus X-2 Postal Security Device", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Pitney Bowes Cygnus X-2 Postal Security Device (PSD) has been designed in compliance with FIPS 140-2 and IPMAR security protection profile in order to support the USPS IBIP and international digital indicia standards globally. The PSD employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes Postage Metering products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/702", "Certificate Number": "702", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 1801, 1802, 1803, 1811 and 1812 Integrated Services Routers Fixed Configuration Models", "Module Type": "Hardware", "Validation Date": "09/05/200605/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp702.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/702", "detail_available": true, "module_name": "Cisco 1801, 1802, 1803, 1811 and 1812 Integrated Services Routers Fixed Configuration Models", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cisco 1800 Series fixed-configuration integrated services routers enable a network infrastructure for SMBs and enterprise small branch offices. They enable deployment of a single device to provide multiple services, including integrated router with redundant link, LAN switch, firewall, VPN, IPS, wireless technology, and quality of service (QoS). The Cisco IOS Software Advanced IP Services feature set facilitates hardware-based IPSec encryption and features such as Cisco IOS Firewall, URL Filtering, IPS support, IPSec VPNs, Dynamic Multipoint VPN (DMVPN), anti-virus support, SSH 2.0, and SNM" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/701", "Certificate Number": "701", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Aironet AP1131AG, AP1232AG, and AP1242AG Wireless Access Points and BR1310G Wireless Bridge", "Module Type": "Hardware", "Validation Date": "08/23/200612/19/200602/27/200708/22/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp701.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/701", "detail_available": true, "module_name": "Cisco Aironet AP1131AG, AP1232AG, and AP1242AG Wireless Access Points and BR1310G Wireless Bridge", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Aironet 1131AG, 1242AG, 1232AG, and 1310G access points deliver the versatility, high capacity, security, and enterprise-class features required for autonomous based Government deployments. In FIPS 140-2 mode of operation, the Cisco APs support the IEEE 802.11i standard and Advanced Encryption Standard (AES). The Cisco APs are Wi-FI CERTIFIED for IEEE 802.11a, IEEE 802.11b and IEEE 802.11g radio standards." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/700", "Certificate Number": "700", "Vendor Name": "Blue Ridge Networks", "Module Name": "BorderGuard 5000 and 6000 Series", "Module Type": "Hardware", "Validation Date": "08/22/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp700.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/700", "detail_available": true, "module_name": "BorderGuard 5000 and 6000 Series", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The BorderGuard hardware models 5100, 5200, 5400, 5500, 5600, 6100, 6200, 6400, 6500, and 6600 version DPF 7.3 firmware are standalone hardware security appliances (routers) used to secure Internet traffic. The module is a multi-chip-standalone device." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/699", "Certificate Number": "699", "Vendor Name": "WinMagic Incorporated", "Module Name": "SecureDoc® Disk Encryption Cryptographic Engine", "Module Type": "Software", "Validation Date": "08/14/200607/02/200707/05/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp699.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/699", "detail_available": true, "module_name": "SecureDoc® Disk Encryption Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The SecureDoc® Cryptographic Engine is the heart of all SecureDoc® products. It provides all cryptographic services as well as the services required for key management and to maintain the user key files." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/698", "Certificate Number": "698", "Vendor Name": "WinMagic Incorporated", "Module Name": "SecureDoc® Disk Encryption Cryptographic Engine", "Module Type": "Software", "Validation Date": "08/14/200607/02/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp698.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/698", "detail_available": true, "module_name": "SecureDoc® Disk Encryption Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The SecureDoc® Cryptographic Engine is the heart of all SecureDoc® products. It provides all cryptographic services as well as the services required for key management and to maintain the user key files." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/697", "Certificate Number": "697", "Vendor Name": "Secure Computing Corporation (Wholly owned subsidiary of McAfee, Inc.)", "Module Name": "SafeWord SecureWire 2500 Identity and Access Management Appliance", "Module Type": "Hardware", "Validation Date": "08/10/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp697.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/697", "detail_available": true, "module_name": "SafeWord SecureWire 2500 Identity and Access Management Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "SafeWord® SecureWire™ is a powerful identity and access management (IAM) appliance that provides lightning fast, ultra-secure access to every application and data resource in your network -- for all remote AND internal connections. SecureWire is ideal for Microsoft environments, plugging right into Active Directory, and it provides complete endpoint device security, a single point for policy enforcement and reporting, and comes standard with SafeWord strong authentication." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/696", "Certificate Number": "696", "Vendor Name": "Secure Computing Corporation (Wholly owned subsidiary of McAfee, Inc.)", "Module Name": "SafeWord SecureWire 500 Identity and Access Management Appliance", "Module Type": "Hardware", "Validation Date": "08/10/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp696.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/696", "detail_available": true, "module_name": "SafeWord SecureWire 500 Identity and Access Management Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "SafeWord® SecureWire™ is a powerful identity and access management (IAM) appliance that provides lightning fast, ultra-secure access to every application and data resource in your network -- for all remote AND internal connections. SecureWire is ideal for Microsoft environments, plugging right into Active Directory, and it provides complete endpoint device security, a single point for policy enforcement and reporting, and comes standard with SafeWord strong authentication." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/695", "Certificate Number": "695", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Aironet LWAPP AP1131AG, Cisco Aironet LWAPP AP1231G, Cisco Aironet LWAPP AP1232AG, and Cisco Aironet LWAPP AP1242AG Wireless Access Points", "Module Type": "Hardware", "Validation Date": "08/04/200606/11/200708/07/200708/22/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp695.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/695", "detail_available": true, "module_name": "Cisco Aironet LWAPP AP1131AG, Cisco Aironet LWAPP AP1231G, Cisco Aironet LWAPP AP1232AG, and Cisco Aironet LWAPP AP1242AG Wireless Access Points", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco LWAPP Aironet 1131, 1232, 1231, and 1242 access points deliver the versatility, high capacity, security, and enterprise-class features required for small, medium and large Government deployments. In FIPS 140-2 mode of operation, the Cisco APs support the IEEE 802.11i and IEEE 802.1x standards and Advanced Encryption Standard (AES) for WPA2 encryption. WPA2 is the Wi-Fi Alliance certification for interoperable, standards-based WLAN security. The Cisco APs are also Wi-FI CERTIFIED for IEEE 802.11a, IEEE 802.11b and IEEE 802.11g radio standards." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/694", "Certificate Number": "694", "Vendor Name": "3e Technologies International, Inc.", "Module Name": "3e-523 and 3e-523-F1 WLAN Products", "Module Type": "Hardware", "Validation Date": "07/21/200608/01/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp694.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/694", "detail_available": true, "module_name": "3e-523 and 3e-523-F1 WLAN Products", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The 3e-523 and 3e-523-F1 WLAN products provide wired connections for Ethernet and Serial devices. This connection can be over an Ethernet 10/100 baseT RJ-45 and/or via RS-232/422/485 interface. The 3e-523 and 3e-523-F1 wireless connection can be configured to use IEEE 802.11a/b/g with Layer 2 AES or TDES encryption. The wireless connectivity is a wireless bridging function to, for example, another 523, a 3e-525A-3 Wireless Access Point, or similar device. The 3e-523 and 3e-523-F1 are ideal for connecting RFID readers, sensors, and other data devices (printers, terminals, etc.) into a secur" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/693", "Certificate Number": "693", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 4402 and 4404 Wireless LAN Controllers", "Module Type": "Hardware", "Validation Date": "07/20/200610/10/200608/22/201102/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp693.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/693", "detail_available": true, "module_name": "Cisco 4402 and 4404 Wireless LAN Controllers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 4400 Series Wireless LAN Controllers provide centralized control and scalability for medium to large-scale Government and Enterprise wireless LAN networks and support the IEEE 802.11i wireless security standard while meeting the Wi-Fi Alliances interoperability specification WPA2 for Secure Wireless Architecture. The Cisco WLAN Controllers support voice, video and data services, intrusion detection, intrusion protection and intelligent radio resource management and comply with the wireless security policies issued by the U.S. Federal Government and the Department of Defense (DoD)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/692", "Certificate Number": "692", "Vendor Name": "Federal Reserve Bank of Boston", "Module Name": "FRBB ePurse v2 on ActivCard Applet v2 on Cyberflex Access 64k v1", "Module Type": "Hardware", "Validation Date": "07/20/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp692.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/692", "detail_available": true, "module_name": "FRBB ePurse v2 on ActivCard Applet v2 on Cyberflex Access 64k v1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The ePurse is a secure payment module which enables a Common Access Card to be used as a payment mechanism at designated locations." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/691", "Certificate Number": "691", "Vendor Name": "Gemalto", "Module Name": "Protiva PIV Applet v1.55 on Protiva TOP DM Card", "Module Type": "Hardware", "Validation Date": "07/20/200612/19/200608/29/200712/20/200707/28/200802/24/201106/09/201102/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp691.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/691", "detail_available": true, "module_name": "Protiva PIV Applet v1.55 on Protiva TOP DM Card", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This module is based on a Java platform (GemCombiXpresso R4 E72 PK ) with 72K EEPROM memory and on the SafesITe FIPS201 applet loaded on the Java Card platform. The Cryptographic Module provides dual interfaces (i.e. contact and contact-less) where the same security level is achieved. The module has on board the following FIPS approved security functions used specifically by the SafesITe FIPS201 applet :P-RNG, Triple DES, SHA-1, RSA algorithms up to 2048 bits key length, and X9.31 RSA On Board Key generation up to 2048 bits long. The module conforms to Java Card 2.1.1, Global Platform 2.1.1, NITS SP-800-73-1, and is very well suited for US Government and Federal projects where FIPS-201, PIV-II compliance is required." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/690", "Certificate Number": "690", "Vendor Name": "", "Module Name": "", "Module Type": "Hardware", "Validation Date": "07/19/200608/30/200602/17/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp690.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/690", "detail_available": true, "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "module_type": "Hardware", "embodiment": "Single-chip" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/689", "Certificate Number": "689", "Vendor Name": "Neopost Technologies", "Module Name": "C95i Secure Metering Module (SMM)", "Module Type": "Hardware", "Validation Date": "07/14/200610/03/200604/26/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp689.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/689", "detail_available": true, "module_name": "C95i Secure Metering Module (SMM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The IJ40/50/60 are Neopost mid range of Franking products that incorporate a secure metering module for producing a highly secure franking impressions to meet CPC requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/688", "Certificate Number": "688", "Vendor Name": "DigitalGlobe Inc.", "Module Name": "WorldView Wideband Transmitter FPGA", "Module Type": "Hardware", "Validation Date": "07/13/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp688.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/688", "detail_available": true, "module_name": "WorldView Wideband Transmitter FPGA", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "Bypass capability excluded from FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The WorldView Wideband Tramsmitter FPGA provides AES encryption services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/687", "Certificate Number": "687", "Vendor Name": "TecSec Incorporated", "Module Name": "CKM® Cryptographic Module", "Module Type": "Software", "Validation Date": "07/13/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp687.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/687", "detail_available": true, "module_name": "CKM® Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "TecSec® IncorporatedÆs Constructive Key Management« (CKM®) Cryptographic Module (CKMCRYPTO_FIPS.DLL) (Software version 2.0.0.11) is a FIPS 140-2 Level 1 compliant, general purpose, software based cryptographic module running upon the Microsoft« Windows« Operating System (in single user mode)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/686", "Certificate Number": "686", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeEnterprise™ Encryptor, Model 600", "Module Type": "Hardware", "Validation Date": "07/11/200604/09/200704/26/200712/07/200703/07/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp686.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/686", "detail_available": true, "module_name": "SafeEnterprise™ Encryptor, Model 600", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeEnterprise™ Encryptor, Model 600 provides data privacy and access control for connections between vulnerable public and private networks. It employs FIPS approved AES and Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in 155Mbps (OC-3), 622Mbps (OC-12), 1.0Gbps, and 2.4Gbps (OC-48) networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/685", "Certificate Number": "685", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna®PCI Cryptographic Module V2", "Module Type": "Hardware", "Validation Date": "06/26/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp685.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/685", "detail_available": true, "module_name": "Luna®PCI Cryptographic Module V2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Luna PCI-1200 is a high assurance cryptographic accelerator PCI card contained in a secure enclosure that provides physical resistance to tampering and zeroization of plaintext keys in the event the enclosure is opened. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI card. The Luna PCI-1200 provides over 1200 asymmetric 1024-bit RSA signing operations per second and is ideally suited to high-volume digital signing, encryption, and key generation applications.", "algorithms": [ "AES", "DES", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/684", "Certificate Number": "684", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® PCI Cryptographic Module V2", "Module Type": "Hardware", "Validation Date": "06/26/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp684.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/684", "detail_available": true, "module_name": "Luna® PCI Cryptographic Module V2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Luna PCI-1200 is a high assurance cryptographic accelerator PCI card contained in a secure enclosure that provides physical resistance to tampering and zeroization of plaintext keys in the event the enclosure is opened. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI card. The Luna PCI-1200 provides over 1200 asymmetric 1024-bit RSA signing operations per second and is ideally suited to high-volume digital signing, encryption, and key generation applications.", "algorithms": [ "AES", "DES", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/683", "Certificate Number": "683", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nToken", "Module Type": "Hardware", "Validation Date": "06/26/200606/24/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp683.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/683", "detail_available": true, "module_name": "nToken", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher nToken Hardware Security Module improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/682", "Certificate Number": "682", "Vendor Name": "Kanguru Solutions", "Module Name": "KanguruLock", "Module Type": "Software", "Validation Date": "06/26/200604/26/200704/30/200706/21/200702/21/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp682.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/682", "detail_available": true, "module_name": "KanguruLock", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Kanguru Solutions is the leader in portable secure storage devices. KanguruLock, featured in the KanguruMicro Drive AES USB 2.0 Flash Drive, addresses security concerns and information assurance by incorporating 256-bit AES encryption technology to portable storage devices." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/681", "Certificate Number": "681", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nCipher 1600 PCI, nCipher 1600 PCI for NetHSM, and nCipher 800 PCI", "Module Type": "Hardware", "Validation Date": "06/19/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp681.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/681", "detail_available": true, "module_name": "nCipher 1600 PCI, nCipher 1600 PCI for NetHSM, and nCipher 800 PCI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher modules: nCipher 1600 PCI, nCipher 1600 PCI for NetHSM, nCipher 800 PCI family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/680", "Certificate Number": "680", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nCipher 800 PCI, nCipher 1600 PCI, and nCipher 1600 PCI for NetHSM", "Module Type": "Hardware", "Validation Date": "06/19/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp680.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/680", "detail_available": true, "module_name": "nCipher 800 PCI, nCipher 1600 PCI, and nCipher 1600 PCI for NetHSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher modules: nCipher 800 PCI, nCipher 1600 PCI, nCipher 1600 PCI for NetHSM family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/679", "Certificate Number": "679", "Vendor Name": "SPYRUS, Inc.", "Module Name": "LYNKS Series II", "Module Type": "Hardware", "Validation Date": "06/19/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp679.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/679", "detail_available": true, "module_name": "LYNKS Series II", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The LYNKS Series II Hardware Security Module (HSM) supports the new \"Suite B\" algorithms, including elliptic curve cryptography with ECDSA signatures, AES, and the \"SHA-2\" algorithms. Available with either PCMCIA or USB interfaces." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/678", "Certificate Number": "678", "Vendor Name": "MRV Communications", "Module Name": "LX-8020S and LX-8040S Series Console Servers", "Module Type": "Hardware", "Validation Date": "06/19/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp678.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/678", "detail_available": true, "module_name": "LX-8020S and LX-8040S Series Console Servers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The LX-8000S 20 and 40 port Dual AC and DC units with an optional internal modem add high-end NEBS console management to MRV's LX Series Console Servers. The Linux based system is tuned for optimal performance, security and reliability. The LX-8000S models are designed for telco and data center applications that demand high quality and reliability standards, dual power and NEBS Level-3 Certification." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/677", "Certificate Number": "677", "Vendor Name": "Gemalto", "Module Name": "SafesITe TOP DM GX4 - FIPS with ActivIdentity Digital Identity Applet Suite v2", "Module Type": "Hardware", "Validation Date": "06/12/200612/19/200603/01/200707/28/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp677.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/677", "detail_available": true, "module_name": "SafesITe TOP DM GX4 - FIPS with ActivIdentity Digital Identity Applet Suite v2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This module is based on a Gemalto Dual Interface (Contact ISO7816 and Contactless ISO14443) Open OS Smart Card with a large (72K EEPROM) memory, with a cryptographic applet suite V 2.6.1 developed by ActivIdentity. The SmartCard platform has on board Triple DES and RSA up to 2048 algorithms and provides X9.31 on board key generation. The Applet Suite supports management of 3DES keys and PINs, and provides services for authentication, access control, generic container and PKI . The module conforms to Java Card 2.2.1, Global Platform 2.1.1 and GSC/IS 2.1 standards." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/676", "Certificate Number": "676", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 6506, 6509, 6506(E), 6509(E), 7606 and 7609 Routers With VPN Services Module", "Module Type": "Hardware", "Validation Date": "05/22/200605/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp676.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/676", "detail_available": true, "module_name": "Cisco Catalyst 6506, 6509, 6506(E), 6509(E), 7606 and 7609 Routers With VPN Services Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Catalyst 6500 series switches and the Cisco 7606 and Cisco 7609 routers with the VPN Services Module offer versatility, integration, and security to branch offices. With numerous network modules and service modules available, the modular architecture of the Cisco router easily allows interfaces to be upgraded to accommodate network expansion. The Catalyst 6500 series switches and the Cisco 7606 and Cisco 7609 routers provide a scalable, secure, manageable remote access server that meets FIPS 140-2 Level 2 requirements.", "algorithms": [ "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/675", "Certificate Number": "675", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F3 Ultrasign PCI, nShield F3 Ultrasign 32 PCI, nCipher F3 PCI for NetHSM, payShield Ultra PCI, payShield Ultra PCI for NetHSM, nShield F3 PCI, payShield PCI, nShield F3 PCI and nShield lite", "Module Type": "Hardware", "Validation Date": "05/22/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp675.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/675", "detail_available": true, "module_name": "nShield F3 Ultrasign PCI, nShield F3 Ultrasign 32 PCI, nCipher F3 PCI for NetHSM, payShield Ultra PCI, payShield Ultra PCI for NetHSM, nShield F3 PCI, payShield PCI, nShield F3 PCI and nShield lite", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/674", "Certificate Number": "674", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F3 Ultrasign PCI, nShield F3 Ultrasign 32 PCI, nCipher F3 PCI for NetHSM, payShield Ultra PCI, payShield Ultra PCI for NetHSM, nShield F3 PCI, payShield PCI, nShield F3 PCI and nShield lite", "Module Type": "Hardware", "Validation Date": "05/22/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp674.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/674", "detail_available": true, "module_name": "nShield F3 Ultrasign PCI, nShield F3 Ultrasign 32 PCI, nCipher F3 PCI for NetHSM, payShield Ultra PCI, payShield Ultra PCI for NetHSM, nShield F3 PCI, payShield PCI, nShield F3 PCI and nShield lite", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/673", "Certificate Number": "673", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "7206VXR NPE-G1and 7301 with VAM2+", "Module Type": "Hardware", "Validation Date": "05/15/200605/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp673.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/673", "detail_available": true, "module_name": "7206VXR NPE-G1and 7301 with VAM2+", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cisco Modular Access Routers are routers that provide data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/672", "Certificate Number": "672", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "MiniHSM", "Module Type": "Hardware", "Validation Date": "05/11/200608/29/200606/24/200804/05/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp672.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/672", "detail_available": true, "module_name": "MiniHSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher MiniHSM is a fully featured HSM supplied in a single chip package. The MiniHSM offers all the security and key management features of other nCipher modules - but with reduced processing speed. The MiniHSM is an OEM part and will be included within other appliances or products, for example switches or routers. The MiniHSM's real time clock, also makes it suitable for use as a time-stamping engine." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/671", "Certificate Number": "671", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "MiniHSM", "Module Type": "Hardware", "Validation Date": "05/11/200608/29/200606/24/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp671.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/671", "detail_available": true, "module_name": "MiniHSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher MiniHSM is a fully featured HSM supplied in a single chip package. The MiniHSM offers all the security and key management features of other nCipher modules - but with reduced processing speed. The MiniHSM is an OEM part and will be included within other appliances or products, for example switches or routers. The MiniHSM's real time clock, also makes it suitable for use as a time-stamping engine." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/670", "Certificate Number": "670", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield 4000 [1], nShield 2000 [2], nShield 2000 for netHSM [3], nShield 800 [4], nShield 500 [5], nShield 500 for netHSM [6] and nShield Plus [7]", "Module Type": "Hardware", "Validation Date": "05/11/200606/14/200612/20/200604/29/200806/24/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp670.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/670", "detail_available": true, "module_name": "nShield 4000 [1], nShield 2000 [2], nShield 2000 for netHSM [3], nShield 800 [4], nShield 500 [5], nShield 500 for netHSM [6] and nShield Plus [7]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher modules: nCipher 4000 PCI, nShield 800 PCI, and nShield Plus PCI family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/669", "Certificate Number": "669", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield 4000 [1], nShield 2000 [2], nShield 2000 for netHSM [3], nShield 800 [4], nShield 500 [5], nShield 500 for netHSM [6] and nShield Plus [7]", "Module Type": "Hardware", "Validation Date": "05/11/200606/14/200612/20/200606/24/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp669.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/669", "detail_available": true, "module_name": "nShield 4000 [1], nShield 2000 [2], nShield 2000 for netHSM [3], nShield 800 [4], nShield 500 [5], nShield 500 for netHSM [6] and nShield Plus [7]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher modules: nCipher 4000 PCI, nShield 800 PCI, and nShield Plus PCI family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/668", "Certificate Number": "668", "Vendor Name": "Oberthur Card Systems", "Module Name": "Oberthur PIV EP v1 on ID-One Cosmo 64 v5 D", "Module Type": "Hardware", "Validation Date": "05/02/200607/27/200702/06/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp668.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/668", "detail_available": true, "module_name": "Oberthur PIV EP v1 on ID-One Cosmo 64 v5 D", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The PIV EP v1 is a fully validated PIV-II « End Point » smart card to answer HSPD12. It offers Identity proofing (storage of personal data), User authentication, Card authentication, digital signature, encryption and secure post issuance management. To increase flexibility and customization capabilities, the card supports all PIV optional data containers from SP800-73-1, plus additional non-PIV containers and keys configurable during manufacturing. A built-in Card Single Sign-On application allows multiple on card applications to share the same Card Holder Verification Method (Global PIN)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/667", "Certificate Number": "667", "Vendor Name": "Francotyp-Postalia GmbH", "Module Name": "Postal Revenector Canada", "Module Type": "Hardware", "Validation Date": "05/02/200606/26/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp667.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/667", "detail_available": true, "module_name": "Postal Revenector Canada", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Postal Revenector Canada is an embedded hardware module which provides security critical services for postage meters in the Canadian market. It is used to support new secure methods of applying postage." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/666", "Certificate Number": "666", "Vendor Name": "Francotyp-Postalia GmbH", "Module Name": "Revenector", "Module Type": "Hardware", "Validation Date": "05/02/200605/30/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp666.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/666", "detail_available": true, "module_name": "Revenector", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Revenector is an embedded security device that can enhance the security of various kinds of appliances and computerized devices. The hardware of Revenector is designed to protect critical security parameters as well as application specific revenues. Its firmware enables hosting systems to load or update signed application specific firmware." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/665", "Certificate Number": "665", "Vendor Name": "Francotyp-Postalia GmbH", "Module Name": "Postal Revenector", "Module Type": "Hardware", "Validation Date": "05/02/200601/01/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp665.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/665", "detail_available": true, "module_name": "Postal Revenector", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Francotyp-Postalia Postal Revenector employs strong encryption, decryption, and digital signature techniques for the protection of customer revenues in Francotyp-Postalia's mail handlers. The Postal Revenector has been designed in compliance with the United States Postal Services (USPS), Information-Based Indicia Program (IBIP)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/664", "Certificate Number": "664", "Vendor Name": "Zix Corporation", "Module Name": "ZixCorp Crypto Module", "Module Type": "Software", "Validation Date": "04/26/200606/04/200907/08/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp664.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/664", "detail_available": true, "module_name": "ZixCorp Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The ZixCorp Crypto Module provides email encryption using a FIPS 140-2 level 1 validated cryptographic module. As part of the Zix Email Encryption Service, the ZixCorp Crypto Module provides highly secure email communication between Zix customers and their business partners. The approved cryptographic algorithms included in the module are: AES, Triple- DES, RSA, SHA-1, HMAC SHA-1 and FIPS 186-2 Appendix 3.1 RNG." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/663", "Certificate Number": "663", "Vendor Name": "3e Technologies International, Inc.", "Module Name": "3e-010F-A-2 Cryptomodule and 3e-010F-C-2 Cryptomodule", "Module Type": "Software", "Validation Date": "04/26/200608/01/200608/29/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp663.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/663", "detail_available": true, "module_name": "3e-010F-A-2 Cryptomodule and 3e-010F-C-2 Cryptomodule", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The 3e-010F-A-2 and 3e-010F-C-2 Crypto Clients provide standard 802.11a/b/g wireless access along with enhanced protection through a variety of cryptographic features, providing a high level of security for wireless environments. In FIPS 140-2 mode (highly secure), encryption can be set for None, Static AES, Static 3DES, Dynamic Key Exchange and WPA2 Enterprise and Personal (AES-CCM). In non-FIPS mode, one can select None, Static AES, Static 3DES, Dynamic Key Exchange, Static WEP, WPA-Enterprise and Personal (TKIP or AES-CCM) and WPA2-Enterprise and Personal (TKIP or AES-CCM)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/662", "Certificate Number": "662", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "AirFortress ® AF1100 Wireless Cryptographic Module", "Module Type": "Hardware", "Validation Date": "04/26/200603/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp662.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/662", "detail_available": true, "module_name": "AirFortress ® AF1100 Wireless Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The AirFortress® AF1100 Wireless Cryptographic Module is an electronic encryption module that enforces network access rights and encrypts and decrypts communication across a WLAN. Installed by the vendor onto a production-quality hardware and deployable on any LAN or WAN, the AirFortress® AF1100 Wireless Cryptographic Module provides encryption, data integrity checking, authentication, access control, and data compression." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/661", "Certificate Number": "661", "Vendor Name": "IBM® Corporation", "Module Name": "IBM eServer Cryptographic Coprocessor Security Module", "Module Type": "Hardware", "Validation Date": "04/26/200606/14/200604/30/200709/25/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp661.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/661", "detail_available": true, "module_name": "IBM eServer Cryptographic Coprocessor Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 4, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The IBM eServer Cryptographic Coprocessor Security Module, is a tamperresponding, programmable, cryptographic PCIX card, containing CPU, encryption hardware, RAM, EEPROM, hardware random number generator, time of day clock, firmware, and software. The Coprocessor is designed as a feature in IBM eServer zSeries and iSeries servers; and for use in IBM eServer xSeries." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/660", "Certificate Number": "660", "Vendor Name": "Authenex, Inc.", "Module Name": "Authenex A-Key", "Module Type": "Hardware", "Validation Date": "04/26/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp660.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/660", "detail_available": true, "module_name": "Authenex A-Key", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Authenex A-Key provides two factor strong authentication for the mobile user, with an embedded suite of applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/659", "Certificate Number": "659", "Vendor Name": "Neopost Technologies", "Module Name": "C20ND-C21ND Secure Metering Module", "Module Type": "Hardware", "Validation Date": "04/26/200610/03/200612/19/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp659.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/659", "detail_available": true, "module_name": "C20ND-C21ND Secure Metering Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The C20ND module is a postage meter supporting accounting and cryptographic functions including the generation of 2D barcodes with ECDSA signatures for secure electronic transactions. Associated with a document transport system and an inkjet print-head, the module is capable of processing up to 250 envelopes per minute." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/658", "Certificate Number": "658", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 6506, 6509, 6506(E), 6509(E), 7606 and 7609 Routers \nWith IPSec VPN SPA", "Module Type": "Hardware", "Validation Date": "04/20/200605/16/200605/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp658.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/658", "detail_available": true, "module_name": "Cisco Catalyst 6506, 6509, 6506(E), 6509(E), 7606 and 7609 Routers With IPSec VPN SPA", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Catalyst 6500 series switches and the Cisco 7606 and Cisco 7609 routers with the IPSec VPN SPA offer versatility, integration, and security to branch offices. With numerous network modules and service modules available, the modular architecture of the Cisco router easily allows interfaces to be upgraded to accommodate network expansion. The Catalyst 6500 series switches and the Cisco 7606 and Cisco 7609 routers provide a scalable, secure, manageable remote access server that meets FIPS 140-2 Level 2 requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/657", "Certificate Number": "657", "Vendor Name": "Tutarus Corporation", "Module Name": "TRAKRON", "Module Type": "Software", "Validation Date": "04/13/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp657.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/657", "detail_available": true, "module_name": "TRAKRON", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The TRAKRON module is a software module packaged as a Dynamic-link Library (DLL) on Windows. The library can be used on Microsoft Windows NT, 2000, and XP operating systems. The TRAKRON module provides high-level encryption for Tutarusªs security products.", "algorithms": [ "AES", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/656", "Certificate Number": "656", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "PIX 515 and PIX 515E", "Module Type": "Hardware", "Validation Date": "04/14/200603/20/200705/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp656.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/656", "detail_available": true, "module_name": "PIX 515 and PIX 515E", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The market-leading Cisco PIX and ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-todeploy solutions. Cisco PIX Security Appliances and ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/655", "Certificate Number": "655", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "ASA 5510, ASA 5520 and ASA 5540", "Module Type": "Hardware", "Validation Date": "04/14/200605/28/201002/23/201201/01/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp655.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/655", "detail_available": true, "module_name": "ASA 5510, ASA 5520 and ASA 5540", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/654", "Certificate Number": "654", "Vendor Name": "Tutarus Corporation", "Module Name": "SRKCRYPTO", "Module Type": "Software", "Validation Date": "04/06/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp654.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/654", "detail_available": true, "module_name": "SRKCRYPTO", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SRKCRYPTO is a digital data encryption library that provides encryption services for Tutarus products. SRKCRYPTO is a unique encryption engine in that it generates a new random key each time data needs to be encrypted. This provides a higher level of security required for the most sensitive data protection.", "algorithms": [ "AES", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/653", "Certificate Number": "653", "Vendor Name": "CipherOptics Inc.", "Module Name": "CipherOptics SG100 and CipherOptics SG1002", "Module Type": "Hardware", "Validation Date": "04/06/200608/16/200606/14/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp653.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/653", "detail_available": true, "module_name": "CipherOptics SG100 and CipherOptics SG1002", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The CipherOptics SG100 and SG1002 are high performance, integrated security appliances that offer Gigabit and 10/100 Ethernet IPSec encryption respectively. Housed in a tamper evident chassis, have two ethernet ports. Traffic on the local port is received in the clear, while traffic on the remote port has security processing applied to it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/652", "Certificate Number": "652", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield 500 [1], nShield 500 for netHSM [2] and nShield Lite [3]", "Module Type": "Hardware", "Validation Date": "04/06/200606/29/200612/20/200606/24/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp652.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/652", "detail_available": true, "module_name": "nShield 500 [1], nShield 500 for netHSM [2] and nShield Lite [3]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher modules: nShield 500 & nShield Lite family of secure ecommerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/651", "Certificate Number": "651", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield 500 [1], nShield 500 for netHSM [2] and nShield Lite [3]", "Module Type": "Hardware", "Validation Date": "04/06/200606/29/200612/20/200606/24/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp651.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/651", "detail_available": true, "module_name": "nShield 500 [1], nShield 500 for netHSM [2] and nShield Lite [3]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher modules: nShield 500 & nShield Lite family of secure ecommerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/650", "Certificate Number": "650", "Vendor Name": "Ian Donnelly Systems, Inc.", "Module Name": "KEY-UP", "Module Type": "Hardware", "Validation Date": "04/03/200605/18/200905/18/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp650.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/650", "detail_available": true, "module_name": "KEY-UP", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "KEY-UP V5.0 security encryption devices for electronic funds transfer applications utilize the latest security specifications mandated by the American National Standard Institute (ANSI) while offering significant performance improvements and lower cost per transaction." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/649", "Certificate Number": "649", "Vendor Name": "Aruba Networks, Inc.", "Module Name": "Aruba 800, 5000 and 6000™ Mobility Controller with ArubaOS FIPS Software", "Module Type": "Hardware", "Validation Date": "04/03/200608/10/200603/01/200704/30/200706/21/200708/31/200710/12/200710/22/200704/04/200805/09/200803/14/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp649.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/649", "detail_available": true, "module_name": "Aruba 800, 5000 and 6000™ Mobility Controller with ArubaOS FIPS Software", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba Networks' Mobility Controller system completely changes how 802.11 networks are deployed, secured, and managed. The only mobile security system with an integrated ICSA-certified stateful firewall and hardware-based encryption, the Aruba mobility controller is the industry's highest performing and most scalable enterprise mobility platform on the market today. Aruba offers the industry's only modular and stackable mobility controllers from every enterprise environment. Now, administrators are freed from the costly and time-consuming process of managing individual APs. And as security standards change and new mobile services emerge, they are easily implemented at the controller and propagated throughout the enterprise." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/648", "Certificate Number": "648", "Vendor Name": "3Com Corporation", "Module Name": "3Com Embedded Firewall PCI Cards", "Module Type": "Hardware", "Validation Date": "04/03/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp648.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/648", "detail_available": true, "module_name": "3Com Embedded Firewall PCI Cards", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Offers hardware embedded encryption and authentication and Fast Ethernet Connectivity for fiber and copper cabled lan." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/647", "Certificate Number": "647", "Vendor Name": "Gemalto", "Module Name": "ActivIdentity Digital Identity Applet Suite V2 on Gemalto SafesITe TOP IM CY2 (aka Cyberflex Access 64K V2)", "Module Type": "Hardware", "Validation Date": "04/03/200605/26/200608/29/200607/28/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp647.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/647", "detail_available": true, "module_name": "ActivIdentity Digital Identity Applet Suite V2 on Gemalto SafesITe TOP IM CY2 (aka Cyberflex Access 64K V2)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This product can be configured to use with suite V2.3.0c for GSC-IS v2.1 support, and with suite V2.6.1 for both GSC-IS v2.1 support and SP800-73 Transitional Card Edge support (for HSPD12/PIV)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/646", "Certificate Number": "646", "Vendor Name": "PostX Corporation", "Module Name": "PostX FIPS Cryptography Kernel", "Module Type": "Software", "Validation Date": "04/03/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp646.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/646", "detail_available": true, "module_name": "PostX FIPS Cryptography Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The PostX Messaging Application Platform is a trusted email solution that is an enterprise-class platform for encrypting ad hoc emails internal and external to the customer's network. As a compliance and enterprise solution, PostX MAP provides companies the options of deployment, when and how to encrypt, and policy enforcement from 100% on the desktop, 100% at the gateway, or any combination of gateway and desktop. The PostX FIPS Cryptography Kernel is the software module that provides the basic cryptographic functionality for the Messaging Application Platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/645", "Certificate Number": "645", "Vendor Name": "SafeNet, Inc.", "Module Name": "CGX Cryptographic Module", "Module Type": "Software", "Validation Date": "04/03/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp645.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/645", "detail_available": true, "module_name": "CGX Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Based on SafeNet's 20 years of security expertise and the most widely deployed VPN software in the industry, the CGX Cryptographic Library provides a high-level software interface to SafeNet SafeXcel™ VPN acceleration chips, cards, and EmbeddedIP™ intellectual property. The CGX library can be used as an API to hardware accelerators or for compiling software implementations of the latest industry standard algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/644", "Certificate Number": "644", "Vendor Name": "SafeNet, Inc.", "Module Name": "CGX Cryptographic Module", "Module Type": "Software", "Validation Date": "04/03/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp644.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/644", "detail_available": true, "module_name": "CGX Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Based on SafeNet's 20 years of security expertise and the most widely deployed VPN software in the industry, the CGX Cryptographic Library provides a high-level software interface to SafeNet SafeXcel™ VPN acceleration chips, cards, and EmbeddedIP™ intellectual property. The CGX library can be used as an API to hardware accelerators or for compiling software implementations of the latest industry standard algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/643", "Certificate Number": "643", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet Enterprise ATM Encryptor II, Model 600", "Module Type": "Hardware", "Validation Date": "03/22/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp643.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/643", "detail_available": true, "module_name": "SafeNet Enterprise ATM Encryptor II, Model 600", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "Note: Refer to the cryptographic module’s security policy for the details on the letter x designation", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeEnterpriseTM ATM Encryptor II provides data privacy and access control for connections between vulnerable public and private ATM networks. It employs federally endorsed AES and Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in ATM T1, E1, T3, E3, OC-3c and OC-12c networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/642", "Certificate Number": "642", "Vendor Name": "Open Source Software Institute", "Module Name": "OpenSSL FIPS Object Module", "Module Type": "Software", "Validation Date": "03/22/200603/29/200606/21/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp642.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/642", "detail_available": true, "module_name": "OpenSSL FIPS Object Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and specified in the provided Security Policy. Appendix B of the provided Security Policy specifies the complete set of source files of this module. There shall be no additions, deletions or alterations of this set as used during module build. All source files shall be verified as specified in Appendix B of the provided Security Policy. Installation, protection, and initialization shall be completed as specified in Appendix C of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a FIPS 140-2 non-compliant module.", "module_type": "Software", "embodiment": "Multi-chip standalone", "algorithms": [ "AES", "DES", "DSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/641", "Certificate Number": "641", "Vendor Name": "Entrust, Inc.", "Module Name": "Entrust TruePass™ Applet Cryptographic Module", "Module Type": "Software", "Validation Date": "03/22/200605/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp641.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/641", "detail_available": true, "module_name": "Entrust TruePass™ Applet Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with FIPS validated browser services operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Entrust TruePass Applet Cryptographic Module 8.0 performs low level cryptographic operations - encryption, decryption and hashes - implemented in software using the high-level Java programming language. Currently, the module is imbedded into an applet as part of the TruePass product suite that allows integration of cryptographic security into web applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/640", "Certificate Number": "640", "Vendor Name": "3e Technologies International, Inc.", "Module Name": "3e-525A-3 and 3e-525V-3 AirGuard™ Wireless Access Point", "Module Type": "Hardware", "Validation Date": "03/22/200608/01/200602/12/200704/26/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp640.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/640", "detail_available": true, "module_name": "3e-525A-3 and 3e-525V-3 AirGuard™ Wireless Access Point", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The AirGuardTM model 525A-3 and model 525V-3 Wireless Access Points are packaged in rugged IP 66 weatherproof enclosure and conforms to 802.11a/b/g wireless standards. They provide access point, gateway, bridge/repeater, and mesh networking for wireless applications. In access point or gateway mode, the 525A-3 can establish links to laptops, PDAs and other wireless devices at data rates from 11 Mbps up to 108 Mbps. The 525V-3 incorporates an extra video module to provide capability for remote video surveillance and camera control." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/639", "Certificate Number": "639", "Vendor Name": "ActivIdentity, Inc.", "Module Name": "ActivIdentity Digital Identity Applet Suite v1/v2 on OCS ID-One Cosmo 64 v5", "Module Type": "Hardware", "Validation Date": "03/22/200605/26/200608/29/200610/03/200607/24/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp639.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/639", "detail_available": true, "module_name": "ActivIdentity Digital Identity Applet Suite v1/v2 on OCS ID-One Cosmo 64 v5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This version of the product can be used over contact and contactless interface (with some restrictions) and can be configured to use with ActivIdentity applet suite v1.1.6 for enterprise deployment or with v2.6.1for the support of GSC-IS v2.1 and NIST SP800-73 Transitional Card Edge (for HSPD-12/PIV)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/638", "Certificate Number": "638", "Vendor Name": "Secure Computing Corporation (Wholly owned subsidiary of McAfee, Inc.)", "Module Name": "Cryptographic Module for SecureOS®", "Module Type": "Software", "Validation Date": "03/22/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp638.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/638", "detail_available": true, "module_name": "Cryptographic Module for SecureOS®", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Cryptographic Module for SecureOS® is software providing cryptographic services for applications on versions of Sidewinder G2® Security Appliance™ and Sidewinder G2 Enterprise Manager™. Sidewinder G2 is a line of comprehensive unified threat management (UTM) security appliances consolidating a variety of Internet security functions including Application Defenses™ firewall, anti-virus, anti-spam, traffic anomaly detection, IDS/IPS, and more. It is Common Criteria EAL4+ certified as compliant with the US DoD Application-level Firewall Protection Profile for Medium Robustness." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/637", "Certificate Number": "637", "Vendor Name": "D'Crypt Private Limited", "Module Name": "d'Cryptor ZE Cryptographic Module", "Module Type": "Hardware", "Validation Date": "03/14/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp637.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/637", "detail_available": true, "module_name": "d'Cryptor ZE Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "d'Cryptor ZE is a micro-token targeted at high security embedded applications. Central to the next generation d'Cryptor products, the ZE provides cryptographic/key management services, secure key storage and supports interfaces such as UARTs, SSP, infrared, contact/contactless Smartcard and GPIOs." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/636", "Certificate Number": "636", "Vendor Name": "Renesas Technology America, Inc.", "Module Name": "Aspects Software OS755 for Renesas XMobile Card Module", "Module Type": "Hardware", "Validation Date": "03/14/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp636.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/636", "detail_available": true, "module_name": "Aspects Software OS755 for Renesas XMobile Card Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Aspects OS755 for Renesas XMobile Card Module is the combination of a Java Card compliant Operating System that implements FIPS Approved cryptographic functions and a secure Single Chip Silicon hardware. This module is a flexible platform capable of post-issuance customization and updates, and that offers Java Card 2.1.1 technology and GlobalPlatform 2.1 services in addition to a range of FIPS Approved on-board random-number generator, hardware accelerated Triple-DES and RSA algorithms, especially designed for the XMobile Card.", "algorithms": [ "DES", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/635", "Certificate Number": "635", "Vendor Name": "TLC-Chamonix, LLC", "Module Name": "WirelessWall Client", "Module Type": "Software", "Validation Date": "03/03/200605/20/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp635.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/635", "detail_available": true, "module_name": "WirelessWall Client", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Cranite WirelessWall Client enables laptop, desktop, and handheld computer users to securely connect to WirelessWall-protected networks. The Client authenticates users, encrypts wireless network traffic, and blocks malicious attacks. Additionally, the Client optionally seamlessly roam from subnet to subnet without re-authenticating. The Client optionally integrates with the Windows logon, providing secure single signon functionality. Cranite's WirelessWall Client is simple to use and is validated to the government's rigorous FIPS-2 security standard." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/634", "Certificate Number": "634", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "VPN-1", "Module Type": "Firmware", "Validation Date": "03/03/200605/02/200805/28/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp634.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/634", "detail_available": true, "module_name": "VPN-1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "Check Point's VPN-1 version NG with Application Intelligence R54 is a tightly integrated software solution combining the FireWall-1 (FW-1) security suite with sophisticated Virtual Private Network (VPN) technologies and a hardened Secure Platform operating system (OS). The cornerstone of Check Point's Secure Virtual Network (SVN) architecture, VPN-1 meets the demanding requirements of Internet, intranet, and extranet VPNs by providing secure connectivity to corporate networks, remote and mobile users, branch offices, and business partners." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/633", "Certificate Number": "633", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 3251 Mobile Access Router Card", "Module Type": "Hardware", "Validation Date": "03/03/200612/06/200605/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp633.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/633", "detail_available": true, "module_name": "Cisco 3251 Mobile Access Router Card", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The module is a high-performance router card, which offers secure data, voice and video communications, seamless mobility and interoperability across multiple wireless networks. The unique functionality of this router card is that always on IP connectivity for networks in motion. This allows IP hosts on a mobile network to connect transparently to the parent network while the router is in motion." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/632", "Certificate Number": "632", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 3220 Mobile Access Router Card", "Module Type": "Hardware", "Validation Date": "03/03/200612/06/200605/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp632.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/632", "detail_available": true, "module_name": "Cisco 3220 Mobile Access Router Card", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The module is a high-performance router card, which offers secure data, voice and video communications, seamless mobility and interoperability across multiple wireless networks. The unique functionality of this router card is that always on IP connectivity for networks in motion. This allows IP hosts on a mobile network to connect transparently to the parent network while the router is in motion." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/631", "Certificate Number": "631", "Vendor Name": "Good Technology, Inc.", "Module Name": "FIPSCrypto on Windows Mobile", "Module Type": "Software", "Validation Date": "03/03/200605/18/200901/28/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp631.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/631", "detail_available": true, "module_name": "FIPSCrypto on Windows Mobile", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The FIPSCrypto is a FIPS 140-2 validated software-based cryptographic module that implements Triple-DES, AES, SHA-1, and HMAC-SHA-1." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/630", "Certificate Number": "630", "Vendor Name": "PGP Corporation", "Module Name": "PGP Software Developer's Kit (SDK) Cryptographic Module", "Module Type": "Software", "Validation Date": "03/03/200605/08/200703/07/200807/28/200808/21/200812/03/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp630.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/630", "detail_available": true, "module_name": "PGP Software Developer's Kit (SDK) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The PGP SDK Cryptographic Module is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for PGP products including: PGP Whole Disk Encryption, PGP NetShare, PGP Command Line, PGP Universal, and PGP Desktop. It includes a wide range of field-tested and standards-based encryption, digital signature, and encoding algorithms as well as a variety of secure network protocol implementations. The PGP SDK offers developers this same cryptographic library that is at the heart of PGP products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/629", "Certificate Number": "629", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper NetScreen-5GT", "Module Type": "Hardware", "Validation Date": "02/07/200605/16/200606/14/200606/20/200612/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp629.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/629", "detail_available": true, "module_name": "Juniper NetScreen-5GT", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The NetScreen-5GT appliance is a feature-rich, enterprise-class, network security solution that integrates multiple security functions - Stateful and Deep Inspection firewall, IPSec VPN, denial of service protection, antivirus and Web filtering. The NetScreen-5GT Ethernet solution is ideal for environments that need hardwired connectivity backed by robust network, application and payload level security. The NetScreen-5GT Ethernet is available with five Ethernet interfaces that can be deployed in a wide variety of configurations." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/628", "Certificate Number": "628", "Vendor Name": "Cryptek, Inc.", "Module Name": "DiamondLink/CL100", "Module Type": "Hardware", "Validation Date": "01/27/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp628.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/628", "detail_available": true, "module_name": "DiamondLink/CL100", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "DiamondLink is a managed secure network appliance that features DiamondTEK's self protecting security computer. DiamondLink automatically identifies and authenticates the user to the network, encrypts communications and determines which data and servers the user is authorized to access. Security functions include token based user I&A, firewall filtering, IPSec, Data Driven Access Control (DDAC) capabilities and centralize management using the DiamondTEK DiamondCentral." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/627", "Certificate Number": "627", "Vendor Name": "Cryptek, Inc.", "Module Name": "DiamondVPN/CV100", "Module Type": "Hardware", "Validation Date": "01/27/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp627.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/627", "detail_available": true, "module_name": "DiamondVPN/CV100", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "DiamondVPN is a rack-mounted network security appliance that can be installed to enforce a single security policy for a workgroup or department operating on your enterprise network. The DiamondVPN can also be deployed at the edge of a corporate LAN for outbound communications security and control of access to the LAN. The DiamondVPN supports secure pass-through to devices protected by other DiamondTEK products. This allows full-path, end-to-end security in combination with conventional site-to-site and remote-to-site tunneled communications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/626", "Certificate Number": "626", "Vendor Name": "Cryptek, Inc.", "Module Name": "DiamondPak/CP106", "Module Type": "Hardware", "Validation Date": "01/27/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp626.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/626", "detail_available": true, "module_name": "DiamondPak/CP106", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "DiamondPak is a rack-mounted network appliance designed for protecting multiple servers, each having DiamondTEK's self-protecting security computer with a single security profile. With DiamondPak's advanced access-control system for protecting critical backend systems, DiamondPak provides the same security protection that is used for our governement's most sensitive information." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/625", "Certificate Number": "625", "Vendor Name": "Nortel Networks", "Module Name": "VPN Router 1750, 2700 and 5000 with VPN Router Security Accelerator", "Module Type": "Hardware", "Validation Date": "01/24/200605/16/200602/12/200706/21/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp625.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/625", "detail_available": true, "module_name": "VPN Router 1750, 2700 and 5000 with VPN Router Security Accelerator", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FIPS 140-2 Level 2 compliant VPN Routers are the ideal solution for enterprises requiring secure, low-cost connectivity across the Internet or managed IP networks. The VPN Routers provide, IP routing, Virtual Private Networking (VPN), stateful firewall, encryption, authentication, directory and policy services, Quality of Service (QoS), and bandwidth management services in a single integrated platform. These devices provide a solution for small, medium, and large sites requiring Internet connectivity for both secure VPN communications and for basic IP/Internet access." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/624", "Certificate Number": "624", "Vendor Name": "Nortel Networks", "Module Name": "VPN Router 1700, 1750, 2700 and 5000 with Hardware Accelerator", "Module Type": "Hardware", "Validation Date": "01/24/200605/16/200604/26/200706/21/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp624.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/624", "detail_available": true, "module_name": "VPN Router 1700, 1750, 2700 and 5000 with Hardware Accelerator", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FIPS 140-2 Level 2 compliant VPN Routers are the ideal solution for enterprises requiring secure, low-cost connectivity across the Internet or managed IP networks. The VPN Routers provide, IP routing, Virtual Private Networking (VPN), stateful firewall, encryption, authentication, directory and policy services, Quality of Service (QoS), and bandwidth management services in a single integrated platform. These devices provide a solution for small, medium, and large sites requiring Internet connectivity for both secure VPN communications and for basic IP/Internet access." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/623", "Certificate Number": "623", "Vendor Name": "Nortel Networks", "Module Name": "VPN Router 600, 1700, 1750, 2700 and 5000", "Module Type": "Hardware", "Validation Date": "01/24/200605/16/200604/26/200706/21/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp623.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/623", "detail_available": true, "module_name": "VPN Router 600, 1700, 1750, 2700 and 5000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FIPS 140-2 Level 2 compliant VPN Routers are the ideal solution for enterprises requiring secure, low-cost connectivity across the Internet or managed IP networks. The VPN Routers provide, IP routing, Virtual Private Networking (VPN), stateful firewall, encryption, authentication, directory and policy services, Quality of Service (QoS), and bandwidth management services in a single integrated platform. These devices provide a solution for small, medium, and large sites requiring Internet connectivity for both secure VPN communications and for basic IP/Internet access." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/622", "Certificate Number": "622", "Vendor Name": "Lexmark International, Inc.", "Module Name": "Lexmark PrintCryption", "Module Type": "Firmware", "Validation Date": "01/19/200612/13/200601/04/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp622.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/622", "detail_available": true, "module_name": "Lexmark PrintCryption", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The Lexmark PrintCryption Card is an option for the Lexmark series of output devices that enables the printing of host encrypted data. With this option installed, the printer is capable of decrypting print jobs encrypted with the AES algorithm. The Lexmark PrintCryption Card analyzes the encrypted data stream, determines if the correct key was used to encrypt the data, decrypts the data and allows the confidential document to be printed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/621", "Certificate Number": "621", "Vendor Name": "NeoScale Systems, Inc.", "Module Name": "CryptoStor Tape 702 and 704", "Module Type": "Hardware", "Validation Date": "01/19/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp621.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/621", "detail_available": true, "module_name": "CryptoStor Tape 702 and 704", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "NeoScale CryptoStor Tape is a readily deployable, high-speed tape security appliance that compresses, encrypts and digitally signs data as it goes to tape media or virtual tape--without disrupting backup processes. CryptoStor dynamically intercepts backup/restore communications between hosts and tape libraries-centrally managing and fully off-loading tape media security functions. It seamlessly integrates with widely used backup applications and incorporates Global Key Management technology for strong key management and data recovery with the appliance or with a software-only utility." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/620", "Certificate Number": "620", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 1841 Integrated Services Router with AIM-VPN/BPII-Plus and Cisco 2801 Integrated Services Router with AIM- VPN/EPII-Plus", "Module Type": "Hardware", "Validation Date": "01/06/200605/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp620.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/620", "detail_available": true, "module_name": "Cisco 1841 Integrated Services Router with AIM-VPN/BPII-Plus and Cisco 2801 Integrated Services Router with AIM- VPN/EPII-Plus", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 1841 and 2801 routers feature the ability to deliver multiple high-quality simultaneous services at wire speeds up to multiple T1/E1/xDSL connections. These routers offer embedded encryption acceleration on the motherboard. For additional performance, the Cisco 1841 and 2801 routers feature the ability to optionally add encryption acceleration advanced integration modules (AIMs)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/619", "Certificate Number": "619", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 2851 Integrated Services Router with AIM-VPN/EPII-Plus", "Module Type": "Hardware", "Validation Date": "01/06/200605/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp619.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/619", "detail_available": true, "module_name": "Cisco 2851 Integrated Services Router with AIM-VPN/EPII-Plus", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 2800 Series features the ability to deliver multiple high-quality simultaneous services at wire speeds up to multiple T1/E1/xDSL connections. The Cisco 2800 Series routers offer embedded encryption acceleration on the motherboard. For additional performance the Cisco 2800 Series features the ability to optionally add encryption acceleration advanced integration modules (AIMs)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/618", "Certificate Number": "618", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 3825 Integrated Services Router with AIM-VPN/EPII-Plus and Cisco 3845 Integrated Services Router with AIM-VPN/HPII-Plus", "Module Type": "Hardware", "Validation Date": "01/06/200605/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp618.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/618", "detail_available": true, "module_name": "Cisco 3825 Integrated Services Router with AIM-VPN/EPII-Plus and Cisco 3845 Integrated Services Router with AIM-VPN/HPII-Plus", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 3800 Series features the ability to deliver multiple high-quality simultaneous services at wire speeds up to multiple T1/E1/xDSL connections. The Cisco 3800 Series routers offer embedded encryption acceleration on the motherboard. For additional performance the Cisco 3800 Series features the ability to optionally add encryption acceleration advanced integration modules (AIMs)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/617", "Certificate Number": "617", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 2811 and Cisco 2821 Integrated Services Router with AIMVPN/\nEPII-Plus", "Module Type": "Hardware", "Validation Date": "01/06/200605/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp617.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/617", "detail_available": true, "module_name": "Cisco 2811 and Cisco 2821 Integrated Services Router with AIMVPN/ EPII-Plus", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip Standalone", "description": "The Cisco 2800 Series features the ability to deliver multiple high-quality simultaneous services at wire speeds up to multiple T1/E1/xDSL connections. The Cisco 2800 Series routers offer embedded encryption acceleration on the motherboard. For additional performance the Cisco 2800 Series features the ability to optionally add encryption acceleration advanced integration modules (AIMs)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/616", "Certificate Number": "616", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 1841 and Cisco 2801 Integrated Services Router", "Module Type": "Hardware", "Validation Date": "01/06/200605/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp616.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/616", "detail_available": true, "module_name": "Cisco 1841 and Cisco 2801 Integrated Services Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 1841 and 2801 routers feature the ability to deliver multiple high-quality simultaneous services at wire speeds up to multiple T1/E1/xDSL connections. These routers offer embedded encryption acceleration on the motherboard." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/615", "Certificate Number": "615", "Vendor Name": "WRQ, Inc.", "Module Name": "Reflection Security Component for Java", "Module Type": "Software", "Validation Date": "01/06/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp615.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/615", "detail_available": true, "module_name": "Reflection Security Component for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip Standalone", "description": "Reflection® for the Web provides terminal emulation from a web browser. With this server-based solution you can connect local or remote users to applications on IBM, HP, UNIX, and OpenVMS hosts. You can also use its comprehensive management, security, and customization features to boost IT efficiency and user productivity." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/614", "Certificate Number": "614", "Vendor Name": "Chunghwa Telecom Co., Ltd.", "Module Name": "HICOS PKI Smart Card", "Module Type": "Hardware", "Validation Date": "01/06/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp614.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/614", "detail_available": true, "module_name": "HICOS PKI Smart Card", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The HICOS PKI smart card module is a single chip implementation of a cryptographic module. The HICOS PKI smart card module is mounted in an ID-1 class smart card body that adheres to ISO/IEC specifications for Integrated Circuit Chip (ICC) based identification cards. The HICOS PKI Smart Card cryptographic module contains an implementation of the Open Platform (OP) Version 2.0.1 specification defining a secure infrastructure for post-issuance programmable smart card chips." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/613", "Certificate Number": "613", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 2851 Integrated Services Router", "Module Type": "Hardware", "Validation Date": "12/23/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp613.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/613", "detail_available": true, "module_name": "Cisco 2851 Integrated Services Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 2800 Series features the ability to deliver multiple high-quality simultaneous services at wire speeds up to multiple T1/E1/xDSL connections. The Cisco 2800 Series routers offer embedded encryption acceleration on the motherboard." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/612", "Certificate Number": "612", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 2811 and Cisco 2821 Integrated Services Router", "Module Type": "Hardware", "Validation Date": "12/23/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp612.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/612", "detail_available": true, "module_name": "Cisco 2811 and Cisco 2821 Integrated Services Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 2800 Series features the ability to deliver multiple high-quality simultaneous services at wire speeds up to multiple T1/E1/xDSL connections. The Cisco 2800 Series routers offer embedded encryption acceleration on the motherboard." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/611", "Certificate Number": "611", "Vendor Name": "Litronic, Inc.", "Module Name": "jForté/HAT Cryptographic Module", "Module Type": "Hardware", "Validation Date": "12/23/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp611.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/611", "detail_available": true, "module_name": "jForté/HAT Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The high assurance jForté/HAT module is a multi-function, secure device, specifically engineered to provide expanded storage and accelerated processing of complex cryptographic functions. jForté/HAT also provides high data throughput via its dual I/O interface, supporting both ISO7816-3 and Full Speed USB. The module is available in several different packaging configurations - smart card module, 24-pin SOIC or bare die. Our patented smart card packaging provides access to both 7816-3 and USB interfaces so the same smart card will work in both standard readers, at 7816 speeds, and in high-speed USB readers and Full Speed USB." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/610", "Certificate Number": "610", "Vendor Name": "Avaya, Inc.", "Module Name": "G250 and G250-BRI Branch Office Media Gateways w/FIPS", "Module Type": "Hardware", "Validation Date": "12/23/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp610.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/610", "detail_available": true, "module_name": "G250 and G250-BRI Branch Office Media Gateways w/FIPS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Avaya G250 Branch Office Media Gateway w/FIPS and G250-BRI Branch Media Gateway w/FIPS are complete branch office business communications systems that integrate an IP telephony gateway, an advanced IP WAN router, and a PoE LAN switch into a compact (2U) chassis. Ideally suited for enterprise with distributed branch office locations of 2-10 extensions, the G250 and G250-BRI Gateways replace the complexity and cost of managing disparate key and voice systems with a survivable networked solution that is easy to deploy and can be administered from a central location." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/609", "Certificate Number": "609", "Vendor Name": "Snapshield, Ltd.", "Module Name": "SNAPfone", "Module Type": "Hardware", "Validation Date": "12/23/200501/13/200601/27/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp609.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/609", "detail_available": true, "module_name": "SNAPfone", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "SNAPfone is a compact encryption termination unit capable of securing voice communications over analog telephone lines. SNAPfone performs high level encryption process with a new key draw for each session using Asymmetric Public Key Cryptography (1024 bit Diffie-Hellman) for key exchanging and Symmetric block cipher (192-bit 3DES) algorithm for session encryption. SNAPfone requires minimum user intervention with seamless operation.\" \"The Snapfone is a plug-n-play encryption device for securing communications over regular analog (POTS) or fax lines. Snapfone is designed for compatibility among major telephone and PBX brands. It can also be deployed as a shared resource device when connected to a PBX. Its small footprint and 1101220v connectivity allows for easy transport and maximum flexibility. The cryptographic core engines are optimized for minimal voice latency providing superior voice quality. Snapfones can also be configured as a distributed secure voice network solution among groups and between multiple locations." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/608", "Certificate Number": "608", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-C Micro Edition (ME)", "Module Type": "Software", "Validation Date": "12/13/200501/04/200810/16/200809/07/201003/28/201101/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp608.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/608", "detail_available": true, "module_name": "RSA BSAFE® Crypto-C Micro Edition (ME)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Crypto-C Micro Edition (ME) Module is RSA Security Inc.'s cryptographic library designed for securing mobile devices like wireless phones and personal digital assistants. It contains assembly-level optimizations on key wireless processors. Its functionality includes a wide range of data encryption and signing algorithms, including Triple-DES, the Advanced Encryption Standard (AES) algorithm, the RSA Public Key Cryptosystem, the DSA government signature algorithm, MD5 and SHA1 message digest routines, and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/607", "Certificate Number": "607", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks NetScreen-204 and 208", "Module Type": "Hardware", "Validation Date": "12/12/200501/26/200605/16/200606/14/200606/20/200612/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp607.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/607", "detail_available": true, "module_name": "Juniper Networks NetScreen-204 and 208", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Juniper Networks NetScreen-204 and 208 are purpose-built internet security appliances that deliver firewall, VPN, and traffic shaping optimized for the most demanding environments such as medium and large enterprise offices, e-business sites, data centers, and carrier infrastructures." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/606", "Certificate Number": "606", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks NetScreen-5XT", "Module Type": "Hardware", "Validation Date": "12/12/200501/26/200605/16/200606/14/200606/20/200612/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp606.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/606", "detail_available": true, "module_name": "Juniper Networks NetScreen-5XT", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Juniper Networks NetScreen-5XT is a purpose-built Internet security appliance that delivers firewall, VPN and traffic shaping that offers a complete security solution for telecommuters, small-sized companies and branch offices. Featuring two 10 Base-T Ethernet ports (trust and untrusted), the Juniper Networks NetScreen-5XT performs at near wirespeed, protecting the LAN from attack and providing IPSEC based VPN capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/605", "Certificate Number": "605", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks NetScreen-5400", "Module Type": "Hardware", "Validation Date": "12/12/200501/26/200605/16/200606/14/200606/20/200612/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp605.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/605", "detail_available": true, "module_name": "Juniper Networks NetScreen-5400", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Juniper Networks NetScreen-5400 is a purpose-built, high-performance security system designed to deliver a new level of high-performance capabilities for large enterprise, carrier, and data center networks. The NetScreen-5400 security system integrates firewall, DoS, DDoS protection, VPN, and traffic management functionality in low-profile modular chassis." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/604", "Certificate Number": "604", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks NetScreen-500", "Module Type": "Hardware", "Validation Date": "12/12/200501/26/200605/16/200606/14/200606/20/200612/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp604.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/604", "detail_available": true, "module_name": "Juniper Networks NetScreen-500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Juniper Networks NetScreen-500 is a purpose-built internet security appliance that provides advanced firewall, IPSec VPN, and traffic management functionality, optimized for the most demanding environments such as medium and large enterprise offices, carrier infrastructures, or service providers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/603", "Certificate Number": "603", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks NetScreen-5200", "Module Type": "Hardware", "Validation Date": "12/12/200501/26/200605/16/200606/14/200606/20/200612/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp603.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/603", "detail_available": true, "module_name": "Juniper Networks NetScreen-5200", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Juniper Networks NetScreen-5200 is a purpose-built, high-performance security system designed to deliver a new level of high-performance capabilities for large enterprise, carrier, and data center networks. The NetScreen-5200 security system integrates firewall, DoS and DDoS protection, VPN, and traffic management functionality in low-profile modular chassis." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/602", "Certificate Number": "602", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "JUNOS-FIPS", "Module Type": "Firmware", "Validation Date": "12/12/200505/16/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp602.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/602", "detail_available": true, "module_name": "JUNOS-FIPS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "JUNOS firmware is the first routing operating system designed specifically for the Internet. It runs on all Juniper Networks T-series, M-series, and Jseries routers, and is currently deployed in the largest and fastest growing networks worldwide. Its full suite of industrial strength routing protocols, flexible policy language, and leading MPLS implementation efficiently scale to large numbers of network interfaces and routes. As well, JUNOS firmware supports the industry's first production-ready GMPLS implementation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/601", "Certificate Number": "601", "Vendor Name": "Avaya, Inc.", "Module Name": "G350 Branch Office Media Gateway w/FIPS", "Module Type": "Hardware", "Validation Date": "12/08/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp601.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/601", "detail_available": true, "module_name": "G350 Branch Office Media Gateway w/FIPS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Avaya G350 Branch Office Media Gateway w/FIPS is a complete branch office business communications system that integrates an IP telephony gateway, an advanced IP WAN router, and a high-performance LAN switch into a compact (3U) modular chassis. Ideally suited for enterprise with distributed branch office locations of 8-40 extensions, the G350 replaces the complexity and cost of managing disparate key and voice systems with a survivable networked solution that is easy to deploy and can be administered from a central location." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/600", "Certificate Number": "600", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Pitney Bowes iButton Postal Security Device (PSD)", "Module Type": "Hardware", "Validation Date": "12/08/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp600.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/600", "detail_available": true, "module_name": "Pitney Bowes iButton Postal Security Device (PSD)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Pitney Bowes iButton Postal Security Device (PSD) has been designed in compliance with the United States Postal Service (USPS), Information-Based Indicia Program (IBIP), and Deutsche Post's FrankIT New Generation Digital Franking program. It employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes global digital metering products. The PSD has been designed to support international postal markets and their rapidly evolving requirements for digital indicia." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/599", "Certificate Number": "599", "Vendor Name": "Blue Ridge Networks", "Module Name": "BorderGuard 5000", "Module Type": "Hardware", "Validation Date": "12/08/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp599.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/599", "detail_available": true, "module_name": "BorderGuard 5000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The BorderGuard hardware models 5100, 5200, 5400, 5500 and 5600 version DPF1 7.1 firmware are standalone hardware security appliances (routers) used to secure Internet traffic. The cryptographic module consists of firmware running on a dedicated hardware device. The module is a multi-chip-standalone device." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/598", "Certificate Number": "598", "Vendor Name": "Mobile Armor, LLC", "Module Name": "Mobile Armor Warp Drive", "Module Type": "Software", "Validation Date": "12/01/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp598.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/598", "detail_available": true, "module_name": "Mobile Armor Warp Drive", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Mobile Armor's highly optimized Microsoft Windows Certified Driver for Windows XP provides reliable high speed strong cryptographic services for systems running Mobile Armor's DataArmor Enterprise Mobile Data Protection software." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/597", "Certificate Number": "597", "Vendor Name": "Oberthur Card Systems", "Module Name": "ID-One Cosmo 32 v5", "Module Type": "Hardware", "Validation Date": "12/01/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp597.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/597", "detail_available": true, "module_name": "ID-One Cosmo 32 v5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The ID-One Cosmo 32 v5 is a JavaCard cryptographic module specifically designed for identity and government market needs. It offers a full 32K Byte of EEPROM space available for customer discretionary use, together with on-card cryptographic services such as TDES (using double and triple length DES keys), and 2048-bit RSA with on-card key generation. The cryptographic module loads and runs applets written in Java programming language. It includes a native implementation of the latest Java Card TM (Version 2.2) and Open Platform (Version 2.1.1A) specifications, with full support for Delegated Management and DAP / Mandated DAP, that define a secure infrastructure for post-issuance programmable platforms. Additional features include On-Card fingerprint matching and Logical Channels." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/596", "Certificate Number": "596", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 3825 and Cisco 3845 Integrated Services Router", "Module Type": "Hardware", "Validation Date": "12/01/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp596.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/596", "detail_available": true, "module_name": "Cisco 3825 and Cisco 3845 Integrated Services Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 3800 Series features the ability to deliver multiple high-quality simultaneous services at wire speeds up to multiple T1/E1/xDSL connections. The Cisco 3800 Series routers offer embedded encryption acceleration on the motherboard. By integrating security functions directly into the router itself, Cisco can provide unique intelligent security solutions, such as network admissions control (NAC) for antivirus defense; Voice and Video Enabled VPN (V3PN) for quality-of-service (QoS) enforcement when combining voice, video, and VPN; and Dynamic Multipoint VPN (DMVPN) and Easy VPN." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/595", "Certificate Number": "595", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE Crypto-J JCE Provider Module", "Module Type": "Software", "Validation Date": "12/01/200503/06/200610/12/200701/04/200810/16/200809/07/201003/28/201101/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp595.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/595", "detail_available": true, "module_name": "RSA BSAFE Crypto-J JCE Provider Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. RSA BSAFE Crypto-J supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/594", "Certificate Number": "594", "Vendor Name": "Motorola, Inc.", "Module Name": "MCC7500 Secure Card Crypto Engine Cryptographic Module", "Module Type": "Hardware", "Validation Date": "12/01/200506/14/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp594.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/594", "detail_available": true, "module_name": "MCC7500 Secure Card Crypto Engine Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The MCC7500 Secure Card Crypto Engine Cryptographic Module is a multiprocessor, cryptographic PCI card that provides encryption services for up to 60 audio streams for the Secure Operator Position (B1908) and Secure Archiving Interface Server (B1918). Each Secure Operator Position will contain one Secure Card providing encryption services for 60 simultaneous audio streams. Each Secure AIS will contain 1 or 2 Secure Cards providing encryption services for 60 or 120 audio streams, respectively. The Spare Crypto Card (B1924) may be used to upgrade an Operator Position or AIS." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/593", "Certificate Number": "593", "Vendor Name": "Research In Motion Ltd.", "Module Name": "BlackBerry® Cryptographic Kernel", "Module Type": "Firmware", "Validation Date": "12/01/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp593.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/593", "detail_available": true, "module_name": "BlackBerry® Cryptographic Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-toend solution. The BlackBerry® Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry®." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/592", "Certificate Number": "592", "Vendor Name": "High Density Devices AS", "Module Name": "SecureD v.1.6", "Module Type": "Hardware", "Validation Date": "12/01/200501/05/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp592.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/592", "detail_available": true, "module_name": "SecureD v.1.6", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "SecureD is a hardware based encryption device that offers optimal, fully integrated, protection for stored data in IDE data bus based computer systems. SecureD operates fully transparent at the speed of ATA-6 AT API. SecureD is using AES 128/192/256 bits encryption/decryption, and is 100% operating system independent. No SW is installed. Ideal for encryption of disks in Desktop environment, Laptop, and USB/Firewire connected disks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/591", "Certificate Number": "591", "Vendor Name": "Research In Motion Ltd.", "Module Name": "BlackBerry Enterprise Server™ Cryptographic Kernel", "Module Type": "Software", "Validation Date": "12/01/200505/10/200706/08/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp591.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/591", "detail_available": true, "module_name": "BlackBerry Enterprise Server™ Cryptographic Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-to-end solution. The BlackBerry® Cryptographic Kernel is the software module that provides the basic ryptographic functionality for the BlackBerry® Enterprise Server." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/590", "Certificate Number": "590", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE Crypto-J Software Module", "Module Type": "Software", "Validation Date": "11/18/200503/06/200605/17/200612/18/200610/12/200701/04/200810/16/200809/07/201003/28/201101/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp590.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/590", "detail_available": true, "module_name": "RSA BSAFE Crypto-J Software Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. RSA BSAFE Crypto-J supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/589", "Certificate Number": "589", "Vendor Name": "Mobile Armor, LLC", "Module Name": "Mobile Armor Crypto Module", "Module Type": "Software", "Validation Date": "11/18/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp589.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/589", "detail_available": true, "module_name": "Mobile Armor Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Mobile Armor's Cross platform implementation of Cryptographic Services for use in Enterprise Mobile Data Security products on the Linux, Windows XP, and Windows CE platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/588", "Certificate Number": "588", "Vendor Name": "Bluesocket, Inc.", "Module Name": "Bluesocket WG-5000 Wireless Gateway", "Module Type": "Hardware", "Validation Date": "11/18/200512/08/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp588.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/588", "detail_available": true, "module_name": "Bluesocket WG-5000 Wireless Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Bluesocket WG-5000 Wireless Gateway provides a single scalable solution to the security, quality of service (QoS), and management issues facing institutions, enterprises, and service providers who deploy 802.11 and Bluetooth-based wireless networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/587", "Certificate Number": "587", "Vendor Name": "Bluesocket, Inc.", "Module Name": "Bluesocket WG-2100 Wireless Gateway", "Module Type": "Hardware", "Validation Date": "11/03/200512/08/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp587.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/587", "detail_available": true, "module_name": "Bluesocket WG-2100 Wireless Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Bluesocket WG-2100 Wireless Gateway provides a single scalable solution to the security, quality of service (QoS), and management issues facing institutions, enterprises, and service providers who deploy 802.11 and Bluetooth-based wireless networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/586", "Certificate Number": "586", "Vendor Name": "E.F. Johnson Co.", "Module Name": "Subscriber Encryption Module (SEM)", "Module Type": "Hardware", "Validation Date": "11/03/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp586.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/586", "detail_available": true, "module_name": "Subscriber Encryption Module (SEM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The E.F. Johnson Co. Subscriber Encryption Module (SEM) is a cryptographic module meeting FIPS 140-2, Level 1 requirements. The SEM provides Subscriber Equipment, such as the E.F. Johnson Co. 5100 series radio with secure and encrypted voice communication. The SEM supports AES OTAR, AES, DES, DSA, and SHA-1 FIPS Approved algorithms. These algorithms are used for data or voice communication and protection of SEM firmware. The SEM can be implemented into any Subscriber Equipment requiring FIPS 140-2 Level 1 security." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/585", "Certificate Number": "585", "Vendor Name": "Bluefire Security Technologies", "Module Name": "Bluefire Mobile Security™ FIPS Cryptographic Module", "Module Type": "Software", "Validation Date": "11/02/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp585.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/585", "detail_available": true, "module_name": "Bluefire Mobile Security™ FIPS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Bluefire Mobile Security™ FIPS Cryptographic Module is Bluefire Security Technologies' cryptographic library designed for securing mobile devices such as personal digital assistants (PDA’s) and Smart Phones based on the Microsoft Windows Mobile platform. It contains assembly-level optimizations on key wireless processors while offering great flexibility and choice by allowing developers to select only the algorithms needed in reduced code sizes. Its functionality includes a wide range of data encryption and signing algorithms, including Triple-DES, the Advanced Encryption Standard (AES) algorithm, the RSA Public Key Cryptosystem, the DSA government signature algorithm, MD5 and SHA1 message digest routines, and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/584", "Certificate Number": "584", "Vendor Name": "Credant Technologies Corporation", "Module Name": "Credant Cryptographic Kernel[1] and CmgCryptoLib[2]", "Module Type": "Software", "Validation Date": "11/02/200511/04/200512/07/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp584.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/584", "detail_available": true, "module_name": "Credant Cryptographic Kernel[1] and CmgCryptoLib[2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "CREDANT CmgCryptoLib (previosuly known as CREDANT Cryptographic Kernel) is a FIPS 140-2 validated, software based cryptography library that implements Triple-DES, AES, ANSI X9.31 RNG, SHA-1, and HMAC-SHA-1 algorithms for CREDANT Mobile Guardian (CMG). CMG provides centrally managed mobile data protection via strong authentication, Intelligent Encryption and usage controls with guaranteed data recovery for laptops, desktops, removable media, PDAs and smart phones." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/583", "Certificate Number": "583", "Vendor Name": "NeoScale Systems, Inc.", "Module Name": "CryptoStor FC2002W SAN Security Appliance", "Module Type": "Hardware", "Validation Date": "10/27/200511/07/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp583.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/583", "detail_available": true, "module_name": "CryptoStor FC2002W SAN Security Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The NeoScale CryptoStor FC2002 appliance, is a Fibre Channel Storage Area Network (SAN) data security appliance that provides data flow control and encryption based on configured policy rules. Operating as a fully transparent, in-line storage appliance, the FC2002 inspects storage traffic and applies information flow controls and strong encryption to the data payload at gigabit rates. Storage data privacy policies are centrally managed, employing access and encryption rules which are easily modified to suit current and evolving storage infrastructures. Deep frame inspection allows access and encryption policies to be dynamically applied at wirespeed. True gigabit throughput with low latency and transparent operation ensures uninterrupted, scalable storage data protection." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/582", "Certificate Number": "582", "Vendor Name": "Oceana Sensor Technologies, Inc.", "Module Name": "Fortress Cryptographic Library", "Module Type": "Software", "Validation Date": "10/27/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp582.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/582", "detail_available": true, "module_name": "Fortress Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Oceana Sensor Technologies Fortress Cryptographic LibraryTM (FCL) is a cryptographically secure interface to applications both internal and external to the OST product. It has many features and supports AES, Triple DES and RSA. It is entirely a software product." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/581", "Certificate Number": "581", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "AirFortress™ Wireless Security Gateway", "Module Type": "Hardware", "Validation Date": "10/27/200504/26/200703/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp581.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/581", "detail_available": true, "module_name": "AirFortress™ Wireless Security Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The AirFortress ™ Wireless Security Gateway is an electronic encryption module that enforces network access rights and encrypts and decrypts communication across a WLAN. Installed by the vendor onto a production-quality hardware platform and deployable on any LAN or WAN, the AF Gateway provides encryption, data integrity checking, authentication, access control, and data compression." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/580", "Certificate Number": "580", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "AS2-FIPS PIC", "Module Type": "Hardware", "Validation Date": "10/25/200512/02/200501/27/200606/14/200612/19/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp580.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/580", "detail_available": true, "module_name": "AS2-FIPS PIC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Adaptive Services (AS) Physical Interface Card (PIC) is a multi-chip embedded cryptographic module, which supports a new level of services integration and performance. The AS2-FIPS PIC supports compressed real time protocol (CRTP), high-speed Network Address Translation (NAT), stateful firewall, tunnel services, IPSec encryption and J-Flow accounting today while having built-in headroom to support additional services in the future. With high-speed NAT and stateful firewall, providers can protect their networks and simultaneously deploy network-based security and VPN solutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/579", "Certificate Number": "579", "Vendor Name": "M/A Com, Inc.", "Module Name": "P7130IP Select, P7150IP Scan Portable and M7100IP Mobile Two-Way FM Radio", "Module Type": "Hardware", "Validation Date": "10/25/200508/16/200610/22/2007", "Status": "Revoked", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp579.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/579", "detail_available": true, "module_name": "P7130IP Select, P7150IP Scan Portable and M7100IP Mobile Two-Way FM Radio", "standard": "FIPS 140-1", "status": "Revoked", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The P7150IP Scan Portable/M7100IP Mobile are M/A COM's premier radios for critical communications. Guided by customer feedback, M/A COM designed the P7150IP and M7100IP to excel in the challenging environments that critical communications users encounter. The radios provide a superior combination of features, functions, and physical attributes. They are light and extremely durable, easy to use while wearing gloves, and produces loud and clear audio. A rugged high-tier portable, the radios provide exceptional performance even under adverse conditions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/578", "Certificate Number": "578", "Vendor Name": "Certicom Corp.", "Module Name": "Security Builder FIPS Java Module", "Module Type": "Software", "Validation Date": "10/25/200507/20/200703/06/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp578.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/578", "detail_available": true, "module_name": "Security Builder FIPS Java Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Security Builder FIPS Java Module is a standards-based cryptographic toolkit written in Java. It supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into Java-based applications. The Security Builder FIPS Java Module is intended for use by developers who want government level security and can also be used in conjunction with other Certicom developer toolkits including Security Builder PKI and Security Builder SSL." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/577", "Certificate Number": "577", "Vendor Name": "M/A Com, Inc.", "Module Name": "P7170IP System Portable Two-Way FM Radios", "Module Type": "Hardware", "Validation Date": "10/25/200508/16/200610/22/2007", "Status": "Revoked", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp577.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/577", "detail_available": true, "module_name": "P7170IP System Portable Two-Way FM Radios", "standard": "FIPS 140-1", "status": "Revoked", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The P7170IP is M/A COM's premier portable radio for critical communications. Guided by customer feedback, M/A COM designed the P7170IP to excel in the challenging environments that critical communications users encounter. The P7170IP provides a superior combination of features, functions, and physical attributes. It is light and extremely durable, easy to use while wearing gloves, and produces loud and clear audio. A rugged high-tier portable, the P7170IP provides exceptional performance even under adverse conditions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/576", "Certificate Number": "576", "Vendor Name": "PalmSource, Inc.", "Module Name": "Cryptographic Provider Module + FIPS Provider", "Module Type": "Software", "Validation Date": "10/25/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp576.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/576", "detail_available": true, "module_name": "Cryptographic Provider Module + FIPS Provider", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The PalmSource Cryptographic Provider Module + FIPS Provider version 5.2.2 is a software library that implements cryptographic functions and is contained within a defined cryptographic boundary using the PalmOS version 5.2.1." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/575", "Certificate Number": "575", "Vendor Name": "ActivCard, Inc.", "Module Name": "ActivCard Digital Identity Applet Suite v2.5 on OCS ID-One Cosmo 64 v5", "Module Type": "Hardware", "Validation Date": "10/25/200505/26/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp575.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/575", "detail_available": true, "module_name": "ActivCard Digital Identity Applet Suite v2.5 on OCS ID-One Cosmo 64 v5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The ActivCard Digital Identity Applet Suite v2.5 on OCS ID-One Cosmo 64 v5: Provides enhanced functionality, flexibility, and security based on the ActivCard Applet v2 frameworks; Is backward compatible with earlier versions of ActivCard applets; Offers a more open, stable, and flexible platform on which developers can build and deploy smart card applications; Is compliant with GSC-IS 2.1 virtual machine comman interface; Supports GSC-IS 2.1 data model; Can be configured for Level and Level 3 modes." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/574", "Certificate Number": "574", "Vendor Name": "RedCannon Security", "Module Name": "RedCannon Cryptographic Module", "Module Type": "Software", "Validation Date": "10/19/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp574.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/574", "detail_available": true, "module_name": "RedCannon Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The RedCannon Crypto Module provides cryptographic support for the RedCannon line of products. The crypto module is used to create, manage and delete cryptographic keys as well as to perform cryptographic operations. The crypto module can be used for multiple functions within the RedCannon applications. It provides a structured set of APIs, which can be called to perform these functions. This provides flexibility for the module and the ability to add new applications for the crypto module functions in the future without changing the module itself." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/573", "Certificate Number": "573", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Pitney Bowes iButton Postal Security Device (PSD)", "Module Type": "Hardware", "Validation Date": "09/20/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp573.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/573", "detail_available": true, "module_name": "Pitney Bowes iButton Postal Security Device (PSD)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Pitney Bowes iButton Postal Security Device (PSD) has been designed in compliance with the United States Postal Service (USPS), Information-Based Indicia Program (IBIP). It employs strong encryption, decryption, and digital signature techniques for the protection of customer funds and the production of postage meter indicia in a variety of Pitney Bowes Metering products. The PSD has been designed to support international postal markets and their evolving requirements for digital indicia." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/572", "Certificate Number": "572", "Vendor Name": "Gemalto", "Module Name": "SafesITe TOP IM CY2 (aka Cyberflex Access 64K V2) Cryptographic Module", "Module Type": "Hardware", "Validation Date": "09/15/200510/31/200505/25/200607/28/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp572.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/572", "detail_available": true, "module_name": "SafesITe TOP IM CY2 (aka Cyberflex Access 64K V2) Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The Cyberflex Access 64K V2 smart card can be employed in solutions which provide secure PKI (public key infrastructure) and digital signature technology. Cyberflex Access 64K V2 serves as a highly portable, secure token for enhancing the security of network access and ensuring secure electronic communications. Cyberflex Access 64K V2 supports on-card Triple DES, AES and 2048-bit RSA algorithms with on-card key generation. It is compliant to Java Card v2.1.1 and Open Platform v2.0.1. The Cyberflex Access 64K V2 smart card is part of a range of Axalto highly secure, Java-based smart cards for physical and logical access, e-transactions and other applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/571", "Certificate Number": "571", "Vendor Name": "AirMagnet, Inc.", "Module Name": "SmartEdge Sensor AM-5010-11-AG and AM-5012-11AG", "Module Type": "Hardware", "Validation Date": "09/12/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp571.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/571", "detail_available": true, "module_name": "SmartEdge Sensor AM-5010-11-AG and AM-5012-11AG", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SmartEdge Sensor is equipped with patent pending AirWISE Analytical Engine that, in real time, monitors and analyzes the security, performance, and reliability of the wireless network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/570", "Certificate Number": "570", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Secure Generic Sub-System (SGSS), Version 3.2", "Module Type": "Hardware", "Validation Date": "09/07/200510/13/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp570.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/570", "detail_available": true, "module_name": "Secure Generic Sub-System (SGSS), Version 3.2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Secure Generic Sub-System (SGSS) is a multi-chip embedded module used to provide secure cryptographic resources to a number of products in the Thales e-Security portfolio. This includes the Datacryptor 2000 family, WebSentry family, HSM 8000 family, P3CM family, PaySentry, 3D Security Module and SafeSign Crypto Module. The SGSS contains a secure bootstrap and authenticates application loading using the Digital Signature Algorithm (DSA) and the RSA algorithm." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/569", "Certificate Number": "569", "Vendor Name": "Funk Software, Inc.", "Module Name": "Odyssey Security Component and Odyssey Security Component/Portable", "Module Type": "Software", "Validation Date": "08/31/200501/13/200602/24/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp569.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/569", "detail_available": true, "module_name": "Odyssey Security Component and Odyssey Security Component/Portable", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Odyssey Security Component/Portable is Funk Software, Inc.'s general purpose cryptographic library. Wide-ranging algorithm support is provided, making the library suitable for use in applications such as wireless LAN, IPsec, SSL/TLS, EAP, and so on. Assembly language optimizations allow high-speed operation on specific platforms, while the portable (C) version can be used on a large variety of platforms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/568", "Certificate Number": "568", "Vendor Name": "Caymas Systems Inc.", "Module Name": "Caymas Systems 525 Identity-Driven Access Gateway", "Module Type": "Hardware", "Validation Date": "08/30/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp568.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/568", "detail_available": true, "module_name": "Caymas Systems 525 Identity-Driven Access Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Caymas 318 and Caymas 525 are the world's first Identity-Driven Access Gateways, combining universal access, Identity-Based access control, integrated application security and federated policy enforcement. Caymas products are hardened, purpose-built appliances, with custom acceleration hardware allowing them to scale to thousands of users and multi-gigabit speeds in a single platform. With no per user or per feature pricing, Caymas gateways deliver radical price/performance for enterprises extending their information assets to internal and external users." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/567", "Certificate Number": "567", "Vendor Name": "Caymas Systems Inc.", "Module Name": "Caymas Systems 318 Identity-Driven Access Gateway", "Module Type": "Hardware", "Validation Date": "08/30/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp567.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/567", "detail_available": true, "module_name": "Caymas Systems 318 Identity-Driven Access Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Caymas 318 and Caymas 525 are the world's first Identity-Driven Access Gateways, combining universal access, Identity-Based access control, integrated application security and federated policy enforcement. Caymas products are hardened, purpose-built appliances, with custom acceleration hardware allowing them to scale to thousands of users and multi-gigabit speeds in a single platform. With no per user or per feature pricing, Caymas gateways deliver radical price/performance for enterprises extending their information assets to internal and external users." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/566", "Certificate Number": "566", "Vendor Name": "WRQ, Inc.", "Module Name": "Reflection Security Component for Java", "Module Type": "Software", "Validation Date": "08/19/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp566.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/566", "detail_available": true, "module_name": "Reflection Security Component for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Reflection® for the Web provides terminal emulation from a web browser. With this server-based solution you can connect local or remote users to applications on IBM, HP, UNIX, and OpenVMS hosts. You can also use its comprehensive management, security, and customization features to boost IT efficiency and user productivity." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/565", "Certificate Number": "565", "Vendor Name": "Schweitzer Engineering Laboratories, Inc.", "Module Name": "SEL-3021 Serial Encrypting Transceiver", "Module Type": "Hardware", "Validation Date": "08/19/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp565.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/565", "detail_available": true, "module_name": "SEL-3021 Serial Encrypting Transceiver", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SEL-3021 Serial Encrypting Transceiver is a bump-in-the-wire encryption device designed to add strong cryptographic security to new serial communications links and to provide an easy and effective security solution for existing serial communications networks. It is designed for use on both point-to-point byte oriented communications links and multidrop SCADA networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/564", "Certificate Number": "564", "Vendor Name": "SkyTel Corp.", "Module Name": "SkyTel ST900 Secure 2Way", "Module Type": "Hardware", "Validation Date": "08/19/200510/13/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp564.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/564", "detail_available": true, "module_name": "SkyTel ST900 Secure 2Way", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "SkyTel ST900 Secure 2Way is a wireless product for agencies transmitting sensitive and critical communications. The device, an ST900 2Way pager, operates on narrowband PCS, recommended for reliability and superior inbuilding penetration. It is password-protected, with AES encryption and encryption key establishment based on ANSI X9.63." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/563", "Certificate Number": "563", "Vendor Name": "Snapshield, Ltd.", "Module Name": "SNAPcell", "Module Type": "Hardware", "Validation Date": "08/19/200512/02/200512/22/200501/13/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp563.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/563", "detail_available": true, "module_name": "SNAPcell", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "SNAPcell is a plug-in cellular accessory for Sony Ericsson handsets which enable secure end-to-end GSM communications. SNAPcell draws a new key for each session. SNAPcell requires minimum user intervention with seamless operation and due to the efficient implementation of the encryption algorithms it has minimum impact on the handset battery life. SNAPcell can be used across all four GSM frequency bands and the handset or the subscriber cannot be identifiable within the network. SNAPcell can be easily transferred from one device to another.\" \"Snapcell is a high assurance, lightweight, micro-adapter that secures cellular communications, end-to-end on any GSM frequency (850/900/1800/1900). Snapcell is compatible with standard Sony-Ericsson (GSM) mobile phones. Snapcell is approved for exporting outside the USA. Snapcell is also available with an optional centralized enterprise manager gateway (CEMG) that provides a secure single-point of administration for networking up to several thousands of users over public and private networks. Snapcell is currently deployed by the U.S. Special Forces, U.S. Navy, Coalition partners and financial institutions in over 30 countries." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/562", "Certificate Number": "562", "Vendor Name": "Wei Dai", "Module Name": "Crypto++ Library", "Module Type": "Software", "Validation Date": "07/29/200508/24/200510/28/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp562.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/562", "detail_available": true, "module_name": "Crypto++ Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Crypto++ Library is a free, open source C++ class library providing public key encryption, digital signatures, symmetric ciphers, hash functions, message authentication codes, and other cryptographic algorithms. The dynamic link library (DLL) is FIPS 140-2 Level 1 validated. The source code of the validated module is available upon request." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/561", "Certificate Number": "561", "Vendor Name": "SPYRUS, Inc.", "Module Name": "LYNKS Privacy Card", "Module Type": "Hardware", "Validation Date": "07/29/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp561.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/561", "detail_available": true, "module_name": "LYNKS Privacy Card", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SPYRUS family of LYNKS Privacy Card tokens provides high performance, high assurance cryptographic processing in a personal, portable PC card form factor. The LYNKS Privacy Card product enables security- critical capabilities such as user authentication, message privacy and integrity, authentication, and secure storage in rugged, tamper-evident hardware." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/560", "Certificate Number": "560", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Windows CE, Windows Mobile, and Windows Embedded Handheld Enhanced Cryptographic Provider (RSAENH)", "Module Type": "Software", "Validation Date": "07/29/200508/24/200506/21/200606/28/200606/29/200612/08/200605/14/200702/21/200804/04/200810/30/200905/29/2015", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp560.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/560", "detail_available": true, "module_name": "Microsoft Windows CE, Windows Mobile, and Windows Embedded Handheld Enhanced Cryptographic Provider (RSAENH)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Microsoft Windows CE, Windows Mobile, and Windows Embedded Handheld Enhanced Cryptographic Provider (RSAENH) is a general-purpose, softwarebased, cryptographic module for Windows CE, Windows Mobile, and Windows Embedded Handheld. It can be dynamically linked into applications by software developers to permit the use of general-purpose cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/559", "Certificate Number": "559", "Vendor Name": "Nortel Networks", "Module Name": "Contivity® VPN Client", "Module Type": "Software", "Validation Date": "07/25/200508/24/200508/29/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp559.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/559", "detail_available": true, "module_name": "Contivity® VPN Client", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with Microsoft® Enhanced Cryptographic Provider validated to FIPS 140-1 under Cert. #238 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Contivity VPN Client provides stable, secure network access via Nortel VPN routers and VPN gateways. The client can be preconfigured and customized by IT administrators for quick install and connect, or easily configured by end users via the connection wizard. The VPN client works over all IP infrastructures including all wireless, broadband, and satellite services. The VPN client also supports seamless roaming, enabling a user to roam wirelessly without losing the virtual connection." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/558", "Certificate Number": "558", "Vendor Name": "ActivCard, Inc.", "Module Name": "ActivCard Digital Identity Applet Suite v2.5 on OCS ID-One Cosmo 64 v5", "Module Type": "Hardware", "Validation Date": "07/25/200505/26/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp558.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/558", "detail_available": true, "module_name": "ActivCard Digital Identity Applet Suite v2.5 on OCS ID-One Cosmo 64 v5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The ActivCard Digital Identity Applet Suite v2.5 on OCS ID-One Cosmo 64 v5: Provides enhanced functionality, flexibility, and security based on the ActivCard Applet v2 frameworks; Is backward compatible with earlier versions of ActivCard applets; Offers a more open, stable, and flexible platform on which developers can build and deploy smart card applications; Is compliant with GSC-IS 2.1 virtual machine command interface; Supports GSC-IS 2.1 data model." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/557", "Certificate Number": "557", "Vendor Name": "Telkonet Communications, Inc.", "Module Name": "Telkonet G3 Series iBridge and Telkonet G3 Series eXtender", "Module Type": "Hardware", "Validation Date": "07/25/200504/04/200608/29/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp557.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/557", "detail_available": true, "module_name": "Telkonet G3 Series iBridge and Telkonet G3 Series eXtender", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Telkonet system uses power line communications (PLC) technology to deliver broadband internet to a building's existing electrical wiring. The system consists of four components: The Telkonet Gateway, Telkonet iBridge, Telkonet eXtender and Telkonet Coupler." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/556", "Certificate Number": "556", "Vendor Name": "JP Mobile, Inc.", "Module Name": "SureWave Mobile Defense Security Kernel", "Module Type": "Software", "Validation Date": "07/07/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp556.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/556", "detail_available": true, "module_name": "SureWave Mobile Defense Security Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The SureWave Mobile Defense Security Kernel controls the cryptographic functions of various versions of the SureWave Mobile Defense 4.0 software for Palm, Pocket PC, and Symbian OS enabled devices. Although the same kernel is used in all versions of PDA Defense 4.0, it has only been tested and validated for use on the Pocket PC 2003 Premium." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/555", "Certificate Number": "555", "Vendor Name": "Sun Microsystems, Inc.", "Module Name": "Sun Cryptographic Accelerator 4000", "Module Type": "Hardware", "Validation Date": "07/07/200507/28/200509/16/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp555.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/555", "detail_available": true, "module_name": "Sun Cryptographic Accelerator 4000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Sun Cryptographic Accelerator 4000 (SCA 4000) is a highperformance secure networking solution for Sun servers. It is a PCI card consisting of a Gigabit Ethernet adapter with on-board cryptographic acceleration hardware and a secure cryptographic key store. The card enhances server network performance by off-loading compute intensive cryptographic calculations (asymmetric and symmetric) from the server's CPU, accelerating both IPsec and SSL processing. The SCA 4000 also provides a secure remote administration capability. It is tightly integrated with Sun's server hardware and software." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/554", "Certificate Number": "554", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Pitney Bowes iButton Postal Security Device (PSD)", "Module Type": "Hardware", "Validation Date": "06/29/200510/18/200503/29/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp554.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/554", "detail_available": true, "module_name": "Pitney Bowes iButton Postal Security Device (PSD)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Pitney Bowes iButton Postal Security Device (PSD) has been designed in compliance with the Canada Post Corporations Digital Indicia Standard. It employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes global digitial metering products. The PSD has been designed to support international postal markets and their rapidly evolving requirements for digital indicia." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/553", "Certificate Number": "553", "Vendor Name": "Telkonet Communications, Inc.", "Module Name": "Telkonet G3 Series Gateway", "Module Type": "Hardware", "Validation Date": "06/27/200507/07/200503/29/200608/29/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp553.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/553", "detail_available": true, "module_name": "Telkonet G3 Series Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Telkonet system uses power line communications (PLC) technology to deliver broadband internet to a building's existing electrical wiring. The system consists of four components: The Telkonet Gateway, Telkonet iBridge, Telkonet eXtender and Telkonet Coupler." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/552", "Certificate Number": "552", "Vendor Name": "Gemplus Corp.", "Module Name": "GemXpresso Pro R3 E64 PK - FIPS with DAL C3 Applet Suite", "Module Type": "Hardware", "Validation Date": "06/20/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp552.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/552", "detail_available": true, "module_name": "GemXpresso Pro R3 E64 PK - FIPS with DAL C3 Applet Suite", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This module is based on a Gemplus Open OS Smart Card with a large 64K EEPROM memory, and on a cryptographic applet suite developed by Dreifus Associates LTD. Inc. The SmartCard platform has on board Triple DES and RSA algorithms and provides on board key generation. The Applet Suite supports management of 3DES keys and PINs, and provides services for authentication, access control, generic container and PKI . The module conforms to Java Card 2.1.1, Global Platform 2.0.1', and GSC-IS v2.1 standards-Card Edge Interface for VM cards, and is very well suited for US Government and Federal projects." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/551", "Certificate Number": "551", "Vendor Name": "Neopost Technologies", "Module Name": "N94i/155 SMM", "Module Type": "Hardware", "Validation Date": "06/16/200510/03/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp551.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/551", "detail_available": true, "module_name": "N94i/155 SMM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The N94i/155 module is a postage meter supporting accounting and cryptographic functions for secure electronic transactions. Associated to a document transport system and an inkjet printhead, the module is capable of producing up to 110 envelopes per minute." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/550", "Certificate Number": "550", "Vendor Name": "Priva Technologies, Inc.", "Module Name": "Priva Technologies Cleared IC", "Module Type": "Hardware", "Validation Date": "06/09/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp550.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/550", "detail_available": true, "module_name": "Priva Technologies Cleared IC", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "This tamper protected custom integrated circuit provides secure cryptographic and multi-factor authentication services, including encryption/decryption, secure transactions, data verification, key storage, and further key management and non-repudiation functions as part of the Priva Technologies Cleared Security Platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/549", "Certificate Number": "549", "Vendor Name": "Oberthur Card Systems", "Module Name": "ID-One Cosmo 64 v5", "Module Type": "Hardware", "Validation Date": "06/09/200509/23/200508/16/200604/30/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp549.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/549", "detail_available": true, "module_name": "ID-One Cosmo 64 v5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The ID-One Cosmo 64 v5 is a JavaCard cryptographic module with dual interface (ISO 7816 & ISO 14443) specifically designed for identity and government market needs. It offers a full 64K Byte of EEPROm space available for customer discretionary use, together with on card cryptographic services such as TDES, AES, Elliptic Curve and 2048-bit RSA algorithms with on-card key generation. It is compliant to Java Card v2.2 and Open Platform v2.1.1A. To protect against skimming, a built-in firewall allows application developers to disable contactless access for sensitive operations. Additional feature include On-Card fingerprint matching and Logical Channels. The ID-One Cosmo 64 v5 is available in contact only, dual interface, or contactless only formats." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/548", "Certificate Number": "548", "Vendor Name": "Oberthur Card Systems", "Module Name": "ID-One Cosmo 64 v5", "Module Type": "Hardware", "Validation Date": "06/09/200509/23/200505/16/200608/16/200604/30/200710/15/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp548.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/548", "detail_available": true, "module_name": "ID-One Cosmo 64 v5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The ID-One Cosmo 64 v5 is a JavaCard cryptographic module with dual interface (ISO 7816 & ISO 14443) specifically designed for identity and government market needs. It offers a full 64K Byte of EEPROM space available for customer discretionary use, together with on card cryptographic services such as TDES, AES, Elliptic Curve and 2048-bit RSA algorithms with on-card key generation. It is compliant to Java Card v2.2 and Open Platform v2.1.1A. To protect against skimming, a built-in firewall allows application developers to disable contactless access for sensitive operations. Additional features include On- Card fingerprint matching and Logical Channels. The ID-One Cosmo 64 v5 is available in contact only, dual interface, or contactless only formats." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/547", "Certificate Number": "547", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Compliant Meter Postal Security Device (CoMet PSD)", "Module Type": "Hardware", "Validation Date": "06/02/200502/24/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp547.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/547", "detail_available": true, "module_name": "Compliant Meter Postal Security Device (CoMet PSD)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Pitney Bowes Compliant Meter Postal Security Device (PSD) has been designed in compliance with the United States Postal Service (USPS), Information-Based Indicia Program (IBIP), Canada Post Corporations Digital Indicia Standard, and Deutsche Post's FrankIT New Generation Digital Franking program. It employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes global digital metering products. The PSD has been designed to support international postal markets and their rapidly evolving requirements for digital indicia." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/546", "Certificate Number": "546", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks NetScreen 204 and 208", "Module Type": "Hardware", "Validation Date": "06/02/200506/10/200512/02/200501/26/200606/20/200612/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp546.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/546", "detail_available": true, "module_name": "Juniper Networks NetScreen 204 and 208", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Juniper Networks NetScreen-204 and 208 are purpose-built internet security appliances that deliver firewall, VPN, and traffic shaping optimized for the most demanding environments such as medium and large enterprise offices, e-business sites, data centers, and carrier infrastructures." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/545", "Certificate Number": "545", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks NetScreen-5400", "Module Type": "Hardware", "Validation Date": "06/02/200506/10/200512/02/200501/26/200606/20/200612/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp545.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/545", "detail_available": true, "module_name": "Juniper Networks NetScreen-5400", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Juniper Networks NetScreen-5400 is a purpose-built, highperformance security system designed to deliver a new level of highperformance capabilities for large enterprise, carrier, and data center networks. The NetScreen-5400 security system integrates firewall, DoS, DDoS protection, VPN, and traffic management functionality in lowprofile modular chassis." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/544", "Certificate Number": "544", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks NetScreen-5200", "Module Type": "Hardware", "Validation Date": "06/02/200506/10/200512/02/200501/26/200606/20/200612/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp544.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/544", "detail_available": true, "module_name": "Juniper Networks NetScreen-5200", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Juniper Networks NetScreen-5200 is a purpose-built, highperformance security system designed to deliver a new level of highperformance capabilities for large enterprise, carrier, and data center networks. The NetScreen-5200 security system integrates firewall, DoS and DDoS protection, VPN, and traffic management functionality in lowprofile modular chassis." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/543", "Certificate Number": "543", "Vendor Name": "Utimaco® Safeware AG", "Module Name": "CryptoServer® 2000", "Module Type": "Hardware", "Validation Date": "06/02/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp543.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/543", "detail_available": true, "module_name": "CryptoServer® 2000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The CryptoServer® 2000 is an encapsulated, highly tamper protected hardware security module which provides secure cryptographic services like encryption or decryption, hashing, signing and verifying of data, random number generation, on-board secure key generation, key storage, and further key management functions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/542", "Certificate Number": "542", "Vendor Name": "Certicom Corp.", "Module Name": "Security Builder FIPS Module", "Module Type": "Software", "Validation Date": "06/02/200503/16/200608/29/200611/06/200607/20/200709/12/200704/29/200806/24/200803/06/200910/16/200910/18/201311/01/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp542.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/542", "detail_available": true, "module_name": "Security Builder FIPS Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Security Builder FIPS Module is a standards-based cryptographic toolkit that supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into both mobile and server-based applications. The Security Builder FIPS Module is part of the Certicom Security Architecture, a comprehensive cross-platform security solution which supports multiple cryptographic software and hardware providers with a single common API." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/541", "Certificate Number": "541", "Vendor Name": "AEP Networks", "Module Name": "AEP Enterprise CM", "Module Type": "Hardware", "Validation Date": "06/02/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp541.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/541", "detail_available": true, "module_name": "AEP Enterprise CM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 4, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The AEP Enterprise CM by AEP Networks offers the next generation security platform for managing cryptographic keys and protecting sensitive applications. The AEP Enterprise CM is a hardware security module (HSM) designed for managing mission critical applications that demand maximum security. It is ideally suited for companies that need secure key management for certification authorities, registration authorities, OCSP responders, smart card issuers, web servers and other applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/540", "Certificate Number": "540", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks NetScreen-500", "Module Type": "Hardware", "Validation Date": "06/02/200506/10/200512/02/200501/26/200606/20/200612/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp540.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/540", "detail_available": true, "module_name": "Juniper Networks NetScreen-500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Juniper Networks NetScreen-500 is a purpose-built internet security appliance that provides advanced firewall, IPSec VPN, and traffic management functionality, optimized for the most demanding environments such as medium and large enterprise offices, carrier infrastructures, or service providers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/539", "Certificate Number": "539", "Vendor Name": "Juniper Networks, Inc.", "Module Name": "Juniper Networks NetScreen-5XT", "Module Type": "Hardware", "Validation Date": "06/02/200506/10/200512/02/200501/26/200606/20/200612/11/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp539.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/539", "detail_available": true, "module_name": "Juniper Networks NetScreen-5XT", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Juniper Networks NetScreen-5XT is a purpose-built Internet security appliance that delivers firewall, VPN and traffic shaping that offers a complete security solution for telecommuters, small-sized companies and branch offices. Featuring two 10 Base-T Ethernet ports (trust and untrusted), the Juniper Networks NetScreen-5XT performs at near wirespeed, protecting the LAN from attack and providing IPSEC based VPN capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/538", "Certificate Number": "538", "Vendor Name": "Rockwell Collins, Inc.", "Module Name": "Common Crypto Circuit Card Assembly", "Module Type": "Hardware", "Validation Date": "05/10/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp538.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/538", "detail_available": true, "module_name": "Common Crypto Circuit Card Assembly", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Common Crypto Circuit Card Assembly is a module designed for use in Link 16 communication platforms. The module can be used in an external cryptographic application or embedded in an internal application. The module hosts four commercial cryptographic algorithms for data encryption/decryption. The algorithms are stored in memory. One of the four algorithms is selected for use and loaded. The module accepts up to eight keys which are externally generated and loaded. The AES algorithm operates in a FIPS-approved mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/537", "Certificate Number": "537", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nCipher 4000 PCI, nShield 800 PCI, and nShield Plus PCI", "Module Type": "Hardware", "Validation Date": "05/10/200503/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp537.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/537", "detail_available": true, "module_name": "nCipher 4000 PCI, nShield 800 PCI, and nShield Plus PCI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher modules: nCipher 4000 PCI, nShield 800 PCI, and nShield Plus PCI family of secure e-commerce HSM's are multi-tasking hardware module that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/536", "Certificate Number": "536", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nCipher 4000 PCI, nShield 800 PCI, and nShield Plus PCI", "Module Type": "Hardware", "Validation Date": "05/10/200503/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp536.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/536", "detail_available": true, "module_name": "nCipher 4000 PCI, nShield 800 PCI, and nShield Plus PCI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When initialized to Overall Level 3 per Security Policy - Only operates in FIPS mode at Level 3", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher modules: nCipher 4000 PCI, nShield 800 PCI, and nShield Plus PCI family of secure e-commerce HSM's are multi-tasking hardware module that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/535", "Certificate Number": "535", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nToken", "Module Type": "Hardware", "Validation Date": "05/10/200503/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp535.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/535", "detail_available": true, "module_name": "nToken", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher nToken Hardware Security Module improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/534", "Certificate Number": "534", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nCipher 1600 PCI, nCipher 1600 PCI for NetHSM, nCipher 800 PCI, nForce 1600 PCI, and nForce 800 PCI", "Module Type": "Hardware", "Validation Date": "05/10/200503/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp534.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/534", "detail_available": true, "module_name": "nCipher 1600 PCI, nCipher 1600 PCI for NetHSM, nCipher 800 PCI, nForce 1600 PCI, and nForce 800 PCI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher modules: nCipher 800 PCI, nCipher 1600 PCI, nCipher 1600 PCI for NetHSM, nForce 800 PCI and nForce 1600 PCI family of secure ecommerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers.. The nCipher modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/533", "Certificate Number": "533", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nCipher 1600 PCI, nCipher 1600 PCI for NetHSM, nCipher 800 PCI, nForce 1600 PCI, and nForce 800 PCI", "Module Type": "Hardware", "Validation Date": "05/10/200506/06/200503/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp533.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/533", "detail_available": true, "module_name": "nCipher 1600 PCI, nCipher 1600 PCI for NetHSM, nCipher 800 PCI, nForce 1600 PCI, and nForce 800 PCI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When initialized to Overall Level 3 per Security Policy - Only operates in FIPS mode at Level 3", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher modules: nCipher 800 PCI, nCipher 1600 PCI, nCipher 1600 PCI for NetHSM, nForce 800 PCI and nForce 1600 PCI family of secure ecommerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/532", "Certificate Number": "532", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nForce 150 PCI and nForce 300 PCI", "Module Type": "Hardware", "Validation Date": "05/10/200503/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp532.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/532", "detail_available": true, "module_name": "nForce 150 PCI and nForce 300 PCI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher nForce family of secure e-commerce HSM's improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/531", "Certificate Number": "531", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nForce 150 SCSI and nForce 400 SCSI", "Module Type": "Hardware", "Validation Date": "05/10/200503/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp531.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/531", "detail_available": true, "module_name": "nForce 150 SCSI and nForce 400 SCSI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nForce family of secure e-commerce HSM's improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/530", "Certificate Number": "530", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F2 SCSI and F2 Ultrasign SCSI", "Module Type": "Hardware", "Validation Date": "05/10/200503/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp530.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/530", "detail_available": true, "module_name": "nShield F2 SCSI and F2 Ultrasign SCSI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/529", "Certificate Number": "529", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F2 PCI and nShield F2 Ultrasign PCI", "Module Type": "Hardware", "Validation Date": "05/10/200503/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp529.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/529", "detail_available": true, "module_name": "nShield F2 PCI and nShield F2 Ultrasign PCI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/528", "Certificate Number": "528", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nCipher F3 PCI for NetHSM, nShield F3 PCI, nShield Lite, nShield F3 Ultrasign 32 PCI, nShield F3 Ultrasign PCI, payShield PCI, payShield Ultra PCI, and payShield Ultra PCI for NetHSM", "Module Type": "Hardware", "Validation Date": "05/10/200503/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp528.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/528", "detail_available": true, "module_name": "nCipher F3 PCI for NetHSM, nShield F3 PCI, nShield Lite, nShield F3 Ultrasign 32 PCI, nShield F3 Ultrasign PCI, payShield PCI, payShield Ultra PCI, and payShield Ultra PCI for NetHSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/527", "Certificate Number": "527", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nCipher F3 PCI for NetHSM, nShield F3 PCI, nShield Lite, nShield F3 Ultrasign 32 PCI, nShield F3 Ultrasign PCI, payShield PCI, payShield Ultra PCI, and payShield Ultra PCI for NetHSM", "Module Type": "Hardware", "Validation Date": "05/10/200503/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp527.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/527", "detail_available": true, "module_name": "nCipher F3 PCI for NetHSM, nShield F3 PCI, nShield Lite, nShield F3 Ultrasign 32 PCI, nShield F3 Ultrasign PCI, payShield PCI, payShield Ultra PCI, and payShield Ultra PCI for NetHSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When initialized to Overall Level 3 per Security Policy - Only operates in FIPS mode at Level 3", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/526", "Certificate Number": "526", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F3 SCSI, nShield F3 Ultrasign 32 SCSI, nShield F3 Ultrasign SCSI,\npayShield SCSI, and payShield Ultra SCSI", "Module Type": "Hardware", "Validation Date": "05/10/200503/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp526.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/526", "detail_available": true, "module_name": "nShield F3 SCSI, nShield F3 Ultrasign 32 SCSI, nShield F3 Ultrasign SCSI, payShield SCSI, and payShield Ultra SCSI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/525", "Certificate Number": "525", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F3 SCSI, nShield F3 Ultrasign 32 SCSI, nShield F3 Ultrasign SCSI,\npayShield SCSI, and payShield Ultra SCSI", "Module Type": "Hardware", "Validation Date": "05/10/200503/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp525.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/525", "detail_available": true, "module_name": "nShield F3 SCSI, nShield F3 Ultrasign 32 SCSI, nShield F3 Ultrasign SCSI, payShield SCSI, and payShield Ultra SCSI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When initialized to Overall Level 3 per Security Policy - Only operates in FIPS mode at Level 3", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/524", "Certificate Number": "524", "Vendor Name": "IBM® Corporation", "Module Name": "IBM eServer Cryptographic Coprocessor Security Module", "Module Type": "Hardware", "Validation Date": "04/27/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp524.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/524", "detail_available": true, "module_name": "IBM eServer Cryptographic Coprocessor Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 4, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The IBM eServer Cryptographic Coprocessor Security Module, is a tamperresponding, programmable, cryptograhpic PCIX card, containing CPU, encryption hardware, RAM, EEPROM, hardware random number generator, time of day clock, firmware, and software. The Coprocessor is available for use as a feature in IBM eServer, zSeries990 and zSeries890 servers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/523", "Certificate Number": "523", "Vendor Name": "Cryptek, Inc.", "Module Name": "Cryptek Common Security Module (CSM)", "Module Type": "Hardware", "Validation Date": "04/27/200506/29/200510/13/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp523.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/523", "detail_available": true, "module_name": "Cryptek Common Security Module (CSM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The CSM is a secure network product designed to enforce three distinct information flow policies: Mandatory Access Control (MAC), Discretionary access Control (DAC), and Packet filtering. The design can support multiple security domains on a single network infrastructure by combining cryptography and labeling technology. The Cryptek CSM hardware and firmware constitute the core technology used in the DiamondLink, DiamondVPN, DiamondPAK, DiamondSAT, DiamondUTC, CL100, CL150, CL100-F, CP102, CP104, CP106, CV100, CS101, CS102, and CT100." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/522", "Certificate Number": "522", "Vendor Name": "Voltage Security, Inc.", "Module Name": "Voltage IBE Cryptographic Module", "Module Type": "Software", "Validation Date": "04/27/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp522.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/522", "detail_available": true, "module_name": "Voltage IBE Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Voltage IBE Cryptographic Module is a component of the Voltage IBE Toolkit, a set of development tools that enable any application to quickly and easily use Identity Based Encryption (IBE) to secure data. IBE uses simple strings like email or IP addresses as public keys, eliminating the need for certificates and associated management. The Voltage IBE Cryptographic Module also contains implementations of 3DES, AES, SHA- 1, and DSA. The Voltage IBE Toolkit is available for download at http://developer.voltage.com" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/521", "Certificate Number": "521", "Vendor Name": "Communication Devices, Inc.", "Module Name": "Port Authority 88", "Module Type": "Hardware", "Validation Date": "04/07/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp521.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/521", "detail_available": true, "module_name": "Port Authority 88", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Port Authority 88 is designed to protect firewall/router console port access. The device was designed to overcome the weaknesses of RADIUS and TACACS+ for remote access authentication. The Port Authority 88 stores its own database of up to 150 users right on board. The Port Authority 88 supports speeds up to 115.2 Kbps and has a built in V.34 internal modem. Full Triple-DES encryption is supported." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/520", "Certificate Number": "520", "Vendor Name": "Communication Devices, Inc.", "Module Name": "Port Authority 44", "Module Type": "Hardware", "Validation Date": "04/07/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp520.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/520", "detail_available": true, "module_name": "Port Authority 44", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Port Authority 44 is designed to protect firewall/router console port access. The device was designed to overcome the weaknesses of RADIUS and TACACS+ for remote access authentication. The Port Authority 44 stores its own database of up to 150 users right on board. The Port Authority 44 supports speeds up to 115.2 Kbps and has a built in V.34 internal modem. Full Triple-DES encryption is supported." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/519", "Certificate Number": "519", "Vendor Name": "Avaya, Inc.", "Module Name": "G350 Branch Office Media Gateway w/FIPS", "Module Type": "Hardware", "Validation Date": "04/07/200505/05/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp519.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/519", "detail_available": true, "module_name": "G350 Branch Office Media Gateway w/FIPS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Avaya G350 Branch Office Media Gateway is a complete branch office business communications system that integrates an IP telephony gateway, an advanced IP WAN router, and a high performance LAN switch into a compact (3U) modular chassis. Ideally suited for enterprise with distributed branch office locations of 8-40 extensions, the G350 replaces the complexity and cost of managing disparate key and voice systems with a survivable networked solution that is easy to deploy and can be administered from a central location." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/518", "Certificate Number": "518", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 831 Secure Broadband Router", "Module Type": "Hardware", "Validation Date": "04/07/200505/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp518.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/518", "detail_available": true, "module_name": "Cisco 831 Secure Broadband Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Branch office networking requirements are dramatically evolving, driven by web and e-commerce applications to enhance productivity and merging the voice and data infrastructure to reduce costs. The Cisco 831 Secure Broadband Router provides a scalable, secure, manageable remote access server that meets FIPS 140-2 Level 2 requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/517", "Certificate Number": "517", "Vendor Name": "SafeNet Canada, Inc. and Cavium Networks", "Module Name": "Luna K4 Cryptographic Module / NITROX XL CN1120-NFB Acceleration Board, NITROX XL CN1010-NFB Acceleration Board, NITROX XL CN1005-NFB Acceleration Board", "Module Type": "Hardware", "Validation Date": "03/22/200512/02/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp517.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/517", "detail_available": true, "module_name": "Luna K4 Cryptographic Module / NITROX XL CN1120-NFB Acceleration Board, NITROX XL CN1010-NFB Acceleration Board, NITROX XL CN1005-NFB Acceleration Board", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The SafeNet K4 Cryptographic Module is a PCI card that provides cryptographic key protection and acceleration for both asymmetric and symmetric encryption operations. It is contained in its own secure enclosure that provides physical resistance to tampering and zeroization of plaintext cryptographic material in the event the enclosure is opened.", "algorithms": [ "AES", "DES", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/516", "Certificate Number": "516", "Vendor Name": "SafeNet Canada, Inc. and Cavium Networks", "Module Name": "Luna K4 Cryptographic Module / NITROX XL CN1120-NFB Acceleration Board, NITROX XL CN1010-NFB Acceleration Board, NITROX XL CN1005-NFB Acceleration Board", "Module Type": "Hardware", "Validation Date": "03/22/200512/02/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp516.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/516", "detail_available": true, "module_name": "Luna K4 Cryptographic Module / NITROX XL CN1120-NFB Acceleration Board, NITROX XL CN1010-NFB Acceleration Board, NITROX XL CN1005-NFB Acceleration Board", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The SafeNet K4 Cryptographic Module is a PCI card that provides cryptographic key protection and acceleration for both asymmetric and symmetric encryption operations. It is contained in its own secure enclosure that provides physical resistance to tampering and zeroization of plaintext cryptographic material in the event the enclosure is opened.", "algorithms": [ "AES", "DES", "DSA", "ECDSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/515", "Certificate Number": "515", "Vendor Name": "GuardianEdge Technologies, Inc.", "Module Name": "Encryption Plus Cryptographic Library", "Module Type": "Software", "Validation Date": "03/22/200502/23/200602/24/200602/27/200611/28/200704/29/200805/08/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp515.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/515", "detail_available": true, "module_name": "Encryption Plus Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Encryption Plus Cryptographic Library is a compact and fast encryption module that provides cryptographic services to the following products: GuardianEdge Data Protection Framework, GuardianEdge Hard Disk Encryption, GuardianEdge Removable Storage Encryption, Encryption Anywhere Hard Disk, Encryption Anywhere Removable Storage, Encryption Anywhere CD-DVD, Encryption Plus Hard Disk, Encryption Plus Email, and Encryption Plus Folders." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/514", "Certificate Number": "514", "Vendor Name": "WRQ, Inc.", "Module Name": "Reflection Security Component (RSC)", "Module Type": "Software", "Validation Date": "03/15/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp514.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/514", "detail_available": true, "module_name": "Reflection Security Component (RSC)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "WRQ Reflection software provides a complete range of terminal-emulation and PC X-server solutions for host access from Windows PCs. Each solution is specifically designed to boost IT efficiency and user productivity and includes full support for popular network security protocols such as Secure Shell, TLS/SSL, and Kerberos." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/513", "Certificate Number": "513", "Vendor Name": "RELM Wireless Corporation", "Module Name": "DPHx Radio with LZA0577 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "03/15/200504/20/200506/06/200501/31/200603/29/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp513.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/513", "detail_available": true, "module_name": "DPHx Radio with LZA0577 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The DPHx Radio with LZA0577 Cryptographic Module is a public safety radio that provides secure, encrypted digital communication." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/512", "Certificate Number": "512", "Vendor Name": "E.F. Johnson Co.", "Module Name": "Communication Cryptographic Library (CCL)", "Module Type": "Software", "Validation Date": "03/15/200405/05/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp512.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/512", "detail_available": true, "module_name": "Communication Cryptographic Library (CCL)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The E.F. Johnson Co. Communication Cryptographic Library (CCL) is a Microsoft Windows 2000/2003/XP and Pocket PC 2003 Dynamic Link Library that performs security related functions. The CCL is packaged as a Software Development Kit which makes available an Application Programming Interface (API) for all the security functions of the CCL. The security functions available via the APIs are: AES 128 bit, AES 192 bit, AES 256 bit, DES, DSA 1024 bit Signature Generation and Verification, HMAC, PRNG, and SHA-1. The CCL is used in the E.F. Johnson Subscriber Management Assistant key loader." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/511", "Certificate Number": "511", "Vendor Name": "Forum Systems, Inc.", "Module Name": "Forum FIA Gateway 1504G", "Module Type": "Hardware", "Validation Date": "02/28/200503/02/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp511.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/511", "detail_available": true, "module_name": "Forum FIA Gateway 1504G", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and using the nCipher 1600 PCI card (Cert. #402)", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Forum FIA Gateway provides the foundation infrastructure that drives a return on investment by enabling secure XML and Web services communications for mission critical applications. Forum FIA Gateway industry specific solutions include: government compliance, secure electronic forms, secure partner integration, secure partner collaboration, electronic notary, evidence repository as well as secure Service Oriented Architectures." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/510", "Certificate Number": "510", "Vendor Name": "AEP Networks", "Module Name": "SmartGate", "Module Type": "Software", "Validation Date": "02/28/200503/02/200505/23/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp510.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/510", "detail_available": true, "module_name": "SmartGate", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SmartGate is one of the most comprehensive security products on the market. It is a virtual private network (VPN) software that provides secure encrypted channels between users outside your network and the applications and data contained within your network. Fine-grain access control ensures that authorized users are allowed access to specific applications only." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/509", "Certificate Number": "509", "Vendor Name": "Dreifus Associates Limited, Inc.", "Module Name": "DAL C32 Applet Suite on Axalto Cyberflex Access 64Kv1 Smart Card Chip", "Module Type": "Hardware", "Validation Date": "02/28/200503/23/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp509.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/509", "detail_available": true, "module_name": "DAL C32 Applet Suite on Axalto Cyberflex Access 64Kv1 Smart Card Chip", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The DAL C3 suite of Applets on the Axalto Cyberflex 64k smart card module provides digital signature, key generation, and secure storage of data. The smart card module conforms to Java Card 2.1.1, Open Platform 2.0.1, and GSC-ISv2.1. End users can utilize the module services for network authentication, physical access, digital signature, and secure storage." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/508", "Certificate Number": "508", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-C Micro Edition (ME)", "Module Type": "Software", "Validation Date": "02/28/200510/07/200501/04/200810/16/200809/07/201003/28/201101/24/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp508.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/508", "detail_available": true, "module_name": "RSA BSAFE® Crypto-C Micro Edition (ME)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Crypto-C Micro Edition (ME) Module is RSA Security, Inc.'s cryptographic library designed for securing mobile devices like wireless phones and personal digital assistants. It contains assembly-level optimizations on key wireless processors while offering great flexibility and choice by allowing developers to select only the algorithms needed in reduced code sizes. Its functionality includes a wide range of data encryption and signing algorithms, including Triple-DES, the Advanced Encryption Standard (AES) algorithm, the RSA Public Key Cryptosystem, the DSA government signature algorithm, MD5 and SHA1 message digest routines, and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/507", "Certificate Number": "507", "Vendor Name": "ALERTCO RF/RFID", "Module Name": "TIMAC Cryptographic Module", "Module Type": "Hardware", "Validation Date": "02/11/200504/07/200501/11/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp507.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/507", "detail_available": true, "module_name": "TIMAC Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The TIMAC module is a 17 pin header mounted multi-chip embedded firmware microprocessor module used to encrypt and decrypt point-to-point or point-to-multipoint serial data. The device is a FIPS 140-2 Level 3 compliant and certified, high performance device implementing the AES algorithm operating in 128 bit ECB, CBC, and CFB modes. This encryption engine can be incorporated into OEM projects and products with the addition of a simple API to their hardware, for both hardwired and wireless applications, as well as any other highly secured applications such as Government and Financial Institutions. It can be used in other data transmission applications requiring NSA approved serial data encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/506", "Certificate Number": "506", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Endpoint Encryption for PCs Client (formerly SafeBoot Client)", "Module Type": "Software", "Validation Date": "01/24/200504/30/200706/23/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp506.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/506", "detail_available": true, "module_name": "McAfee Endpoint Encryption for PCs Client (formerly SafeBoot Client)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "McAfee Endpoint Encryption for PCs Client is a high performance software solution that provides sector-level encryption of a PC's hard drive in a manner that is totally transparent to the user. In addition, the centralized McAfee Endpoint Encryption management system provides robust recovery tools, administration, and implementation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/505", "Certificate Number": "505", "Vendor Name": "Meganet Corporation", "Module Name": "VME Crypto Engine", "Module Type": "Software", "Validation Date": "01/24/200502/04/200505/04/200512/07/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp505.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/505", "detail_available": true, "module_name": "VME Crypto Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated with the Microsoft® Base Cryptographic Provider validated to FIPS 140-1 under Certificate #238 operating in FIPS mode for the operating systems specified", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "VME Crypto Engine is a suite of tools that make data encryption and decryption easy and reliable. VME Crypto Engine also provides tools that allow you to encrypt and decrypt email messages, chat sessions, files transmitted ftp, and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/504", "Certificate Number": "504", "Vendor Name": "Thales e-Security Inc.", "Module Name": "DC2K Security Module", "Module Type": "Hardware", "Validation Date": "01/24/200510/13/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp504.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/504", "detail_available": true, "module_name": "DC2K Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The DC2K Security Module is a multiple-chip embedded cryptographic module installed in the Datacryptor® 2000 that secures communications using signed Diffie-Hellman key exchange and Triple-DES or AES encryption over point-to-point links, X.25, Frame Relay, and IP networks. The unit also provides integrated secure unit management capability employing the same techniques used for traffic encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/503", "Certificate Number": "503", "Vendor Name": "Thales e-Security Inc.", "Module Name": "DCAP Security Module", "Module Type": "Hardware", "Validation Date": "01/24/200503/14/200510/13/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp503.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/503", "detail_available": true, "module_name": "DCAP Security Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The DCAP Security Module is a multiple-chip embedded cryptographic module installed in the Datacryptor® Advanced Performance Cryptographic Module (known as the Datacryptor® AP). It secures communications using signed Diffie-Hellman key exchange and Triple- DES or AES encryption over IP networks. It provides data encryption rates of up to 100 Megabits per second (Mbps). The unit also provides integrated secure unit management capability employing the same techniques used for traffic encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/502", "Certificate Number": "502", "Vendor Name": "3e Technologies International, Inc.", "Module Name": "3e-525A, 3e-525N and 3e-519 Wireless Gateway", "Module Type": "Hardware", "Validation Date": "01/18/200510/31/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp502.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/502", "detail_available": true, "module_name": "3e-525A, 3e-525N and 3e-519 Wireless Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "A problem of increasing concern in the deployment of Wireless LANs throughout enterprise environments is security. 3e Technologies International meets this need by providing a secure, accessible, highperformance WLAN end-to-end solution, through its family of Secure Wireless Gateway/Access Points and Secure Client solutions. The 3e family of Secure Wireless Gateways implements a cryptographic suite including AES, 3DES, SHA-1, HMAC SHA-1, Diffie-Hellman, and HTTPS/TLS. These algorithms are used in combination to protect the main Gateway services of bridging from wired uplink LAN to the wire." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/501", "Certificate Number": "501", "Vendor Name": "Dreifus Associates Limited, Inc.", "Module Name": "DAL C3 Applet Suite on Axalto Cyberflex Access 64Kv1 Smart Card Chip", "Module Type": "Hardware", "Validation Date": "01/18/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp501.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/501", "detail_available": true, "module_name": "DAL C3 Applet Suite on Axalto Cyberflex Access 64Kv1 Smart Card Chip", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The DAL C3 suite of Applets on the Axalto Cyberflex 64k smart card module provides digital signature, key generation, and secure storage of data. The smart card module conforms to Java Card 2.1.1, Open Platform 2.0.1, and GSC-ISv2.1. End users can utilize the module services for network authentication, physical access, digital signature, and secure storage." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/500", "Certificate Number": "500", "Vendor Name": "Research In Motion Ltd.", "Module Name": "BlackBerry® Cryptographic Kernel", "Module Type": "Firmware", "Validation Date": "01/18/200501/31/200503/11/200506/30/200508/24/200509/09/200510/07/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp500.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/500", "detail_available": true, "module_name": "BlackBerry® Cryptographic Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-toend solution. The BlackBerry® Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry®." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/499", "Certificate Number": "499", "Vendor Name": "E.F. Johnson Co.", "Module Name": "Subscriber Encryption Module (SEM)", "Module Type": "Hardware", "Validation Date": "01/18/200505/05/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp499.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/499", "detail_available": true, "module_name": "Subscriber Encryption Module (SEM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The E.F. Johnson Subscriber Encryption Module (SEM) is a cryptographic module meeting FIPS 140-2, Level 1 requirements. The SEM provides Subscriber Equipment, such as the E.F. Johnson 5100 series radio with secure encrypted voice communication. The SEM supports AES OTAR, AES, DES, DSA, and SHA-1 FIPS Approved algorithms for voice communication and protection of its firmware. The SEM can be implemented into any Subscriber Equipment requiring FIPS 140-2, Level 1 security." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/498", "Certificate Number": "498", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Compliant Meter Postal Security Device (CoMet PSD)", "Module Type": "Hardware", "Validation Date": "01/18/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp498.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/498", "detail_available": true, "module_name": "Compliant Meter Postal Security Device (CoMet PSD)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Pitney Bowes Compliant Meter Postal Security Device (PSD) has been designed in compliance with the United States Postal Service (USPS), Information-Based Indicia Program (IBIP) and with the Canada Post Corporation’s Digital Meter Indicia Specification 3457. It employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes IBIP Metering products. The PSD is a secure module employed within the metering product which performs high-speed cryptographic functions, funds management, and printer administration functions that preclude unauthorized disbursing of indicia. The PSD has been designed to support international postal markets and their rapidly evolving requirements for digital indicia." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/497", "Certificate Number": "497", "Vendor Name": "IBM® Corporation", "Module Name": "IBM Java JCE 140-2 Cryptographic Module", "Module Type": "Software", "Validation Date": "01/07/200501/11/200509/07/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp497.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/497", "detail_available": true, "module_name": "IBM Java JCE 140-2 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for Multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework that is part of all JVM's at the 1.4.0 level and higher." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/496", "Certificate Number": "496", "Vendor Name": "Research In Motion Ltd.", "Module Name": "BlackBerry Enterprise Server™ Cryptographic Kernel", "Module Type": "Software", "Validation Date": "01/07/200501/11/200508/24/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp496.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/496", "detail_available": true, "module_name": "BlackBerry Enterprise Server™ Cryptographic Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-toend solution. The BlackBerry Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/495", "Certificate Number": "495", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Thales Datacryptor Gigabit", "Module Type": "Hardware", "Validation Date": "01/07/200510/13/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp495.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/495", "detail_available": true, "module_name": "Thales Datacryptor Gigabit", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Datacryptor Gigabit is a high performance, integrated security appliance that offers Gigabit Ethernet IPSec encryption. Housed in a tamper evident chassis, the Datacryptor Gigabit has two Gigabit Ethernet ports. Traffic on the local port is received in the clear, while traffic on the remote port has security processing applied to it. Fully compatible with existing IP networks, the Datacryptor Gigabit can be seamlessly deployed into Gigabit Ethernet environments, including IP siteto-site VPNs and storage over IP networks. Its high-speed AES and 3DES IPSec processing eliminates bottlenecks while providing data authentication, confidentiality, and integrity." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/494", "Certificate Number": "494", "Vendor Name": "F-Secure Corporation", "Module Name": "F-Secure® Cryptographic Library", "Module Type": "Software", "Validation Date": "12/22/200402/03/200512/20/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp494.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/494", "detail_available": true, "module_name": "F-Secure® Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The F-Secure® Cryptographic Library™ is a family of software modules for a number of Windows and Unix platforms. The modules provide an assortment of cryptographic services accessible for clients through a C/C++ Application Programming Interface. The Windows and Solaris versions are designed and implemented to meet the Level 2 requirements of FIPS publication 140-2 when running on an appropriate hardware under Windows 2000, Solaris 8 and Trusted Solaris 8 operating systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/493", "Certificate Number": "493", "Vendor Name": "F-Secure Corporation", "Module Name": "F-Secure® Cryptographic Library", "Module Type": "Software", "Validation Date": "12/22/200402/03/200512/22/200507/10/200612/19/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp493.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/493", "detail_available": true, "module_name": "F-Secure® Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The F-Secure® Cryptographic Library™ is a family of software modules for a number of Windows and Unix platforms. The modules provide an assortment of cryptographic services accessible for clients through a C/C++ Application Programming Interface. The modules are designed and implemented to meet the Level 1 requirements of FIPS publication 140-2 when running on a GPC under various popular versions of Windows and Unix operating systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/492", "Certificate Number": "492", "Vendor Name": "ITServ Inc.", "Module Name": "RideWay Station", "Module Type": "Hardware", "Validation Date": "12/22/200401/24/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp492.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/492", "detail_available": true, "module_name": "RideWay Station", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "RideWay Station FGC integrates powerful firewall protection and VPN capabilities to safeguard computer networks from the threat of Internet attacks and intrusions. Each computer or server on the LAN must follow a strict authorization procedure in order to gain access to the network. In addition, the module uses Triple-DES encryption in its IPSec VPN to allow multiple offices to securely communicate over the Internet or to allow a remote client to securely connect to its office network. The highperforming hardware efficiently conducts encryption and decryption tasks without sacrificing throughput." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/491", "Certificate Number": "491", "Vendor Name": "Aruba Networks, Inc.", "Module Name": "Aruba 5000/6000 WLAN Switch with AirOS Software", "Module Type": "Hardware", "Validation Date": "12/22/200401/07/200512/22/200503/14/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp491.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/491", "detail_available": true, "module_name": "Aruba 5000/6000 WLAN Switch with AirOS Software", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Aruba Wireless Networks’ FIPS validated WLAN switching platform is a purpose-built Wireless LAN voice and data switching solution designed to specifically address the needs and reduce the cost of large scale WiFi network deployments for Government and large enterprise. Aruba’s WLAN switching platform is a highly scalable and redundant solution that provides centralized intelligence to secure and manage the corporate RF environment, enforce identity based user security and policies, enable service creation and provide secure mobility management to hundreds of simultaneously connected users." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/490", "Certificate Number": "490", "Vendor Name": "Focus Systems Corporation", "Module Name": "C4CS", "Module Type": "Software", "Validation Date": "12/22/200402/25/200508/21/200808/03/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp490.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/490", "detail_available": true, "module_name": "C4CS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "C4CS is a software cryptographic module providing symmetric/asymmetric ciphers, hash functions, and secret sharing schemes in FIPS mode." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/489", "Certificate Number": "489", "Vendor Name": "Bluesocket, Inc.", "Module Name": "Bluesocket WG-2100 Wireless Gateway", "Module Type": "Hardware", "Validation Date": "12/10/200408/30/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp489.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/489", "detail_available": true, "module_name": "Bluesocket WG-2100 Wireless Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Bluesocket WG-2100 Wireless Gateway provides a scalable solution with security, quality of service (QoS), Mobility, Role/Policy Enforcement and Management for today's highly-secure 802.11 Government wireless networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/488", "Certificate Number": "488", "Vendor Name": "E.F. Johnson Co.", "Module Name": "EFJohnson Encryption Module", "Module Type": "Software", "Validation Date": "12/10/200405/05/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp488.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/488", "detail_available": true, "module_name": "EFJohnson Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The EFJohnson Encryption Module is a software cryptographic module that serves both as a key store and a cryptographic service provider. The module is accessible through an API, and provides an easy-to-use yet secure means of storing sensitive cryptographic keys. The Encryption Module meets level 1 FIPS 140-2 requirements and achieves level 2 in the \"Roles, Services, and Authentication\" and \"Operation Environment\" sections of FIPS 140-2." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/487", "Certificate Number": "487", "Vendor Name": "Kasten Chase Applied Research, Ltd.", "Module Name": "Kasten Chase Cryptographic Engine", "Module Type": "Software", "Validation Date": "12/10/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp487.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/487", "detail_available": true, "module_name": "Kasten Chase Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "KCCE is an independent, executable cryptographic module that exists variously as a dynamic linked library (dll), a shared library and a driver. KCCE provides software designers with a comprehensive API that ensures secure cryptographic application development, for a wide range of operating systems, without undue complexity." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/486", "Certificate Number": "486", "Vendor Name": "Kasten Chase Applied Research, Ltd.", "Module Name": "Kasten Chase Cryptographic Engine", "Module Type": "Software", "Validation Date": "12/10/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp486.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/486", "detail_available": true, "module_name": "Kasten Chase Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "KCCE is an independent, executable cryptographic module that exists variously as a dynamic linked library (dll), a shared library and a driver. KCCE provides software designers with a comprehensive API that ensures secure cryptographic application development, for a wide range of operating systems, without undue complexity." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/485", "Certificate Number": "485", "Vendor Name": "Giesecke & Devrient", "Module Name": "Sm@rtCafé Expert FIPS 64", "Module Type": "Hardware", "Validation Date": "12/10/200404/04/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp485.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/485", "detail_available": true, "module_name": "Sm@rtCafé Expert FIPS 64", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Giesecke & Devrient (G&D) Smart Card Chip Operating System Sm@rtCafé Expert FIPS 64 is a Java Card 2.2 and Open Platform v2.0.1' compliant smart card module. It supports, at a minimum, Triple-DES, AES, DSA, and RSA algorithms with on-card key generation. The Sm@rtCafé Expert FIPS 64 is suitable for government and corporate identification, payment and banking, health care, and Web applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/484", "Certificate Number": "484", "Vendor Name": "SafeNet, Inc.", "Module Name": "Model 330G3 Smart Card", "Module Type": "Hardware", "Validation Date": "12/10/200402/22/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp484.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/484", "detail_available": true, "module_name": "Model 330G3 Smart Card", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The 330G3 is a biometrically-enabled ISO 7816 and GSC-IS compliant cryptographic smart card designed for identification and access control applications. The card provides a secure, mobile platform for strong user authentication and single sign on when integrated with SAFENET Axis software. The card supports creating, storing and using keys, certificates, passwords and other digital credentials. Security services include: Multiapplication secure storage and retrieval of data and digital credentials; Strong authentication of the cardholder using fingerprint biometrics; Cryptographic services including SHA-1, DES, 3DES, RSA Sign/Verify, RSA Encrypt/Decrypt and DSA Sign/Verify with on board key generation including RSA 2048-bit key generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/483", "Certificate Number": "483", "Vendor Name": "Symantec Corporation", "Module Name": "Symantec Cryptographic Module", "Module Type": "Software", "Validation Date": "12/10/200407/27/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp483.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/483", "detail_available": true, "module_name": "Symantec Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Symantec Cryptographic Module is a software library that contains FIPS-approved cryptographic algorithms. This module provides encryption functionality for selected Symantec products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/482", "Certificate Number": "482", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Cygnus X-1 Postal Security Device", "Module Type": "Hardware", "Validation Date": "12/10/200402/03/200503/14/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp482.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/482", "detail_available": true, "module_name": "Cygnus X-1 Postal Security Device", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Pitney Bowes Cygnus X-1 Postal Security Device (PSD) has been designed in compliance with the United States Postal Service (USPS), Information-Based Indicia Program (IBIP) and with the Canada Post Corporation's Digital Meter Indicia Specification 3457. It employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes IBIP Metering products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/481", "Certificate Number": "481", "Vendor Name": "Realia Technologies S.L.", "Module Name": "Cryptosec 2048", "Module Type": "Hardware", "Validation Date": "12/10/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp481.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/481", "detail_available": true, "module_name": "Cryptosec 2048", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Cryptosec 2048 is a high-end PCI cryprographic accelerator card that provides cryptographic services and secure storage of cryptographic keys. The module is built to perform general cryptographic processing (RSA, DES, SHA-1, MD5,...) and features a tamper-protective case to physically protect sensitive information contained within the card." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/480", "Certificate Number": "480", "Vendor Name": "Motorola, Inc.", "Module Name": "Key Variable Loader (KVL) 3000 Plus", "Module Type": "Hardware", "Validation Date": "12/10/200402/25/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp480.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/480", "detail_available": true, "module_name": "Key Variable Loader (KVL) 3000 Plus", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The KVL 3000 Plus is a portable key distribution device. Encryption keys can be loaded into the KVL manually through its keypad interface or transferred from a Key Management Facility through its serial interface. These keys can then be distributed to various secure communications equipment such as mobile and portable radios, base stations, zone controllers, data controllers, and other fixed network devices. The KVL also includes a PCMCIA interface for software upgrades." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/479", "Certificate Number": "479", "Vendor Name": "Entrust, Inc.", "Module Name": "Entrust Authority™ Security Toolkit for Java™", "Module Type": "Software", "Validation Date": "11/16/200405/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp479.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/479", "detail_available": true, "module_name": "Entrust Authority™ Security Toolkit for Java™", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Authority Toolkits provide customers and partners with the ability to apply best-in-class security to almost any business application. These Toolkits provide a common set of services to permit developers to rapidly deploy applications that solve business problems without having to spend valuable development cycles developing these common services. Entrust Authority's standards-based, application programming interfaces (APIs) make it possible to implement a single enhanced Internet security architecture across multiple applications and platforms. By minimizing the need for separate administration modules with every deployed application, these Toolkits provide a reduction in administrative duplication and help to reduce the cost to deploy across multiple platforms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/478", "Certificate Number": "478", "Vendor Name": "Carrier Access Corporation (a wholly owned subsidiary of Force10 Networks, Inc.) and Team F1", "Module Name": "Broadmore/SSHield Management Module", "Module Type": "Software", "Validation Date": "11/08/200412/01/200402/24/200512/22/200503/07/200803/19/200809/18/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp478.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/478", "detail_available": true, "module_name": "Broadmore/SSHield Management Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip embedded", "description": "The Broadmore family of products offer a unique economical means of provisioning, grooming, and routing TDM DS3, DS1, E3, E1 services and mixed-speed serial data to logical ATM connections. The Broadmore/SSHield Management Module controls the Broadmore configuration parameters using SSHield, an implementation of the IETF SECSH protocol, which provides an authenticated, encrypted data communications channel for secure management. More information can also be found on www.teamf1.com and www.carrieraccess.com." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/477", "Certificate Number": "477", "Vendor Name": "Secure Systems Limited", "Module Name": "Silicon Data Vault® (SDV®)", "Module Type": "Hardware", "Validation Date": "11/04/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp477.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/477", "detail_available": true, "module_name": "Silicon Data Vault® (SDV®)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Silicon Data Vault® (SDV®) is a cryptographic hardware security device which asserts absolute control over the hard disk drive (HDD) at the earliest stage of boot up, ensuring the user is authenticated before any data can be accessed. The SDV® is operating system independent, works with any standard ATA HDD, and resides in the IDE channel, blocking and controlling all access to the HDD." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/476", "Certificate Number": "476", "Vendor Name": "Prism Payment Technologies (Pty) Ltd.", "Module Name": "Incognito TSM410", "Module Type": "Hardware", "Validation Date": "11/04/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp476.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/476", "detail_available": true, "module_name": "Incognito TSM410", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Incognito TSM410 is a multi-chip embedded Tamper Responsive Security Module. Fitted on a PCI carrier card, the device offers highperformace, high-security services targeted at EFT switches and mCommerce applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/475", "Certificate Number": "475", "Vendor Name": "Trust Digital, Inc.", "Module Name": "Trust Digital Crypto Library Cryptographic Module", "Module Type": "Software", "Validation Date": "11/02/200403/02/200507/29/200509/21/200510/26/200611/06/200602/21/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp475.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/475", "detail_available": true, "module_name": "Trust Digital Crypto Library Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Trust Digital’s Cryptographic Module is a 32-bit Windows library compatible with Palm, Pocket PC, RIM, Symbian and other related operating systems. This module provides cryptographic services accessible from software programs written in C/C++ through Application Program Interfaces (APIs). The DLL (dynamically linked library) format of this module allows it to be embedded in existing applications targeted for Palm, Pocket PC, RIM and Symbian operating systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/474", "Certificate Number": "474", "Vendor Name": "L-3 Communications Government Services, Inc.", "Module Name": "Hand Held Monitor Module (HHM)", "Module Type": "Hardware", "Validation Date": "10/22/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp474.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/474", "detail_available": true, "module_name": "Hand Held Monitor Module (HHM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Hand Held Monitor Module (HHM) device is a component of the Tactical Automated Security System (TASS). The HHM is used to detect, monitor, and access intrusions in secured areas. The HHM works in conjunction with the Communications Module (CM), which receives, and forwards intrusion alerts to the HHM." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/473", "Certificate Number": "473", "Vendor Name": "L-3 Communications Government Services, Inc.", "Module Name": "Communications Module (CM)", "Module Type": "Hardware", "Validation Date": "10/22/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp473.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/473", "detail_available": true, "module_name": "Communications Module (CM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Communications Module (CM) device is a component of the Tactical Automated Security System (TASS). The Communications Module (CM) works in conjunction with the HHM to receive and forward intrusion alerts." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/472", "Certificate Number": "472", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Pitney Bowes iButton Postal Security Device (PSD)", "Module Type": "Hardware", "Validation Date": "10/22/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp472.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/472", "detail_available": true, "module_name": "Pitney Bowes iButton Postal Security Device (PSD)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Pitney Bowes iButton Postal Security Device (PSD) has been designed in compliance with the United States Postal Service (USPS), Information-Based Indicia Program (IBIP). It employs strong encryption, decryption, and digital signature techniques for the protection of customer funds and the production of postage meter indicia in a variety of Pitney Bowes Metering products. The PSD has been designed to support international postal markets and their evolving requirements for digital indicia." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/471", "Certificate Number": "471", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet HighAssurance 4000 Gateway", "Module Type": "Hardware", "Validation Date": "10/22/200405/04/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp471.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/471", "detail_available": true, "module_name": "SafeNet HighAssurance 4000 Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeNet HighAssurance 4000 Gateway is a high performance, integrated security appliance that offers Gigabit Ethernet IPSEC encryption. Housed in a tamper evident chassis, the Security Gateway has two Gigabit Ethernet ports. Traffic on the local port is received in the clear, while traffic on the remote port has security processing applied to it. With the implementation of firmware version 2.2, the SafeNet HA 4000 can now be set-up and configured with the Safe Enterprise Security Management Center (SMC)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/470", "Certificate Number": "470", "Vendor Name": "CipherOptics Inc.", "Module Name": "CipherOptics SG100 and CipherOptics SG1002", "Module Type": "Hardware", "Validation Date": "10/22/200406/14/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp470.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/470", "detail_available": true, "module_name": "CipherOptics SG100 and CipherOptics SG1002", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The CipherOptics SG100 and SG1002 are high performance, integrated security appliances that offer Gigabit and 10/100 Ethernet IPSec encryption respectively. Housed in a tamper evident chassis, have two ethernet ports. Traffic on the local port is received in the clear, while traffic on the remote port has security processing applied to it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/469", "Certificate Number": "469", "Vendor Name": "CipherOptics Inc.", "Module Name": "CipherOptics SG1001", "Module Type": "Hardware", "Validation Date": "10/22/200406/14/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp469.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/469", "detail_available": true, "module_name": "CipherOptics SG1001", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The CipherOptics Security Gateway is a high performance, integrated security appliance that offers Gigabit Ethernet IPSec encryption. Housed in a tamper evident chassis, the Security Gateway has two Gigabit Ethernet ports. Traffic on the local port is received in the clear, while traffic on the remote port has security processing applied to it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/468", "Certificate Number": "468", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-300, FortiGate-400, FortiGate-500 and FortiGate-800", "Module Type": "Hardware", "Validation Date": "10/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp468.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/468", "detail_available": true, "module_name": "FortiGate-300, FortiGate-400, FortiGate-500 and FortiGate-800", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "FortiGate Antivirus Firewalls are dedicated, hardware-based units that deliver complete, real-time network protection services at the network edge." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/467", "Certificate Number": "467", "Vendor Name": "Fortinet, Inc.", "Module Name": "FortiGate-3000 and FortiGate-3600", "Module Type": "Hardware", "Validation Date": "10/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp467.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/467", "detail_available": true, "module_name": "FortiGate-3000 and FortiGate-3600", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "FortiGate Antivirus Firewalls are dedicated, hardware-based units that deliver complete, real-time network protection services at the network edge." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/466", "Certificate Number": "466", "Vendor Name": "Francotyp-Postalia GmbH", "Module Name": "FrankIT Postal Revenector", "Module Type": "Hardware", "Validation Date": "10/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp466.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/466", "detail_available": true, "module_name": "FrankIT Postal Revenector", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Francotyp-Postalia FrankIT Postal Revenector employs strong encryption, decryption, and digital signature techniques for the protection of customer revenues in Francotyp-Postalia's mail handlers. The FrankIT Postal Revenector has been designed in compliance with the Deutsche Post AG (DPAG), FrankIT Specification." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/465", "Certificate Number": "465", "Vendor Name": "D'Crypt Private Limited", "Module Name": "d'Cryptor QE Cryptographic Module", "Module Type": "Hardware", "Validation Date": "10/18/200406/06/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp465.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/465", "detail_available": true, "module_name": "d'Cryptor QE Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The d'Cryptor QE is a programmable cryptographic coprocessor designed for high security assurance applications and features in the d'Cryptor line of products such as d'Cryptor XE, d'Cryptor HSM and TelePort. It contains a secure high-performance cryptographic core that comprises a CPU, Flash ROMs, NVRAM, UTC clock, firmware and a host of useful and cryptographic APIs. The QE provides strong physical security through an opaque, hard epoxy potting and a tamper response mesh that zeroizes all keys in event of tamper. Application loading is authenticated using an approved digital signature scheme." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/464", "Certificate Number": "464", "Vendor Name": "Nortel Networks", "Module Name": "Contivity 1700, 2700 and 5000 Secure IP Services Gateways", "Module Type": "Hardware", "Validation Date": "10/18/200401/06/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp464.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/464", "detail_available": true, "module_name": "Contivity 1700, 2700 and 5000 Secure IP Services Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FIPS 140-2 Level 2 compliant Contivity 1700, 2700 and 5000 Secure IP Services Gateways are the ideal solution for enterprises requiring secure, low-cost connectivity across the Internet or managed IP networks. The Contivity 1700, 2700 and 5000 provide, IP routing, Virtual Private Networking (VPN), stateful firewall, encryption, authentication, directory and policy services, Quality of Service (QoS), and bandwidth management services in a single integrated platform. These devices provide a solution for small, medium, and large sites requiring Internet connectivity for both secure VPN communications and for basic IP/Internet access." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/463", "Certificate Number": "463", "Vendor Name": "VIACK Corporation", "Module Name": "VIA3 VkCrypt Cryptographic Module", "Module Type": "Software", "Validation Date": "09/20/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp463.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/463", "detail_available": true, "module_name": "VIA3 VkCrypt Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The VIA3 VkCrypt Cryptographic Module is a software cryptographic module that implements symmetric and public key encryption, digital signatures, and hashing for VIA3 E-meeting products. VIA3 is a secure and confidential E-meeting solution integrating live audio and video, instant messaging, and real-time information sharing." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/462", "Certificate Number": "462", "Vendor Name": "3e Technologies International, Inc.", "Module Name": "3e-521NP, 3e-522FIPS, 3e-530NP and 3e-531AP Wireless Gateways", "Module Type": "Hardware", "Validation Date": "09/20/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp462.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/462", "detail_available": true, "module_name": "3e-521NP, 3e-522FIPS, 3e-530NP and 3e-531AP Wireless Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The 3e family of Secure Wireless Gateways implements a cryptographic suite including AES, 3DES, SHA-1, HMAC SHA-1, Diffie-Hellman, and HTTPS/TLS. These algorithms are used in combination to protect the main Gateway services of bridging from wired uplink LAN to the wireless LAN, NAT routing from the wired uplink LAN to the wireless LAN, and DHCP service to the local LAN allowing a wired local LAN to exist over the local wireless LAN interface. The cryptographic suite is implemented in an innovative manner so that critical performance is not sacrificed in providing a rugged FIPS 140-2 Level 2 secure wireless solution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/461", "Certificate Number": "461", "Vendor Name": "Lucent Technologies, Inc.", "Module Name": "VPN Firewall Brick® 350, Brick® 1000 and Brick® 1100 with Encryption Accelerator Cards", "Module Type": "Hardware", "Validation Date": "09/08/200402/03/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp461.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/461", "detail_available": true, "module_name": "VPN Firewall Brick® 350, Brick® 1000 and Brick® 1100 with Encryption Accelerator Cards", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The VPN Firewall Brick is a high-speed packet-processing appliance, oriented towards providing security functions. The Brick is a carrier-grade integrated firewall and virtual private network (VPN) gateway appliance specifically designed for web/application data center security, large-scale managed security services, and remote access VPN services. Called the Brick because of its rugged, reliable design, this is an ideal platform for service providers seeking wide scalability, ready manageability, and industry-leading performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/460", "Certificate Number": "460", "Vendor Name": "Lucent Technologies, Inc.", "Module Name": "VPN Firewall Brick® 350 and Brick® 1000", "Module Type": "Hardware", "Validation Date": "09/08/200402/03/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp460.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/460", "detail_available": true, "module_name": "VPN Firewall Brick® 350 and Brick® 1000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The VPN Firewall Brick is a high-speed packet-processing appliance, oriented towards providing security functions. The Brick is a carrier-grade integrated firewall and virtual private network (VPN) gateway appliance specifically designed for web/application data center security, large-scale managed security services, and remote access VPN services. Called the Brick because of its rugged, reliable design, this is an ideal platform for service providers seeking wide scalability, ready manageability, and industry-leading performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/459", "Certificate Number": "459", "Vendor Name": "Backbone Security.com, Inc.", "Module Name": "Ribcage 1100 and Ribcage 2800", "Module Type": "Hardware", "Validation Date": "09/08/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp459.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/459", "detail_available": true, "module_name": "Ribcage 1100 and Ribcage 2800", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Ribcage is a secure IPSec Virtual Private Network that provides secure connectivity deployed on a shared infrastructure with the same privacy and performance as a leased network. Ribcage is a solution that is flexible as both a secure virtual private network and as a remote access, with straightforward administration tools that allow rapid set-up and administration remotely or locally." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/458", "Certificate Number": "458", "Vendor Name": "SonicWall, Inc.", "Module Name": "SonicWALL TZ 170", "Module Type": "Hardware", "Validation Date": "09/08/200402/24/200505/17/200604/25/200704/21/201506/08/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp458.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/458", "detail_available": true, "module_name": "SonicWALL TZ 170", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SonicWALL TZ 170 is an internet security appliance with a WAN interface, a flexible Optional interface, and a LAN interface incorporating a 5-port Fast-Ethernet switch. The SonicWALL TZ 170 provides stateful packet inspection firewall services, accelerated IPSec VPN, bandwidth management, and can be upgraded to offer ISP failover and traffic loadbalancing. The SonicWALL TZ 170 also serves as a platform for extensible security services such as Content Filtering Services (CFS), Network Anti - Virus, and E-mail filtering." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/457", "Certificate Number": "457", "Vendor Name": "Sun Microsystems, Inc.", "Module Name": "Sun Cryptographic Accelerator 4000", "Module Type": "Hardware", "Validation Date": "08/12/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp457.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/457", "detail_available": true, "module_name": "Sun Cryptographic Accelerator 4000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Sun Cryptographic Accelerator 4000 (SCA 4000) is a highperformance secure networking solution for Sun servers. It is a PCI card consisting of a Gigabit Ethernet adapter with on-board cryptographic acceleration hardware and a secure cryptographic key store. The card enhances server network performance by off-loading compute intensive cryptographic calculations (asymmetric and symmetric) from the server's CPU, accelerating both IPsec and SSL processing. The SCA 4000 also provides a secure remote administration capability. It is tightly integrated with Sun's server hardware and software. The SCA 4000 meets or exceeds all FIPS 140-2 Level 3 requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/456", "Certificate Number": "456", "Vendor Name": "Giesecke & Devrient", "Module Name": "Sm@rtCafé Expert FIPS 64 with ActivCard Applet v2", "Module Type": "Hardware", "Validation Date": "08/11/200409/07/200504/04/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp456.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/456", "detail_available": true, "module_name": "Sm@rtCafé Expert FIPS 64 with ActivCard Applet v2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Giesecke & Devrient (G&D) Smart Card Chip Operating System Sm@rtCafé Expert FIPS 64 is a Java Card 2.2 and Open Platform v2.0.1' compliant smart card module. It supports, at a minimum, Triple-DES, AES, DSA, and RSA algorithms with on-card key generation. The Sm@rtCafé Expert FIPS 64 is suitable for government and corporate identification, payment and banking, health care, and Web applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/455", "Certificate Number": "455", "Vendor Name": "SonicWall, Inc.", "Module Name": "SonicWALL PRO 3060/4060", "Module Type": "Hardware", "Validation Date": "08/11/200402/24/200505/17/200605/31/200604/25/200704/21/201506/08/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp455.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/455", "detail_available": true, "module_name": "SonicWALL PRO 3060/4060", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SonicWALL PRO 4060 and PRO 3060 are internet security appliances offering stateful packet inspection firewall services, accelerated IPSec VPN, bandwidth management, and dual-WAN port support with ISP failover and load-balancing capabilities, all via six configurable 10/100 Ethernet interfaces." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/454", "Certificate Number": "454", "Vendor Name": "iDirect", "Module Name": "Protocol Processor", "Module Type": "Hardware", "Validation Date": "08/02/200412/23/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp454.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/454", "detail_available": true, "module_name": "Protocol Processor", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "iDirect Technologies provides solutions that allow enterprises of any size, in virtually any location, to access broadband TCP/IP communications via satellite. Our technology provides the flexibility, capability, and reliability that enterprise and government customers need to support critical business applications. The Protocol Processor is the central component of iDirect’s TDMA star network product and is responsible for network wide functions such as: TCP acceleration, QoS, 3DES encryption, TDMA management and dynamic time slot allocation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/453", "Certificate Number": "453", "Vendor Name": "iDirect", "Module Name": "NetModem II Plus", "Module Type": "Hardware", "Validation Date": "07/28/200412/23/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp453.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/453", "detail_available": true, "module_name": "NetModem II Plus", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "iDirect Technologies provides solutions that allow enterprises of any size, in virtually any location, to access broadband TCP/IP communications via satellite. Our technology provides the flexibility, capability, and reliability that enterprise and government customers need to support critical business applications. The iDirect NetModem II Plus broadband router is a compact, set-top terminal that routes IP traffic over satellite networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/452", "Certificate Number": "452", "Vendor Name": "Credant Technologies Corporation", "Module Name": "Credant Cryptographic Kernel", "Module Type": "Software", "Validation Date": "07/28/200409/21/200409/24/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp452.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/452", "detail_available": true, "module_name": "Credant Cryptographic Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Credant Cryptographic Kernel is a FIPS 140-2 compliant, software-based cryptography library that implements Triple-DES, AES, SHA-1, and HMAC-SHA-1 algorithms for the Credant Mobile Guardian product. Credant Mobile Guardian enables enterprise-wide control of security for mobile and wireless users of laptops, tablet PCs, PDAs and smart phones." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/451", "Certificate Number": "451", "Vendor Name": "Good Technology, Inc.", "Module Name": "FIPSCrypto", "Module Type": "Software", "Validation Date": "07/28/200401/11/200704/09/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp451.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/451", "detail_available": true, "module_name": "FIPSCrypto", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Good FIPSCrypto is a FIPS 140-2 validated software-based cryptographic module that implements the Triple-DES; AES; SHA-1; HMAC-SHA-1 algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/450", "Certificate Number": "450", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "Nokia VPN Appliance", "Module Type": "Hardware", "Validation Date": "07/28/200407/28/200509/21/200611/06/200605/28/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp450.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/450", "detail_available": true, "module_name": "Nokia VPN Appliance", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Nokia IP350, IP355, IP380 and IP385 are full-featured enterprise systems designed for small to medium enterprises, with Service Provider flexibility and rapid serviceability option in a single rack space. When combined with Check Point VPN-1/FW-1, these platforms provide reliable, easy to manage distributed security and access." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/449", "Certificate Number": "449", "Vendor Name": "Oberthur Card Systems", "Module Name": "ID-One Cosmo 64 v5", "Module Type": "Hardware", "Validation Date": "07/28/200402/25/200503/01/200506/29/200509/23/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp449.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/449", "detail_available": true, "module_name": "ID-One Cosmo 64 v5", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The ID-One Cosmo 64 v5 is a JavaCard cryptographic module with dual interface (ISO 7816 & ISO 14443) specifically designed for identity and government needs. It offers a full 64K Byte of EEPROM space available for customer discretionary use, together with on card cryptographic services such as TDES, AES, and 2048-bit RSA algorithms with on-card key generation. It is compliant to Java Card v2.2 and Open Platform v2.1.1A. To protect against skimming, a built-in firewall allows application developers to disable contactless access for sensitive operations. Additional features include On-Card fingerprint matching and Logical Channels. The ID-One Cosmo 64 v5 is available in contact only, dual interface, or contactless only formats." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/448", "Certificate Number": "448", "Vendor Name": "Chunghwa Telecom Co., Ltd.", "Module Name": "SafGuard 200 HSM", "Module Type": "Hardware", "Validation Date": "06/30/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp448.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/448", "detail_available": true, "module_name": "SafGuard 200 HSM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "SafGuard200 is a multi-chip standalone cryptographic module that is used to provide highly-secure cryptographic services and key storage for PKI applications. (e.g., secure private key storage, high-speed math accelerator for 1024-4096 bit public key signatures, and hashing). The SafGuard 200 HSM provides secure identity-based challenge-response authentication using smart cards and data encryption using FIPS approved 3DES and AES encryption.", "algorithms": [ "AES", "DES", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/447", "Certificate Number": "447", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle Cryptographic Libraries for SSL 10g (9.0.4)", "Module Type": "Software", "Validation Date": "06/30/200408/06/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp447.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/447", "detail_available": true, "module_name": "Oracle Cryptographic Libraries for SSL 10g (9.0.4)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Oracle Cryptographic Libraries for SSL 10g (9.0.4) is a generic module used by Oracle Corporation in a variety of its application suites. The module is used to provide support to cryptography, authentication, PKCS and certificate management for applications like the Oracle Database Server, Oracle Applications Server, Oracle Internet Directory, Web Cache and Oracle HTTP Server. It provides a rich set of functionality and uses PKCS wallet structures for managing identities and trustpoints." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/446", "Certificate Number": "446", "Vendor Name": "3Com Corporation", "Module Name": "3Com 10/100 Secure NIC (3CR990B-97) and 3Com 100 Secure Fiber NIC (3CR990B-FX-97)", "Module Type": "Hardware", "Validation Date": "06/30/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp446.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/446", "detail_available": true, "module_name": "3Com 10/100 Secure NIC (3CR990B-97) and 3Com 100 Secure Fiber NIC (3CR990B-FX-97)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "3Com® 10/100 Secure NICs offers IPSec and TCP/IP offloading, upgradability to the embedded firewall technology while also offering advanced intrusion resistance to protect your LAN, without sacrificing throughput performance. In addition, the NICs incorporate advanced server features and remote management capabilities to accelerate application response and lower IT administration time." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/445", "Certificate Number": "445", "Vendor Name": "Research In Motion Ltd.", "Module Name": "BlackBerry® Enterprise Server Cryptographic Kernel", "Module Type": "Software", "Validation Date": "06/30/200408/24/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp445.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/445", "detail_available": true, "module_name": "BlackBerry® Enterprise Server Cryptographic Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with FIPS validated Microsoft® Base Cryptographic Providers Certificates #76 or #103 operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete endtoend solution. The BlackBerry® Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry®" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/444", "Certificate Number": "444", "Vendor Name": "SafeNet, Inc.", "Module Name": "Model 330G2 Smart Card", "Module Type": "Hardware", "Validation Date": "06/30/200402/22/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp444.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/444", "detail_available": true, "module_name": "Model 330G2 Smart Card", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The 330G2 is an ISO 7816 and GSC-IS compliant cryptographic smart card designed for identification and access control applications. The card provides a secure, mobile platform for creating, storing and using keys, certificates, passwords and other digital credentials. Security services include: Multiapplication secure storage and retrieval of data and digital credentials. Authentication of the cardholder and the security officer. Cryptographic services including SHA-1, DES, 3DES, RSA Sign/Verify, RSA Encrypt/Decrypt and DSA Sign/Verify with on board key generation including RSA 2048-bit key generation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/443", "Certificate Number": "443", "Vendor Name": "ActivCard, Inc.", "Module Name": "ActivCard Digital Identity Applet Suite v1.1.5 on Cyberflex Access 64k v2", "Module Type": "Hardware", "Validation Date": "06/23/200405/26/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp443.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/443", "detail_available": true, "module_name": "ActivCard Digital Identity Applet Suite v1.1.5 on Cyberflex Access 64k v2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "ActivCard Digital Identity Applet Suite v1.1.5 on Cyberflex Access 64k v2 provides the following services: - Card Holder verification using PIN - Secure storage of data and private information - RSA based Digital Signature (1024 and 2048 bits) - DES/TDES based One Time Password (OTP) generation" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/442", "Certificate Number": "442", "Vendor Name": "Vormetric, Inc.", "Module Name": "CoreGuard Security Server", "Module Type": "Hardware", "Validation Date": "06/16/200407/27/200401/27/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp442.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/442", "detail_available": true, "module_name": "CoreGuard Security Server", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Vormetric CoreGuard Security Server is a comprehensive security solution that combines protection of data at rest, application integrity and host protection. CoreGuard integrates a software module loaded on a server, and a FIPS compliant appliance with user-defined security policies allowing fine-grain data access control and selective encryption of data at rest (AES 128/256 and 3DES), application digital signatures, enforced user authentication, host protection and central management. CoreGuard installs transparently and does not require changes to applications, databases or storage architectures allowing the security to extend to any data across the enterprise." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/441", "Certificate Number": "441", "Vendor Name": "F-Secure Corporation", "Module Name": "F-Secure® and Pointsec® Windows Mobile Cryptographic Library", "Module Type": "Software", "Validation Date": "06/16/200405/20/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp441.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/441", "detail_available": true, "module_name": "F-Secure® and Pointsec® Windows Mobile Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The F-Secure Pocket PC Cryptographic Library is a software module, implemented as a 32-bit Windows CE compatible DLL for Windows Mobile 2003 and Pocket PC 2002 platforms. It provides an assortment of cryptographic services to any client process that attaches an instance of the module DLL. The services are accessible for the client through a Clanguage Application Program Interface. The cryptographic services are also available in the form of a static library and as source code." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/440", "Certificate Number": "440", "Vendor Name": "Proofpoint Inc.", "Module Name": "Proofpoint Security Library", "Module Type": "Software", "Validation Date": "06/16/200411/06/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp440.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/440", "detail_available": true, "module_name": "Proofpoint Security Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The module is a JAVA language cryptographic component to be used by the various Proofpoint security products. The module is designed to meet Level 1 requirements of FIPS 140-2 standard. The module is a cryptographic library that provides variety of cryptographic services (both approved as well as non-approved). The module can be executed on any general-purpose PC and operating system capable of running JRE 1.4 or later." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/439", "Certificate Number": "439", "Vendor Name": "Decru, A NetApp Company", "Module Name": "Decru DataFort SEP", "Module Type": "Hardware", "Validation Date": "06/16/200406/21/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp439.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/439", "detail_available": true, "module_name": "Decru DataFort SEP", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Decru's Storage Encryption Processor (SEP) is the primary cryptographic and key management engine for Decru DataFort products. Decru DataFort is a wire-speed storage security appliance. DataFort uses hardware-based encryption, authentication, secure access controls, and secure logging to protect networked storage in NAS, SAN, DAS and Tape environments. DataFort can be deployed transparently, with no changes to desktops, servers, applications, or user workflow." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/438", "Certificate Number": "438", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "2621XM and 2651XM Modular Access Routers with AIM-VPN/EP", "Module Type": "Hardware", "Validation Date": "06/16/200405/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp438.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/438", "detail_available": true, "module_name": "2621XM and 2651XM Modular Access Routers with AIM-VPN/EP", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Modular Access Routers are routers that provides data protection on a network providing packet encryption. The modules perform all of the functions typical of a router. In addition to the normal routing functions, the modules also provide packet encryption. The modules are capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/437", "Certificate Number": "437", "Vendor Name": "F-Secure Corporation", "Module Name": "F-Secure® Cryptographic Library™ for Windows", "Module Type": "Software", "Validation Date": "06/16/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp437.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/437", "detail_available": true, "module_name": "F-Secure® Cryptographic Library™ for Windows", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The F-Secure Cryptographic Library for Windows (the Module) is a software module, implemented as a 32-bit Windows 'NT/2000/XP/98/ME' compatible DLL (FSCLM.DLL). The Module provides an assortment of cryptographic services to any client process that attaches an instance of the Module DLL. The Module is designed and implemented to meet the level 1 requirements of FIPS publication 140-2 when running on appropriate hardware under Windows 98, ME or XP operating system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/436", "Certificate Number": "436", "Vendor Name": "SafeNet, Inc.", "Module Name": "Chrysalis-ITS K3 Cryptographic Engine", "Module Type": "Hardware", "Validation Date": "06/10/200410/18/200412/22/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp436.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/436", "detail_available": true, "module_name": "Chrysalis-ITS K3 Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The K3 Chrysalis-ITS Cryptographic Engine is a hardware cryptographic module in the form of a PCI card that resides within a secured generalpurpose computing appliance. It is contained in its own secure enclosure that provides physical resistance to tampering and zeroization in the event the enclosure is opened. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI card." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/435", "Certificate Number": "435", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeEnterprise™ Link Encryptors NRZ - H[1], NRZ - L[2], T1[3], E1 75ohm[4], E1 120ohm[5], RS-232[6], T3[7] and HSSI[8]", "Module Type": "Hardware", "Validation Date": "05/28/200406/10/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp435.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/435", "detail_available": true, "module_name": "SafeEnterprise™ Link Encryptors NRZ - H[1], NRZ - L[2], T1[3], E1 75ohm[4], E1 120ohm[5], RS-232[6], T3[7] and HSSI[8]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode) (Note: Refer to the cryptographic module’s security policy for the details on the letter x designation", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeNet™ SafeEnterprise™ Link Encryptor's (SLE's) secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 8 Mbps, and employs FIPS approved AES or Triple-DES algorithms. The SLE can be locally controlled or managed using the SafeNet™ SafeEnterprise™ Security Management Center (SMC), an SNMP-based security management system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/434", "Certificate Number": "434", "Vendor Name": "Entrust, Inc.", "Module Name": "Entrust TruePass™ Applet Cryptographic Module", "Module Type": "Software", "Validation Date": "05/27/200405/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp434.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/434", "detail_available": true, "module_name": "Entrust TruePass™ Applet Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with FIPS validated browser services operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The module performs low level cryptographic operations - encryption, decryption and hashes - implemented in software using the high-level Java programming language. Currently, the module is imbedded into an applet as part of the TruePass product suite that allows integration of cryptographic security into web applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/433", "Certificate Number": "433", "Vendor Name": "Enterasys Networks", "Module Name": "XSR-1805, XSR-1850 and XSR-3250", "Module Type": "Hardware", "Validation Date": "05/26/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp433.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/433", "detail_available": true, "module_name": "XSR-1805, XSR-1850 and XSR-3250", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Enterasys Networks X-Pedition Security Routers (XSR), the XSR-1805, XSR-1850, and XSR-3250 modules are networking devices that combine a broad range of IP routing features, a broad range of WAN interfaces and a rich suite of network security functions, including site-to-site and remote access VPN connectivity and policy managed, stateful-inspection firewall functionality." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/432", "Certificate Number": "432", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco 3220 and 3251 Mobile Access Router Cards", "Module Type": "Hardware", "Validation Date": "05/26/200410/01/200405/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp432.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/432", "detail_available": true, "module_name": "Cisco 3220 and 3251 Mobile Access Router Cards", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The module is a high-performance router card, which offers secure data, voice and video communications, seamless mobility and interoperability across multiple wireless networks. The unique functionality of this router card is that always on IP connectivity for networks in motion. This allows IP hosts on a mobile network to connect transparently to the parent network while the router is in motion." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/431", "Certificate Number": "431", "Vendor Name": "Gemplus Corp.", "Module Name": "GemXpresso Pro R3 E64 PK - FIPS", "Module Type": "Hardware", "Validation Date": "05/26/200407/27/200408/05/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp431.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/431", "detail_available": true, "module_name": "GemXpresso Pro R3 E64 PK - FIPS", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "GemXpresso Pro R3 E64 PK - FIPS is based on a Gemplus Open OS Smart Card with 64K of EEPROM.. The SmartCard platform has on board Triple DES and RSA algorithms and can provide on board key generation. The module conforms to Java Card V2.1.1 and Global Platform V2.0.1 standards" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/430", "Certificate Number": "430", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeEnterprise™ Frame Encryptor II[1] and SafeEnterprise™ Frame Encryptor HSSI[2]", "Module Type": "Hardware", "Validation Date": "05/26/200406/10/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp430.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/430", "detail_available": true, "module_name": "SafeEnterprise™ Frame Encryptor II[1] and SafeEnterprise™ Frame Encryptor HSSI[2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode) (Note: Refer to the cryptographic module’s security policy for the details on the letter (i and x) designations", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SFE protects information flowing between nodes or sites of a frame relay network. It can be configured to either allow or disallow information flow between two frame relay nodes. Furthermore, the information flow can be either protected through AES/TDES encryption or passed without encryption. The SFE II supports Full-Duplex throughput of up to 8m Mbps and 922 active secure connections." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/429", "Certificate Number": "429", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Catalyst 6509 Switch, 7606 and 7609 Routers with VPN Services Module", "Module Type": "Hardware", "Validation Date": "05/06/200405/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp429.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/429", "detail_available": true, "module_name": "Cisco Catalyst 6509 Switch, 7606 and 7609 Routers with VPN Services Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Catalyst 6509 Switch, 7606 and 7609 Routers offer versatility, integration, and security to branch offices. With numerous Network Modules (NMs) available, the modular architecture of the Cisco router easily allows interfaces to be upgraded to accommodate network expansion. The Cisco 6509, 7606 and 7609 provide a scalable, secure, manageable remote access server that meets FIPS 140-2 Level 2 requirements.", "algorithms": [ "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/428", "Certificate Number": "428", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "7206 VXR NPE-G1 Router with Single and Dual VPN Acceleration Module 2 (VAM2)", "Module Type": "Hardware", "Validation Date": "05/06/200411/29/200405/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp428.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/428", "detail_available": true, "module_name": "7206 VXR NPE-G1 Router with Single and Dual VPN Acceleration Module 2 (VAM2)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cisco Modular Access Routers are routers that provide data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/427", "Certificate Number": "427", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "2691 and 3725 Modular Access Routers with AIM-VPN/EPII and 3745 Modular Access Router with AIM-VPN/HPII", "Module Type": "Hardware", "Validation Date": "05/06/200405/25/200405/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp427.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/427", "detail_available": true, "module_name": "2691 and 3725 Modular Access Routers with AIM-VPN/EPII and 3745 Modular Access Router with AIM-VPN/HPII", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Modular Access Routers are routers that provides data protection on a network providing packet encryption. The modules perform all of the functions typical of a router. In addition to the normal routing functions, the modules also provide packet encryption. The modules are capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/426", "Certificate Number": "426", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "1721 and 1760 Modular Access Routers with MOD1700-VPN", "Module Type": "Hardware", "Validation Date": "05/06/200405/25/200405/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp426.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/426", "detail_available": true, "module_name": "1721 and 1760 Modular Access Routers with MOD1700-VPN", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Modular Access Routers are routers that provides data protection on a network providing packet encryption. The modules perform all of the functions typical of a router. In addition to the normal routing functions, the modules also provide packet encryption. The modules are capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/425", "Certificate Number": "425", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Pitney Bowes iButton Postal Security Device (PSD)", "Module Type": "Hardware", "Validation Date": "05/06/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp425.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/425", "detail_available": true, "module_name": "Pitney Bowes iButton Postal Security Device (PSD)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Pitney Bowes iButton Postal Security Device (PSD) has been designed in compliance with the United States Postal Service (USPS), Information- Based Indicia Program (IBIP). It employs strong encryption, decryption, and digital signature techniques for the protection of customer funds and the production of postage meter indicia in a variety of Pitney Bowes Metering products. The PSD has been designed to support international postal markets and their evolving requirements for digital indicia." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/424", "Certificate Number": "424", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "AirFortress® Client Cryptographic Module", "Module Type": "Software", "Validation Date": "05/06/200402/07/200612/20/200603/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp424.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/424", "detail_available": true, "module_name": "AirFortress® Client Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The AirFortress™ Client is a software module designed to deliver security on wireless devices such as bar scanners, handhelds, and laptops using various operating systems. A plug-and-play solution, the Client encrypts and decrypts communication across the WLAN and protects the device against attacks without user intervention." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/423", "Certificate Number": "423", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "7206-VXR NPE-400 Router with VPN Acceleration Module (VAM)", "Module Type": "Hardware", "Validation Date": "05/06/200411/29/200405/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp423.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/423", "detail_available": true, "module_name": "7206-VXR NPE-400 Router with VPN Acceleration Module (VAM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cisco Modular Access Routers are routers that provide data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/422", "Certificate Number": "422", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "1721, 1760, 2621XM, 2651XM, 2691, 3725 and 3745 Modular Access Routers and 7206-VXR NPE-400 Router", "Module Type": "Hardware", "Validation Date": "05/06/200405/25/200411/29/200405/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp422.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/422", "detail_available": true, "module_name": "1721, 1760, 2621XM, 2651XM, 2691, 3725 and 3745 Modular Access Routers and 7206-VXR NPE-400 Router", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Modular Access Routers are routers that provides data protection on a network providing packet encryption. The modules perform all of the functions typical of a router. In addition to the normal routing functions, the modules also provide packet encryption. The modules are capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/421", "Certificate Number": "421", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco VPN 3000 Series Concentrators - 3005, 3015, 3030, 3060 and 3080", "Module Type": "Hardware", "Validation Date": "05/06/200405/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp421.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/421", "detail_available": true, "module_name": "Cisco VPN 3000 Series Concentrators - 3005, 3015, 3030, 3060 and 3080", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco VPN 3000 Series Concentrators are hardware appliances that operate as concentrators in Virtual Private Networking (VPN) environments. They combine the best features of a software concentrator, including scalability and easy deployment, with the stability and independence of a hardware platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/420", "Certificate Number": "420", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "VPN-1", "Module Type": "Firmware", "Validation Date": "05/06/200405/19/200410/12/200511/17/200501/06/200605/02/200805/28/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp420.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/420", "detail_available": true, "module_name": "VPN-1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "Check Point’s VPN-1 version NG with Application Intelligence is a tightly integrated software solution combining the FireWall-1 (FW-1) security suite with sophisticated Virtual Private Network (VPN) technologies and a hardened Secure Platform operating system (OS). The cornerstone of Check Point’s Secure Virtual Network (SVN) architecture, VPN-1 meets the demanding requirements of Internet, intranet, and extranet VPNs by providing secure connectivity to corporate networks, remote and mobile users, branch offices, and business partners." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/419", "Certificate Number": "419", "Vendor Name": "Blue Ridge Networks", "Module Name": "BorderGuard 4000 and BorderGuard 3140", "Module Type": "Hardware", "Validation Date": "05/06/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp419.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/419", "detail_available": true, "module_name": "BorderGuard 4000 and BorderGuard 3140", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The BG4000 and BG3140 are network security appliances for the construction of secure Virtual Private Networks between Internet sites, and between Internet sites and individual remote users." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/418", "Certificate Number": "418", "Vendor Name": "ActivCard, Inc.", "Module Name": "ActivCard Applet v2 on Cyberflex Access 64k v1", "Module Type": "Hardware", "Validation Date": "04/19/200401/13/200506/06/200508/22/200505/26/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp418.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/418", "detail_available": true, "module_name": "ActivCard Applet v2 on Cyberflex Access 64k v1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "ActivCard Applet v2 provides significant enhancement over the ActivCard v1 Applet in service, security, and flexibility. The v2 framework is backward compatible with earlier versions of ActivCard Applets and offers a more open, stable, and flexible platform for developers to build and deploy smart card applications. ActivCard Applet v2 also complies with GSC-IS 2.1 standard." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/417", "Certificate Number": "417", "Vendor Name": "Encotone Ltd.", "Module Name": "Tele-ID", "Module Type": "Hardware", "Validation Date": "04/09/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp417.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/417", "detail_available": true, "module_name": "Tele-ID", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Tele-ID is a portable, phone and PC compatible signature tool able to digitally sign messages, either locally entered on the module or whose Hash value has been transmitted to the module. The digital signature is encoded to sound and, hence, can be sent through any phone, cellular or fixed, or any PC microphone. The Tele-ID has capabilities to create an ECDSA K-163 key pair and enroll the public key with most of the PKI vendors RA-CA. The Tele-ID includes an autarkic GMT Time Stamp in each digital signature to enable CRL/OCSP on-line checking, after signature execution time-stamp corroboration, and with it, to strongly enhance the legal defense of the relying party." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/416", "Certificate Number": "416", "Vendor Name": "Real Time Logic, Inc.", "Module Name": "RTL-TDEA Crypto Module", "Module Type": "Hardware", "Validation Date": "04/09/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp416.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/416", "detail_available": true, "module_name": "RTL-TDEA Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The RTL-TDEA Crypto Module is a PCI card developed to encrypt and decrypt serial user data using Triple Data Encryption (TDEA) algorithms certified to FIPS-140-2 Level 2 security requirements. The certified TDEA algorithms include TECB, TCBC Encrypt and TCFB-64, TOFB-64, Encrypt and Decrypt. The crypto module is a multi-chip embedded short form PCI card (ISA standard) with all of the control functions and encryption algorithms implemented in firmware and hosted in an FPGA. All control of the module is via an RS-232, 9600 Baud DTE UART interface while the data is passed through dedicated RS-422 input and output ports at a rate of up to 10 Mbps." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/415", "Certificate Number": "415", "Vendor Name": "Gemplus Corp. and ActivCard Inc.", "Module Name": "GemXpresso Pro R3 E64 PK - FIPS with ActivCard Applet v2", "Module Type": "Hardware", "Validation Date": "04/09/200407/27/200408/05/200402/24/200507/28/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp415.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/415", "detail_available": true, "module_name": "GemXpresso Pro R3 E64 PK - FIPS with ActivCard Applet v2", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "GemXpresso Pro R3 E64 PK - FIPS with ActivCard Applet v2 is based on a Gemplus Open OS Smart Card with 64K of EEPROM, and on latformindependent cryptographic applets suite developed by ActivCard. The SmartCard platform has on board Triple DES and RSA algorithms and can provide on board key generation. The Applet incoporates some services for PKI (Public Key Infrastructure), for secure credentials management and authentication mechanisms. In addition, the Applet suite allows the registration and management of post-issuance applets that can be handled under the framework. The module conforms to Java Card V2.1.1, Global Platform V2.0.1, and GSC/IS 2.1 standards." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/414", "Certificate Number": "414", "Vendor Name": "Neopost Technologies", "Module Name": "N92i/152 Secure Metering Module (SMM)", "Module Type": "Hardware", "Validation Date": "04/05/200410/03/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp414.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/414", "detail_available": true, "module_name": "N92i/152 Secure Metering Module (SMM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The module provides services to an office and post room based mailing system. The system's features include hand or auto feed mail processing speeds in excess of 5000 envelopes per hour using Ink jet technology, a moistening option, scale interface, internal modem for remote recrediting and memory card for slogan and rate loading, external printer for reports." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/413", "Certificate Number": "413", "Vendor Name": "Good Technology, Inc.", "Module Name": "FIPSCrypto on Palm", "Module Type": "Software", "Validation Date": "04/05/200404/09/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp413.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/413", "detail_available": true, "module_name": "FIPSCrypto on Palm", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The FIPSCrypto on Palm is a FIPS 140-2 compliant software-based cryptographic module that implements the TDES, AES, SHA-1 and HMAC-SHA-1 algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/412", "Certificate Number": "412", "Vendor Name": "Good Technology, Inc.", "Module Name": "FIPSCrypto on G100", "Module Type": "Software", "Validation Date": "04/05/200404/09/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp412.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/412", "detail_available": true, "module_name": "FIPSCrypto on G100", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The FIPSCrypto on G100 is a FIPS 140-2 compliant software-based cryptographic module that implements the TDES, AES, SHA-1 and HMAC-SHA-1 algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/411", "Certificate Number": "411", "Vendor Name": "ECI Systems & Engineering", "Module Name": "ECI IPSec Cryptographic Module", "Module Type": "Software", "Validation Date": "04/05/200411/08/200404/27/200509/07/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp411.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/411", "detail_available": true, "module_name": "ECI IPSec Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "A software IPSec implementation for Sun Trusted Solaris. This module supports Triple DES encryption/decryption, SHA-1, and HMAC-SHA-1." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/410", "Certificate Number": "410", "Vendor Name": "Airespace, Inc.", "Module Name": "Airespace Cryptographic Manager (ACM)", "Module Type": "Hardware", "Validation Date": "04/05/200406/16/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp410.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/410", "detail_available": true, "module_name": "Airespace Cryptographic Manager (ACM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Airespace Cryptographic Manager (ACM) provides cryptographic services for the Airespace Wireless Enterprise Platform. Airespace offers a unique hierarchical architecture that centralizes network intelligence for cost effective deployment, dynamic RF operations, secure mobility management, service creation, and policy enforcement throughout an entire wireless network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/409", "Certificate Number": "409", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® Java JSSE FIPS 140-2 Cryptographic Module", "Module Type": "Software", "Validation Date": "04/05/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp409.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/409", "detail_available": true, "module_name": "IBM® Java JSSE FIPS 140-2 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The IBM+ Java+ JSSE (Java Secure Sockets Extension) FIPS provider (IBMJSSEFIPS) for Multi-platforms is a scalable, multi-purpose Secure Sockets provider that supports only FIPS approved TLS cipher suites via the Java2 Application Programming Interfaces (APIs)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/408", "Certificate Number": "408", "Vendor Name": "Research In Motion Ltd.", "Module Name": "BlackBerry™ 5810 and BlackBerry™ 5820", "Module Type": "Hardware", "Validation Date": "04/05/200408/24/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp408.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/408", "detail_available": true, "module_name": "BlackBerry™ 5810 and BlackBerry™ 5820", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-toend solution. The BlackBerry® Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry®." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/407", "Certificate Number": "407", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Software VPN Client", "Module Type": "Software", "Validation Date": "03/29/200404/07/200405/24/200504/09/200705/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp407.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/407", "detail_available": true, "module_name": "Cisco Software VPN Client", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Cisco Software VPN client for Window OS is an award winning IPsec VPN client which is available free of charge for use across all termination products. It is the most advanced VPN client available and enables secure Remote Access connectivity to employees and partners. The Cisco Software VPN Client is also a key part of the industries best load balancing, fail-over and recovery strategy." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/406", "Certificate Number": "406", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® SSLite for Java", "Module Type": "Software", "Validation Date": "03/18/200402/24/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp406.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/406", "detail_available": true, "module_name": "IBM® SSLite for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SSLite is a SSL (Secure Socket Layer) V2.0, V3.0 and TLS (Transport Layer Security) V1.0 protocol implementation including PKI (Public Key Infrastructure) functionality, in Java." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/405", "Certificate Number": "405", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Server 2003 Kernel Mode Cryptographic Module (FIPS.SYS)", "Module Type": "Software", "Validation Date": "03/18/200410/07/200510/25/200510/15/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp405.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/405", "detail_available": true, "module_name": "Windows Server 2003 Kernel Mode Cryptographic Module (FIPS.SYS)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Microsoft Corporation’s Windows Server 2003 Kernel Mode Cryptographic Module (FIPS.SYS) is a FIPS 140-2 Level 1 compliant, general-purpose, software-based, cryptographic module residing at the Kernel Mode level of the Windows Operating System. It runs as a kernel mode export driver (a kernel-mode DLL) and encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible by other kernel mode drivers. It can be linked into other kernel mode services to permit the use of FIPS 140-2 Level 1 compliant cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/404", "Certificate Number": "404", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F3 PCI[1], nShield F3 PCI Ultrasign[2], nCipher F3 PCI for NetHSM[3], nShield F3 PCI Ultrasign 32[4], payShield PCI[5], payShield Ultra PCI[6], payShield Ultra PCI for NetHSM[7] and nShield Lite[8]", "Module Type": "Hardware", "Validation Date": "03/18/200403/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp404.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/404", "detail_available": true, "module_name": "nShield F3 PCI[1], nShield F3 PCI Ultrasign[2], nCipher F3 PCI for NetHSM[3], nShield F3 PCI Ultrasign 32[4], payShield PCI[5], payShield Ultra PCI[6], payShield Ultra PCI for NetHSM[7] and nShield Lite[8]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/403", "Certificate Number": "403", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F3 SCSI[1], nShield F3 SCSI Ultrasign[2], nShield F3 SCSI Ultrasign 32[3], payShield[4], and payShield Ultra[5]", "Module Type": "Hardware", "Validation Date": "03/18/200403/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp403.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/403", "detail_available": true, "module_name": "nShield F3 SCSI[1], nShield F3 SCSI Ultrasign[2], nShield F3 SCSI Ultrasign 32[3], payShield[4], and payShield Ultra[5]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/402", "Certificate Number": "402", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nCipher 800 PCI[1], nCipher 1600 PCI[2], nCipher 1600 PCI for NetHSM[3], nForce 800 PCI[4] and nForce 1600 PCI[5]", "Module Type": "Hardware", "Validation Date": "03/18/200403/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp402.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/402", "detail_available": true, "module_name": "nCipher 800 PCI[1], nCipher 1600 PCI[2], nCipher 1600 PCI for NetHSM[3], nForce 800 PCI[4] and nForce 1600 PCI[5]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher modules: nCipher 800 PCI, nCipher 1600 PCI, nCipher 1600 PCI for NetHSM, nForce 800 PCI and nForce 1600 PCI family of secure ecommerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/401", "Certificate Number": "401", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nCipher 800 PCI[1], nCipher 1600 PCI[2], nCipher 1600 PCI for NetHSM[3], nForce 800 PCI[4] and nForce 1600 PCI[5]", "Module Type": "Hardware", "Validation Date": "03/18/200403/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp401.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/401", "detail_available": true, "module_name": "nCipher 800 PCI[1], nCipher 1600 PCI[2], nCipher 1600 PCI for NetHSM[3], nForce 800 PCI[4] and nForce 1600 PCI[5]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher modules: nCipher 800 PCI, nCipher 1600 PCI, nCipher 1600 PCI for NetHSM, nForce 800 PCI and nForce 1600 PCI family of secure ecommerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/400", "Certificate Number": "400", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nForce 150 PCI[1] and nForce 300 PCI[2]", "Module Type": "Hardware", "Validation Date": "03/18/200403/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp400.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/400", "detail_available": true, "module_name": "nForce 150 PCI[1] and nForce 300 PCI[2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher nForce family of secure e-commerce HSM's improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/399", "Certificate Number": "399", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nForce 150 SCSI[1] and nForce 400 SCSI[2]", "Module Type": "Hardware", "Validation Date": "03/18/200403/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp399.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/399", "detail_available": true, "module_name": "nForce 150 SCSI[1] and nForce 400 SCSI[2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nForce family of secure e-commerce HSM's improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/398", "Certificate Number": "398", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F2 PCI[1] and nShield F2 PCI[2] Ultrasign", "Module Type": "Hardware", "Validation Date": "03/18/200403/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp398.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/398", "detail_available": true, "module_name": "nShield F2 PCI[1] and nShield F2 PCI[2] Ultrasign", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/397", "Certificate Number": "397", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F2 SCSI[1] and nShield F2 SCSI Ultrasign[2]", "Module Type": "Hardware", "Validation Date": "03/18/200403/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp397.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/397", "detail_available": true, "module_name": "nShield F2 SCSI[1] and nShield F2 SCSI Ultrasign[2]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/396", "Certificate Number": "396", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F3 PCI[1], nShield F3 PCI Ultrasign[2], nCipher F3 PCI for NetHSM[3], nShield F3 PCI Ultrasign 32[4], payShield PCI[5], payShield Ultra PCI[6], payShield Ultra PCI for NetHSM[7] and nShield Lite[8]", "Module Type": "Hardware", "Validation Date": "03/18/200403/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp396.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/396", "detail_available": true, "module_name": "nShield F3 PCI[1], nShield F3 PCI Ultrasign[2], nCipher F3 PCI for NetHSM[3], nShield F3 PCI Ultrasign 32[4], payShield PCI[5], payShield Ultra PCI[6], payShield Ultra PCI for NetHSM[7] and nShield Lite[8]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/395", "Certificate Number": "395", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F3 SCSI[1], nShield F3 SCSI Ultrasign[2], nShield SCSI Ultrasign 32[3], payShield SCSI[4], and payShield Ultra[5]", "Module Type": "Hardware", "Validation Date": "03/18/200403/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp395.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/395", "detail_available": true, "module_name": "nShield F3 SCSI[1], nShield F3 SCSI Ultrasign[2], nShield SCSI Ultrasign 32[3], payShield SCSI[4], and payShield Ultra[5]", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/394", "Certificate Number": "394", "Vendor Name": "PGP Corporation", "Module Name": "PGP Software Developer’s Kit (PGP SDK)", "Module Type": "Software", "Validation Date": "03/18/200405/08/200703/07/200807/28/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp394.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/394", "detail_available": true, "module_name": "PGP Software Developer’s Kit (PGP SDK)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The PGP SDK includes a wide range of field-tested and standards-based encryption, digital signature, and encoding algorithms as well as a variety of secure network protocol implementations. The PGP SDK offers developers the same core crypto that is at the heart of PGP products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/393", "Certificate Number": "393", "Vendor Name": "SafeNet, Inc.", "Module Name": "CGX Cryptographic Module", "Module Type": "Software", "Validation Date": "03/10/200410/19/200409/14/200610/03/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp393.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/393", "detail_available": true, "module_name": "CGX Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Based on SafeNet's 20 years of security expertise and the most widely deployed VPN software in the industry, the CGX Cryptographic Library provides a high-level software interface to SafeNet SafeXcel™ VPN acceleration chips, cards, and EmbeddedIP™ intellectual property. The CGX library can be used as an API to hardware accelerators or for compiling software implementations of the latest industry standard algorithms. Containing over forty cryptographic commands, the CGX library can provide a total security solution in either software or hardware." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/392", "Certificate Number": "392", "Vendor Name": "SafeNet, Inc.", "Module Name": "CGX Cryptographic Module", "Module Type": "Software", "Validation Date": "03/10/200410/19/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp392.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/392", "detail_available": true, "module_name": "CGX Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Based on SafeNet's 20 years of security expertise and the most widely deployed VPN software in the industry, the CGX Cryptographic Library provides a high-level software interface to SafeNet SafeXcel™ VPN acceleration chips, cards, and EmbeddedIP™ intellectual property. The CGX library can be used as an API to hardware accelerators or for compiling software implementations of the latest industry standard algorithms. Containing over forty cryptographic commands, the CGX library can provide a total security solution in either software or hardware." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/391", "Certificate Number": "391", "Vendor Name": "F-Secure Corporation", "Module Name": "F-Secure® Cryptographic Library™ for Windows", "Module Type": "Software", "Validation Date": "03/10/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp391.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/391", "detail_available": true, "module_name": "F-Secure® Cryptographic Library™ for Windows", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The F-Secure Cryptographic Library for Windows (the Module) is a software module, implemented as a 32-bit Windows 'NT/2000/XP/98/ME' compatible DLL (FSCLM.DLL). The Module provides an assortment of cryptographic services to any client process that attaches an instance of the Module DLL. The Module is designed and implemented to meet the level 2 requirements of FIPS publication 140-2 when running on appropriate hardware under Windows 2000 with service pack 3 and Q326886 Hotfix operating system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/390", "Certificate Number": "390", "Vendor Name": "General Dynamics Decision Systems", "Module Name": "Assembly Crypto Module (ACM) and Flight Crypto Module (FCM)", "Module Type": "Hardware", "Validation Date": "03/08/200411/03/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp390.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/390", "detail_available": true, "module_name": "Assembly Crypto Module (ACM) and Flight Crypto Module (FCM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The ACM and FCM are multi-chip standalone cryptographic modules designed to meet the Level 2 security requirements as defined in FIPS PUB 140-2. ACM and FCM perform the Triple-DES algorithm." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/389", "Certificate Number": "389", "Vendor Name": "Network Security Technology (NST) Co.", "Module Name": "NST Security CryptoCard 2200(CC2200)", "Module Type": "Hardware", "Validation Date": "03/05/200404/09/200410/01/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp389.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/389", "detail_available": true, "module_name": "NST Security CryptoCard 2200(CC2200)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "NST CC2200, a security cryptographic card with PCI bus interface, is a “multi-chip embedded cryptographic module” that provides hardware cryptographic services to users, groups or processes. The NST Security CryptoCard provides hardware cryptographic services such as acceleration for bulk data encryption / decryption, digital signature generation / verification, secure key storage and key management functions to its users." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/388", "Certificate Number": "388", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco VPN 3002 and 3002-8E Hardware Clients", "Module Type": "Hardware", "Validation Date": "02/23/200402/27/200405/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp388.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/388", "detail_available": true, "module_name": "Cisco VPN 3002 and 3002-8E Hardware Clients", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco VPN 3002 Hardware Client is a small hardware appliance that operates as a client in Virtual Private Networking (VPN) environments. It combines the best features of a software client, including scalability and easy deployment, with the stability and independence of a hardware platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/387", "Certificate Number": "387", "Vendor Name": "Sun Microsystems, Inc.", "Module Name": "Sun Cryptographic Accelerator 4000", "Module Type": "Hardware", "Validation Date": "02/23/200404/05/200404/27/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp387.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/387", "detail_available": true, "module_name": "Sun Cryptographic Accelerator 4000", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Sun Cryptographic Accelerator 4000 (SCA 4000) is a highperformance secure networking solution for Sun servers. It is a PCI card consisting of a Gigabit Ethernet adapter with on-board cryptographic acceleration hardware and a secure cryptographic key store. The card enhances server network performance by off-loading compute intensive cryptographic calculations (asymmetric and symmetric) from the server's CPU, accelerating both IPsec and SSL processing. The SCA 4000 also provides a secure remote administration capability. It is tightly integrated with Sun's server hardware and software. The SCA 4000 meets or exceeds all FIPS 140-2 Level 3 requirements." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/386", "Certificate Number": "386", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "AirFortress™ Wireless Security Gateway Cryptographic Module", "Module Type": "Firmware", "Validation Date": "02/19/200404/29/200403/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp386.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/386", "detail_available": true, "module_name": "AirFortress™ Wireless Security Gateway Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The AirFortress™ Wireless Security Gateway is an electronic encryption module that enforces network access rights and encrypts and decrypts communication across a WLAN. Installed by the vendor onto a production-quality hardware platform and deployable on any LAN or WAN, the AF Gateway provides encryption, data integrity checking, authentication, access control, and data compression." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/385", "Certificate Number": "385", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet HighAssurance 500/1000 Gateway Cryptographic Module", "Module Type": "Hardware", "Validation Date": "02/19/200410/19/200406/06/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp385.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/385", "detail_available": true, "module_name": "SafeNet HighAssurance 500/1000 Gateway Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeNet HA500/1000 Gateway is a high-performance, standards-based hardware Virtual Private Network (VPN) and firewall. Providing a high speed, low cost solution, it features the strongest cryptography available and complete manageability. SafeNet custom designed a state-of-the-art Application Specific Integrated Circuits (ASIC) for the HA500/1000 that allows encryption using either AES, DES, or triple-DES as nIeeded by client applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/384", "Certificate Number": "384", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® Crypto for C (ICC)", "Module Type": "Software", "Validation Date": "02/17/200404/27/200412/02/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp384.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/384", "detail_available": true, "module_name": "IBM® Crypto for C (ICC)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The ICC is a C language implementation of cryptographic functions which uses the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/383", "Certificate Number": "383", "Vendor Name": "Axalto Inc.", "Module Name": "Cyberflex Access 64K v2 Cryptographic Module", "Module Type": "Hardware", "Validation Date": "02/17/200407/27/200409/21/200405/25/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp383.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/383", "detail_available": true, "module_name": "Cyberflex Access 64K v2 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The Cyberflex Access 64K v2 Cryptographic Module serves as a highly portable PKI and digital signature secure token for enhancing the security of network access and ensuring secure electronic communications. It supports on-card Triple DES, AES and 2048-bit RSA algorithms with on-card key generation. It is compliant to Java Card v2.1.1 and Open Platform v2.0.1’. The Cyberflex Access 64K v2 Cryptographic Module is part of a range of Schlumberger highly secure, Java-based cryptographic modules for physical and logical access, e-transactions and other applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/382", "Certificate Number": "382", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Server 2003 Enhanced Cryptographic Provider (RSAENH)", "Module Type": "Software", "Validation Date": "02/17/200410/07/200510/25/200510/15/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp382.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/382", "detail_available": true, "module_name": "Windows Server 2003 Enhanced Cryptographic Provider (RSAENH)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Microsoft Enhanced Cryptographic Provider is a FIPS 140-2 compliant, software-based, cryptographic module. RSAENH encapsulates several different cryptographic algorithms (including SHA-1, DES, 3DES, AES, RSA, SHA-1-based HMAC) in a cryptographic module accessible via the Microsoft CryptoAPI." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/381", "Certificate Number": "381", "Vendor Name": "Microsoft Corporation", "Module Name": "Windows Server 2003 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)", "Module Type": "Software", "Validation Date": "02/17/200410/25/200510/15/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp381.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/381", "detail_available": true, "module_name": "Windows Server 2003 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Windows Server 2003 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) is a FIPS 140-2 compliant, softwarebased, cryptographic module. DSSENH encapsulates several different cryptographic algorithms (including SHA-1, DES, 3DES, DSA and Diffie- Hellman) in a cryptographic module accessible via the Microsoft CryptoAPI (CAPI)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/380", "Certificate Number": "380", "Vendor Name": "ActivCard, Inc., Atmel, Inc. and MartSoft, Inc.", "Module Name": "Eagle 64K Flash Module v1", "Module Type": "Hardware", "Validation Date": "02/17/200405/26/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp380.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/380", "detail_available": true, "module_name": "Eagle 64K Flash Module v1", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Eagle 64K Flash Module v1 is based on Atmel Secure IC, MartSoft Global Platform Java Card OS and ActivCard Applet Suite. When the module is placed in a plastic smart card housing, it is ideal for secure identification, digital signature, storing and updating account information, personal data, and even monetary value, with increased security, portability and convenience to computer applications. The external interface provided by the applet suite is compliant with the smart card interoperability specification GSC-IS defined by GSA." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/379", "Certificate Number": "379", "Vendor Name": "Nortel Networks", "Module Name": "Contivity® 600, 1700 and 2700 Secure IP Services Gateways", "Module Type": "Hardware", "Validation Date": "02/17/200409/21/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp379.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/379", "detail_available": true, "module_name": "Contivity® 600, 1700 and 2700 Secure IP Services Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The FIPS 140-2 Level 2 compliant Contivity 600, 1700 and 2700 Secure IP Services Gateways are the ideal solution for enterprises requiring secure, low-cost connectivity across the Internet or managed IP networks. The Contivity 600, 1700 and 2700 provide, IP routing, Virtual Private Networking (VPN), stateful firewall, encryption, authentication, directory and policy services, Quality of Service (QoS), and bandwidth management services in a single integrated platform. These devices provide a solution for small, medium, and large sites requiring Internet connectivity for both secure VPN communications and for basic IP/Internet access." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/378", "Certificate Number": "378", "Vendor Name": "SafeNet, Inc.", "Module Name": "HighAssurance 2000 Gateway", "Module Type": "Hardware", "Validation Date": "02/12/200402/20/200403/17/200410/19/200406/06/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp378.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/378", "detail_available": true, "module_name": "HighAssurance 2000 Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeNet HA2000 is a high-performance, standards-based hardware Virtual Private Network (VPN). Providing a high speed, low cost solution, it features strong security and complete manageability. SafeNet custom designed a state-of-the-art Application Specific Integrated Circuits (ASIC) for the HA2000 that allow high speed encryption with Data Encryption Standard (DES) and triple-DES. DES is included for legacy systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/377", "Certificate Number": "377", "Vendor Name": "ReefEdge, Inc.", "Module Name": "Edge Controller 200", "Module Type": "Hardware", "Validation Date": "01/30/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp377.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/377", "detail_available": true, "module_name": "Edge Controller 200", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The ReefEdge family of Edge Controllers provides perimeter security and high-speed subnet roaming to the ReefEdge Connect System, connecting an enterprise's access points to its wired LAN. Edge Controllers enforce access control rules, implement bandwidth management, and perform encryption, enabling users to roam freely - among offices, between floors, across campuses - without losing their secure connection." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/376", "Certificate Number": "376", "Vendor Name": "IBM® Corporation", "Module Name": "IBM Java JCE 140-2 Cryptographic Module", "Module Type": "Software", "Validation Date": "01/30/200404/05/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp376.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/376", "detail_available": true, "module_name": "IBM Java JCE 140-2 Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The IBM« Java« JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for Multi-platforms is a scalable, multi-purpose cryptographic module that supports only FIPS approved cryptographic operations via the Java2 Application Programming Interfaces (APIs)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/375", "Certificate Number": "375", "Vendor Name": "SafeNet, Inc.", "Module Name": "Chrysalis-ITS K3 Cryptographic Engine", "Module Type": "Hardware", "Validation Date": "01/30/200410/18/200412/22/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp375.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/375", "detail_available": true, "module_name": "Chrysalis-ITS K3 Cryptographic Engine", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The K3 Chrysalis-ITS Cryptgraphic Engine is a hardware cryptographic module in the form of a PCI card that resides within a secured generalpurpose computing appliance. It is contained in its own secure enclosure that provides physical resistance to tampering and zeroization in the event the enclosure is opened. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI card." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/374", "Certificate Number": "374", "Vendor Name": "E.F. Johnson Co.", "Module Name": "Subscriber Encryption Module (SEM)", "Module Type": "Hardware", "Validation Date": "01/23/200405/05/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp374.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/374", "detail_available": true, "module_name": "Subscriber Encryption Module (SEM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The E.F. Johnson Co. Subscriber Encryption Module (SEM) is a cryptographic module meeting FIPS 140-2, Level 1 requirement. The SEM provides Subscriber Equipment, such as the E.F. Johnson Co. 5100 series radio with secure and encrypted voice communication. The SEM supports AES, DES, DSA, and SHA-1 FIPS Approved algorithms for voice communication and protection of its firmware. The SEM can be implemented into any Subscriber Equipment requiring FIPS 140-2, Level 1 security." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/373", "Certificate Number": "373", "Vendor Name": "CipherOptics Inc.", "Module Name": "CipherOptics Security GatewaySafeNet HighAssurance 4000 Gateway", "Module Type": "Hardware", "Validation Date": "01/15/200402/27/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp373.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/373", "detail_available": true, "module_name": "CipherOptics Security Gateway SafeNet HighAssurance 4000 Gateway", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The CipherOptics Security Gateway and the SafeNet High Assurance 4000 Gateway (aka the SafeNet HA 4000), which is the OEM version of the CipherOptics Security Gateway; is a high performance, integrated security appliance that offers Gigabit Ethernet IPSec encryption. Housed in a tamper evident chassis, the Security Gateway has two Gigabit Ethernet ports. Traffic on the local port is received in the clear, while traffic on the remote port has security processing applied to it." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/372", "Certificate Number": "372", "Vendor Name": "Giesecke & Devrient", "Module Name": "STARCOS SPK 2.4 CHIP", "Module Type": "Hardware", "Validation Date": "12/29/200303/19/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp372.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/372", "detail_available": true, "module_name": "STARCOS SPK 2.4 CHIP", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Giesecke & Devrient (G&D) Smart Card Chip Operating System Standard Version with Public Key Extension 2.4 (STARCOS SPK 2.4) is a scaleable multi-application operating system for smart cards and provides functionality that is necessary for public key infrastructure." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/371", "Certificate Number": "371", "Vendor Name": "Giesecke & Devrient", "Module Name": "STARCOS SPK 2.4 in ID-1 Module", "Module Type": "Hardware", "Validation Date": "12/29/200303/19/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp371.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/371", "detail_available": true, "module_name": "STARCOS SPK 2.4 in ID-1 Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Giesecke & Devrient (G&D) Smart Card Chip Operating System Standard Version with Public Key Extension 2.4 (STARCOS SPK 2.4) is a scaleable multi-application operating system for smart cards and provides functionality that is necessary for public key infrastructure." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/370", "Certificate Number": "370", "Vendor Name": "TECTIA Corporation", "Module Name": "SSH Cryptographic Library", "Module Type": "Software", "Validation Date": "12/24/200309/03/200409/21/200403/03/200603/06/200707/30/2010", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp370.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/370", "detail_available": true, "module_name": "SSH Cryptographic Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The SSH Cryptographic Library is a standards-based shared library providing FIPS 140-2 certified cryptographic services for SSH Communications Security's security products. The library provides a rich API and a comprehensive set of state-of-the-art algorithms including AES, 3DES, SHA-1, HMAC, RSA and DSA." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/369", "Certificate Number": "369", "Vendor Name": "SPYRUS, Inc.", "Module Name": "Rosetta CSI sToken", "Module Type": "Software", "Validation Date": "12/24/200310/14/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp369.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/369", "detail_available": true, "module_name": "Rosetta CSI sToken", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Rosetta CSI sToken is a software cryptographic token providing digital signature and encryption services in a PC environment. The Rosetta sToken provides for ease of use, deployment and the assurance provided through independent third party security validation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/368", "Certificate Number": "368", "Vendor Name": "Entrust, Inc.", "Module Name": "Entrust Authority™ Security Toolkit for C++", "Module Type": "Software", "Validation Date": "12/16/200305/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp368.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/368", "detail_available": true, "module_name": "Entrust Authority™ Security Toolkit for C++", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Kernel is a C++ class library of cryptographic functions bound together by a common object-oriented Application Programming Interface (API). Depending on the configuration and the runtime environment of the Kernel, the algorithms may be implemented in software, hardware, or a combination of both. The industry standard Cryptoki API, as described in PCKS #11, is used as the internal interface to hardware-based cryptographic tokens. Decisions are made at runtime whether to perform operations via cryptoki or in software, based on a table that records the crypto capabilities of particlular hardware devices. This table is built up at runtime by querying the actual token through Cryptoki." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/367", "Certificate Number": "367", "Vendor Name": "3e Technologies International, Inc.", "Module Name": "3e-010F Cryptographic Client Software and 3e-010F-C Cryptographic Client Software for Intel® PRO/Wireless 2200BG Network Connection and Intel® PRO/Wireless 2915ABG Network Connection", "Module Type": "Software", "Validation Date": "12/16/200301/20/200401/29/200405/25/200405/27/200411/04/200411/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp367.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/367", "detail_available": true, "module_name": "3e-010F Cryptographic Client Software and 3e-010F-C Cryptographic Client Software for Intel® PRO/Wireless 2200BG Network Connection and Intel® PRO/Wireless 2915ABG Network Connection", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The 3e-010f Crypto Client Software provides advanced wireless RF data security with AES/3DES encryption plus Dynamic Key generation plus session protection. The advanced security options include the standards as established by FIPS-140-2 -- the Federal Information Processing Standards mandated by the US Department of Defense for use in wireless environments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/366", "Certificate Number": "366", "Vendor Name": "M/A Com, Inc.", "Module Name": "EDACS ProVoice Orion System/Scan Mobile Two-Way FM Radios 806 - 870 MHz", "Module Type": "Hardware", "Validation Date": "12/16/200301/23/2004", "Status": "Revoked", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp366.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/366", "detail_available": true, "module_name": "EDACS ProVoice Orion System/Scan Mobile Two-Way FM Radios 806 - 870 MHz", "standard": "FIPS 140-1", "status": "Revoked", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The EDACS ProVoice Orion Mobile with FIPS 140-2 security level 1 validation provides digital voice for conventional and trunked communication environments. The Orion also allows for system and scan front mounting." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/365", "Certificate Number": "365", "Vendor Name": "Neopost Technologies", "Module Name": "Neopostage PSD Module", "Module Type": "Hardware", "Validation Date": "12/16/200310/03/200601/01/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp365.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/365", "detail_available": true, "module_name": "Neopostage PSD Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Neopostage Postal Security Device (PSD) Module functions as a software-based PSD that utilizes hardware-based cryptographic modules for securely managing and dispensing money and indicia via encryption and digital signature techniques. The module is ideally suited to Internet and high-volume mailing based applications requiring high-speed cryptographic functions. The module is designed to meet the applicable United States Postal Service Information-Based Indicium Program (USPS IBIP) specifications for postage meters." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/364", "Certificate Number": "364", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE Crypto-C ME Toolkit", "Module Type": "Software", "Validation Date": "12/09/200304/07/200410/01/200401/04/200810/16/200809/07/201003/28/201101/24/201302/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp364.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/364", "detail_available": true, "module_name": "RSA BSAFE Crypto-C ME Toolkit", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Crypto-C ME Module is RSA Security, Inc.'s cryptographic library designed for securing mobile devices like wireless phones and personal digital assistants. It contains assembly-level optimizations on key wireless processors while offering great flexibility and choice by allowing developers to select only the algorithms needed in reduced code sizes. Its functionality includes a wide range of data encryption and signing algorithms, including Triple-DES, the high-performing RC5, the RSA Public Key Cryptosystem, the DSA government signature algorithm, MD5 and SHA1 message digest routines, and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/363", "Certificate Number": "363", "Vendor Name": "IBM® Corporation", "Module Name": "JCOP21id 32K", "Module Type": "Hardware", "Validation Date": "11/26/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp363.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/363", "detail_available": true, "module_name": "JCOP21id 32K", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The JCOP21id is IBM's multi-application smart card, designed to the Java Card v2.1.1 and Global Platform v2.0.1 specifications. The smart card features IBM's PKCS#15 applet which provides standardized high-level security services including, 2048 bit key generation, DES, 3DES, SHA-1, RSA and AES. Additional features include biometric extensions as defined by the Java Card Forum and DAP/mandated DAP security for post issuance applets." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/362", "Certificate Number": "362", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA Applets on the Schlumberger Cyberflex Access 64k Platform", "Module Type": "Hardware", "Validation Date": "11/20/200310/16/200809/07/201002/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp362.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/362", "detail_available": true, "module_name": "RSA Applets on the Schlumberger Cyberflex Access 64k Platform", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The RSA Applets on the Schlumberger Cyberflex Access 64k Platform module provides authentication, key generation and use, and secure data storage on a mobile platform. The module conforms to JavaCard 2.1.1, OpenPlatform 2.0.1, and GSC/IS 2.0. The module allows end-users to securely store certificates, key pairs, and passwords for authentication, public-key and single sign-on applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/361", "Certificate Number": "361", "Vendor Name": "Francotyp-Postalia GmbH", "Module Name": "Revenector", "Module Type": "Hardware", "Validation Date": "11/20/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp361.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/361", "detail_available": true, "module_name": "Revenector", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Revenector is an embedded security device that can enhance the security of various kinds of appliances and computerized devices. The hardware of Revenector is designed to protect critical security parameters as well as application specific revenues. Its firmware enables hosting systems to load or update signed application specific firmware." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/360", "Certificate Number": "360", "Vendor Name": "Research in Motion Ltd.", "Module Name": "BlackBerry® Cryptographic Kernel", "Module Type": "Firmware", "Validation Date": "11/20/200304/29/200408/24/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp360.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/360", "detail_available": true, "module_name": "BlackBerry® Cryptographic Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-toend solution. The BlackBerry® Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry®." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/359", "Certificate Number": "359", "Vendor Name": "Mitsubishi Electric Corporation", "Module Name": "TurboMISTY", "Module Type": "Hardware", "Validation Date": "11/20/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp359.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/359", "detail_available": true, "module_name": "TurboMISTY", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "PCI Encryption Accelerator Card" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/358", "Certificate Number": "358", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "AirFortress™ Client Cryptographic Module", "Module Type": "Software", "Validation Date": "11/20/200303/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp358.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/358", "detail_available": true, "module_name": "AirFortress™ Client Cryptographic Module", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The AirFortress™ Secure Client is a software module designed to deliver security on wireless devices such as bar scanners, handhelds, and laptops using various operating systems. A plug-and-play solution, the Client encrypts and decrypts communication across the WLAN and protects the device against attacks without user intervention." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/357", "Certificate Number": "357", "Vendor Name": "Research In Motion Ltd.", "Module Name": "BlackBerry® Cryptographic Kernel", "Module Type": "Firmware", "Validation Date": "11/20/200304/29/200408/24/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp357.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/357", "detail_available": true, "module_name": "BlackBerry® Cryptographic Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-toend solution. The BlackBerry® Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry®." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/356", "Certificate Number": "356", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® CryptoLite in C", "Module Type": "Software", "Validation Date": "11/20/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp356.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/356", "detail_available": true, "module_name": "IBM® CryptoLite in C", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "IBM CryptoLite is a C software package providing advanced cryptographic services in a very small footprint. CryptoLite supports public key encryption, digital signatures, symmetric ciphers, hash functions, message authentication codes, and other cryptographic algorithms through a simple programming interface. There are no runtime dependencies and the code has been optimized for high performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/355", "Certificate Number": "355", "Vendor Name": "3e Technologies International, Inc.", "Module Name": "3e-521NP, 3e-522FIPS and 3e-530NP Wireless Gateways", "Module Type": "Hardware", "Validation Date": "10/27/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp355.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/355", "detail_available": true, "module_name": "3e-521NP, 3e-522FIPS and 3e-530NP Wireless Gateways", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The 3e family of Secure Wireless Gateways implements a cryptographic suite including AES, 3DES, SHA-1, HMAC SHA-1, Diffie-Hellman, and HTTPS/TLS. These algorithms are used in combination to protect the main Gateway services of bridging from wired uplink LAN to the wireless LAN, NAT routing from the wired uplink LAN to the wireless LAN, and DHCP service to the local LAN allowing a wired local LAN to exist over the local wireless LAN interface." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/354", "Certificate Number": "354", "Vendor Name": "IBM® Corporation", "Module Name": "IBM CryptoLite in Java", "Module Type": "Software", "Validation Date": "10/27/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp354.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/354", "detail_available": true, "module_name": "IBM CryptoLite in Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "IBM CryptoLite is a 100% Java software package providing advanced cryptographic services in a very small footprint. CryptoLite supports public key encryption, digital signatures, symmetric ciphers, hash functions, message authentication codes, and other cryptographic algorithms through a simple programming interface. There are no runtime dependencies and the code has been optimized for high performance. It runs on JDK 1.1 or higher." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/353", "Certificate Number": "353", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "NetFortress™ Cryptographic Kernel", "Module Type": "Software", "Validation Date": "10/27/200303/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp353.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/353", "detail_available": true, "module_name": "NetFortress™ Cryptographic Kernel", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The NetFortress™ Cryptographic Kernel secures private communications among corporate divisions, branch offices, and mobile users. Installed by the vendor onto a production-quality hardware platform and deployable on any LAN or WAN, the NF Crypto Kernel provides encryption, data integrity checking, authentication, access control, data compression, and firewall capabilities; it is IPSec compliant." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/352", "Certificate Number": "352", "Vendor Name": "Neopost Technologies", "Module Name": "NSD Postage Meter", "Module Type": "Hardware", "Validation Date": "10/21/200308/06/200408/09/200408/11/200410/06/200404/27/200510/18/200510/03/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp352.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/352", "detail_available": true, "module_name": "NSD Postage Meter", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The NSD module is a postage meter supporting accounting and cryptographic functions including the generation of 2D barcodes w/ECDSA signatures for secure electronic transactions. Associated with a document transport system and an inkjet print-head, the module is capable of processing up to 250 envelopes per minute." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/351", "Certificate Number": "351", "Vendor Name": "Certicom Corp.", "Module Name": "Security Builder® Government Solutions Edition (SBGSE)", "Module Type": "Software", "Validation Date": "10/10/200310/17/200303/06/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp351.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/351", "detail_available": true, "module_name": "Security Builder® Government Solutions Edition (SBGSE)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode - for Palm", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Security Builder GSE is a standards based cryptographic toolkit that provides application developers with sophistocated tools to flexibly integrate encryption, digital signatures and other security mechanisms into their applications. Security Builder provides the cryptographic core for Certicom's products, including movianCrypt, MovianVPN, SSL and wTLS Plus, and Trustpoint PKI products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/350", "Certificate Number": "350", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® Crypto for C (ICC)", "Module Type": "Software", "Validation Date": "10/03/200308/23/200412/02/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp350.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/350", "detail_available": true, "module_name": "IBM® Crypto for C (ICC)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The ICC is a C language implementation of cryptographic functions which uses the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/349", "Certificate Number": "349", "Vendor Name": "Colubris Networks Inc.", "Module Name": "Colubris CN1050 and CN1054 Wireless LAN Routers", "Module Type": "Hardware", "Validation Date": "10/03/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp349.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/349", "detail_available": true, "module_name": "Colubris CN1050 and CN1054 Wireless LAN Routers", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Colubris CN105x Secure Wireless LAN Router enables strong security for wireless enterprise networking, using embedded IPSec VPN and firewall functionalities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/348", "Certificate Number": "348", "Vendor Name": "Francotyp-Postalia GmbH", "Module Name": "Postal Revenector", "Module Type": "Hardware", "Validation Date": "09/25/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp348.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/348", "detail_available": true, "module_name": "Postal Revenector", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Francotyp-Postalia Postal Revenector employs strong encryption, decryption, and digital signature techniques for the protection of customer revenues in Francotyp-Postalia’s mail handlers. The Postal Revenector has been designed in compliance with the United States Postal Service (USPS), Information-Based Indicia Program (IBIP)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/347", "Certificate Number": "347", "Vendor Name": "Information Security Corporation", "Module Name": "ISC Cryptographic Development Kit (CDK) V7.0", "Module Type": "Software", "Validation Date": "09/24/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp347.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/347", "detail_available": true, "module_name": "ISC Cryptographic Development Kit (CDK) V7.0", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "A software development toolkit providing a comprehensive set of cryptographic primitives for use in any application. includes RSA, DSA/Diffie-Hellman and elliptic curve algorithms, as well as a wide range of symmetric ciphers and hash functions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/346", "Certificate Number": "346", "Vendor Name": "IBM® Corporation", "Module Name": "Security Module with CP/Q++", "Module Type": "Hardware", "Validation Date": "09/24/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp346.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/346", "detail_available": true, "module_name": "Security Module with CP/Q++", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Security Module with CP/Q++ is the security-sensitive portion of the IBM 4758 Cryptographic Coprocessor. The Security Module is a tamper-responding, programmable module containing a CPU, encryption hardware, RAM, EEPROM, hardware random number generator, time of day clock, and firmware. The CP/Q++ control program provides basic services Coprocessor applications use for cryptographic and secure-storage processing. The validation affirms a secure environment in which to implement or extend an application program requiring secure storage, cryptographic capabilities, and processing integrity. The Coprocessor is available for use in typical PC servers and as features in IBM eServer iSeries, pSeries, and zSeries servers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/345", "Certificate Number": "345", "Vendor Name": "IBM® Corporation", "Module Name": "Security Module with CP/Q++", "Module Type": "Hardware", "Validation Date": "09/24/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp345.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/345", "detail_available": true, "module_name": "Security Module with CP/Q++", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Security Module with CP/Q++ is the security-sensitive portion of the IBM 4758 Cryptographic Coprocessor. The Security Module is a tamper-responding, programmable module containing a CPU, encryption hardware, RAM, EEPROM, hardware random number generator, time of day clock, and firmware. The CP/Q++ control program provides basic services Coprocessor applications use for cryptographic and secure- storage processing. The validation affirms a secure environment in which to implement or extend an application program requiring secure storage, cryptographic capabilities, and processing integrity. The Coprocessor is available for use in typical PC servers and as features in IBM eServer iSeries, pSeries, and zSeries servers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/344", "Certificate Number": "344", "Vendor Name": "Stonesoft Corporation", "Module Name": "StoneGate High Availability Firewall and VPN", "Module Type": "Firmware", "Validation Date": "09/16/200310/07/200304/29/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp344.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/344", "detail_available": true, "module_name": "StoneGate High Availability Firewall and VPN", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "StoneGate is a firewall and VPN software solution. It features clustering, load balancing between multiple ISPs, encrypted VPN client connectivity and advanced central administration tools." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/343", "Certificate Number": "343", "Vendor Name": "Wei Dai", "Module Name": "Crypto++ Library", "Module Type": "Software", "Validation Date": "09/05/200310/28/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp343.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/343", "detail_available": true, "module_name": "Crypto++ Library", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Crypto++ Library is a free, open source C++ class library providing public key encryption, digital signatures, symmetric ciphers, hash functions, message authentication codes, and other cryptographic algorithms. The dynamic link library (DLL) is FIPS 140-2 Level 1 validated. The source code of the validated module is available upon request." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/342", "Certificate Number": "342", "Vendor Name": "Eracom Technologies Group, Eracom Technologies Australia, Pty. Ltd.", "Module Name": "ProtectHost Orange Hardware Security Module and ProtectHost Orange Hardware Security Module with ORGA FM", "Module Type": "Hardware", "Validation Date": "09/05/200309/24/200310/18/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp342.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/342", "detail_available": true, "module_name": "ProtectHost Orange Hardware Security Module and ProtectHost Orange Hardware Security Module with ORGA FM", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Eracom protecthost orange is an advanced Hardware Security Module (HSM) offering high speed cryptographic processing and key management. The module implements the PKCS#11 cryptographic API and provides a comprehensive compliance to the PKCS#11 standard as well as vendor specific extensions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/341", "Certificate Number": "341", "Vendor Name": "ReefEdge, Inc.", "Module Name": "Edge Controller 100x", "Module Type": "Hardware", "Validation Date": "08/29/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp341.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/341", "detail_available": true, "module_name": "Edge Controller 100x", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The ReefEdge family of Edge Controllers provides perimeter security and high-speed subnet roaming to the ReefEdge Connect System, connecting an enterprise's access points to its wired LAN. Edge Controllers enforce access control rules, implement bandwidth management, and perform encryption, enabling users to roam freely - among offices, between floors, across campuses - without losing their secure connection." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/340", "Certificate Number": "340", "Vendor Name": "SonicWall, Inc.", "Module Name": "Cisco CSS Series 11000 Secure Content Accelerator/SonicWALL SSL-RX", "Module Type": "Hardware", "Validation Date": "08/29/200304/25/200704/21/201506/08/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp340.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/340", "detail_available": true, "module_name": "Cisco CSS Series 11000 Secure Content Accelerator/SonicWALL SSL-RX", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SCA2/SSL-RX is an SSL proxy device designed for SSL acceleration and offloading. The SCA2/SSL-RX provides the ability to both terminate and initiate SSL connectio ns, converting cipher-text to clear-text, or clear-text to cipher-text." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/339", "Certificate Number": "339", "Vendor Name": "AKCode Inc.", "Module Name": "Anonymous Key Technology (AKT) C++ Module (CPP) and Anonymous Key Technology (AKT) Java Module (JAVA)", "Module Type": "Software", "Validation Date": "07/31/200310/06/200307/28/200508/24/200506/07/201303/20/201512/06/2021", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp339.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/339", "detail_available": true, "module_name": "Anonymous Key Technology (AKT) C++ Module (CPP) and Anonymous Key Technology (AKT) Java Module (JAVA)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "A non PKI based software suite to allow secure authenticated Internet transactions. The suite incorporates biometrics into the authentication and encryption algorithms. Currently, the suite has been tested with encrypted video conferencing, Internet email, secure Internet transactions, secure data storage and personal authentication. The suite uses smart cards, RF cards, and USB storage devices as personal authentication devices." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/338", "Certificate Number": "338", "Vendor Name": "Axalto Inc.", "Module Name": "Cyberflex Access e-gate 32K", "Module Type": "Hardware", "Validation Date": "07/07/200309/21/200405/25/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp338.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/338", "detail_available": true, "module_name": "Cyberflex Access e-gate 32K", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Cybeflex Access e-gate 32K serves as a highly portable, secure token for enhancing the security of network access and ensuring secure electronic communications, supporting on-card DES (used only for legacy systems) and RSA algorithms with on-card key generation. It is compliant to Java Card v2.1.1 and Open Platform v2.0.1. The card incorporates, apart from the conventional ISO 7816-3 interface, also the USB interface normally resident in the smart card reader. Thus, it bridges the gulf between the public terminal infrastructure (ISO 7816-3) and the PC world (USB). The Cyberflex Access e-gate 32K is part of a range of Schlumberger highly secure, Java-based smart cards for physical and logical access, e-transactions and other applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/337", "Certificate Number": "337", "Vendor Name": "Phaos Technology Corporation", "Module Name": "Phaos Crypto", "Module Type": "Software", "Validation Date": "07/07/200304/30/200408/23/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp337.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/337", "detail_available": true, "module_name": "Phaos Crypto", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Phaos Crypto provides a state-of-the-art set of core cryptography algorithms in Java. It includes a comprehensive cryptographic library supporting the most current algorithms like AES, RSA-OAEP, SHA- 256/384/512, X.9-42 as well as legacy algorithms that are still used in corporate systems like 3DES, DES, MD2 etc.. Phaos Crypto allows developers to integrate cryptography into any Java application or applet. For high security deployments, Phaos Crypto provides transparent migration to cryptographic hardware without requiring any changes to existing applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/336", "Certificate Number": "336", "Vendor Name": "Motorola, Inc.", "Module Name": "Digital Interface Unit Crypto Module (DIU CM)", "Module Type": "Hardware", "Validation Date": "07/07/200301/05/200403/30/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp336.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/336", "detail_available": true, "module_name": "Digital Interface Unit Crypto Module (DIU CM)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The DIU CM provides secure voice and Over-the-Air-Rekeying (OTAR) advanced key management for Motorola’s Digital Interface Unit (DIU). The DIU and DIU CM combine to provide these cryptographic services for Motorola’s APCO-25 compliant Astro ™ family of console and base station radio infrastructure equipment." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/335", "Certificate Number": "335", "Vendor Name": "NetScreen Technologies, Inc.", "Module Name": "NetScreen-204/208", "Module Type": "Hardware", "Validation Date": "07/07/200308/29/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp335.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/335", "detail_available": true, "module_name": "NetScreen-204/208", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The NetScreen-204/208 are purpose-built network security appliances that deliver firewall, VPN, and traffic shaping optimized for the most demanding environments such as medium and large enterprise offices, e-business sites, data centers, and carrier infrastructures." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/334", "Certificate Number": "334", "Vendor Name": "NetScreen Technologies, Inc.", "Module Name": "NetScreen-500", "Module Type": "Hardware", "Validation Date": "07/07/200308/29/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp334.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/334", "detail_available": true, "module_name": "NetScreen-500", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The NetScreen-500 is a purpose-built internet security appliance that provides advanced firewall, IPSec VPN, and traffic management functionality, optimized for the most demanding environments such as medium and large enterprise offices, carrier infrastructures, or service providers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/333", "Certificate Number": "333", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nCipher PMC 1600 PCI", "Module Type": "Hardware", "Validation Date": "06/27/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp333.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/333", "detail_available": true, "module_name": "nCipher PMC 1600 PCI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher PMC 1600 PCI secure e-Commerce SSL family of secure ecommerce accelerators are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher PMC 1600 PCI is a FIPS 140-2 level 3 embedded device. The nCipher PMC 1600 PCI improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/332", "Certificate Number": "332", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nCipher PMC 1600 PCI", "Module Type": "Hardware", "Validation Date": "06/27/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp332.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/332", "detail_available": true, "module_name": "nCipher PMC 1600 PCI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher PMC 1600 PCI secure e-Commerce SSL family of secure ecommerce accelerators are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher PMC 1600 PCI may be initialized as a FIPS 140-2 level 2 embedded device. The nCipher PMC 1600 PCI improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/331", "Certificate Number": "331", "Vendor Name": "Motorola, Inc.", "Module Name": "Key Management Facility Crypto Card (KMF CC)", "Module Type": "Hardware", "Validation Date": "06/27/200303/30/200402/10/2011", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp331.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/331", "detail_available": true, "module_name": "Key Management Facility Crypto Card (KMF CC)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The KMF CC provides encryption and decryption services for secure key management and Over-the-Air-Rekeying (OTAR) for Motorola’s Key Management Facility (KMF). The KMF and KMF CC combine to provide these cryptographic services for Motorola’s APCO-25 compliant Astro ™ radio systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/330", "Certificate Number": "330", "Vendor Name": "Lipman Electronic Engineering Ltd.", "Module Name": "NURIT 202 PIN Pad", "Module Type": "Hardware", "Validation Date": "06/27/200304/30/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp330.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/330", "detail_available": true, "module_name": "NURIT 202 PIN Pad", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "Refer to the cryptographic module’s security policy for the details on the letters", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The NURIT 202 is an advanced, easy-to- use handheld PIN Pad allowing for protected debit/credit transactions. The NURT 202 can be interconnected with any NURIT point-of-sale (POS) terminal, or terminals of other manufacturers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/329", "Certificate Number": "329", "Vendor Name": "CyberGuard Corporation", "Module Name": "CyberGuard Cryptographic Module", "Module Type": "Software", "Validation Date": "06/27/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp329.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/329", "detail_available": true, "module_name": "CyberGuard Cryptographic Module", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The CyberGuard Firewall/VPN is a packet-filtering and application proxy gateway, which allows or blocks the routing of specific network services between networks based on a set of administrator-defined rules." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/328", "Certificate Number": "328", "Vendor Name": "Bodacion Technologies", "Module Name": "HYDRA Server Cryptographic Module", "Module Type": "Hardware", "Validation Date": "06/27/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp328.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/328", "detail_available": true, "module_name": "HYDRA Server Cryptographic Module", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "HYDRA is an internet server built without an operating system from the ground up to be totally secure. It contains everything you need to run a high-performance, secure Web site including HTTP, HTTPS, and FTP servers, Web-based administration, and Java/JSP capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/327", "Certificate Number": "327", "Vendor Name": "Axalto Inc.", "Module Name": "Schlumberger Cyberflex Access 32K Smart Card Module with Schlumberger PKI Applets", "Module Type": "Hardware", "Validation Date": "06/17/200309/21/200405/25/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp327.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/327", "detail_available": true, "module_name": "Schlumberger Cyberflex Access 32K Smart Card Module with Schlumberger PKI Applets", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The Schlumberger Cyberflex Access 32K Smart Card Module with Schlumberger PKI Applets is a single chip implementation of a Java Card 2.1.1 compliant smart card module. It is also compliant with OP 2.0.1, thus establishing a well defined security infrastructure through applet instantiation, key management and security policy configuration which can be performed using FIPS 140-2 compliant mechanisms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/326", "Certificate Number": "326", "Vendor Name": "NetScreen Technologies, Inc.", "Module Name": "NetScreen-5200", "Module Type": "Hardware", "Validation Date": "06/17/200308/29/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp326.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/326", "detail_available": true, "module_name": "NetScreen-5200", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The NetScreen-5200 is a purpose-built internet security appliance that provides advanced firewall and IPSec VPN functionality, optimized for the most demanding environments such as large enterprise offices, carrier infrastructures, or service providers. The NetScreen-5200 is capable of 2 Gbps 3DES VPN throughput." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/325", "Certificate Number": "325", "Vendor Name": "NetScreen Technologies, Inc.", "Module Name": "NetScreen-5XT", "Module Type": "Hardware", "Validation Date": "06/17/200308/29/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp325.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/325", "detail_available": true, "module_name": "NetScreen-5XT", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The NetScreen-5XT is a purpose-built internet network security appliance that delivers firewall, VPN, and traffic management optimized for remote offices, home offices, and telecommuters." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/324", "Certificate Number": "324", "Vendor Name": "IP Dynamics, Inc.", "Module Name": "VCN Member Agent Cryptographic Module", "Module Type": "Software", "Validation Date": "06/06/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp324.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/324", "detail_available": true, "module_name": "VCN Member Agent Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "IP Dynamics’ VCN Software Suite creates a secure network services layer above the flat Internet address space allowing the creation of dynamic virtual communities, which are the secure, collaborative communications platforms designed for a wide range of intranet, extranet, remote access and collaboration applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/323", "Certificate Number": "323", "Vendor Name": "IP Dynamics, Inc.", "Module Name": "VCN Manager Cryptographic Module", "Module Type": "Software", "Validation Date": "06/06/200306/27/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp323.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/323", "detail_available": true, "module_name": "VCN Manager Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "IP Dynamics’ VCN Software Suite creates a secure network services layer above the flat Internet address space allowing the creation of dynamic virtual communities, which are the secure, collaborative communications platforms designed for a wide range of intranet, extranet, remote access and collaboration applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/322", "Certificate Number": "322", "Vendor Name": "Palm Solutions Group", "Module Name": "Crypto Manager", "Module Type": "Software", "Validation Date": "06/06/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp322.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/322", "detail_available": true, "module_name": "Crypto Manager", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Crypto Manager Version 2.0 provides cryptographic services to applications on the Palm platform. Using the Crypto Manager API (Application Programming Interface), application developers can access strong cryptographic services without having expertise in cryptography. Crypto manager is designed to be used on any devices running Palm OS 3.0 or higher. It features strong encryption via AES, HMAC SHA-1 message authentication and SHA-1 digests Crypto Manager is built to comply with FIPS 140-2 Level 1." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/321", "Certificate Number": "321", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® Everyplace™ Wireless Gateway Cryptographic Module", "Module Type": "Software", "Validation Date": "05/29/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp321.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/321", "detail_available": true, "module_name": "IBM® Everyplace™ Wireless Gateway Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The IBM® Everyplace Wireless Gateway Cryptographic Module provides encryption and other cryptographic services for the IBM® Everyplace Wireless Gateway for Multiplatforms. The IBM® Everyplace Wireless Gateway for Multiplatforms is a distributed, scalable, multipurpose UNIX® communications platform that can support optimized, security-enhanced data access by both Wireless Application Protocol (WAP) clients and non- WAP clients over a wide range of international wireless network technologies, as well as local area (LAN) and wide area (WAN) wire line networks. The cryptographic module was tested on a AIX Version 5.2 platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/320", "Certificate Number": "320", "Vendor Name": "IBM® Corporation", "Module Name": "IBM® Everyplace™ Wireless Gateway Cryptographic Module", "Module Type": "Software", "Validation Date": "05/29/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp320.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/320", "detail_available": true, "module_name": "IBM® Everyplace™ Wireless Gateway Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The IBM® Everyplace Wireless Gateway Cryptographic Module provides encryption and other cryptographic services for the IBM® Everyplace Wireless Gateway for Multiplatforms. The IBM® Everyplace Wireless Gateway for Multiplatforms is a distributed, scalable, multipurpose UNIX® communications platform that can support optimized, securityenhanced data access by both Wireless Application Protocol (WAP) clients and non-WAP clients over a wide range of international wireless network technologies, as well as local area (LAN) and wide area (WAN) wire line networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/319", "Certificate Number": "319", "Vendor Name": "ActivCard, Inc.", "Module Name": "Cyberflex Access 64K v1 with ActivCard applet suite", "Module Type": "Hardware", "Validation Date": "05/29/200310/03/200312/03/200308/03/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp319.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/319", "detail_available": true, "module_name": "Cyberflex Access 64K v1 with ActivCard applet suite", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Cyberflex Access 64K v1 with ActivCard applet suite, which incorporates PKI (public key infrastructure) and digital signature technology, serve as highly portable, secure tokens for enhancing the security of network access and ensuring secure electronic communications. The SmartCard platform has on board Triple DES and RSA algorithms and can provide on board key generation. It is compliant to Java Card V2.1.1 and Open Platform V2.0.1." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/318", "Certificate Number": "318", "Vendor Name": "Axalto Inc.", "Module Name": "Cyberflex Access 64K", "Module Type": "Hardware", "Validation Date": "05/29/200307/03/200307/15/200306/25/200409/21/200406/06/200505/25/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp318.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/318", "detail_available": true, "module_name": "Cyberflex Access 64K", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The Cyberflex Access 64K can be employed in solutio ns which provide secure PKI (public key infrastructure) and digital signature technology. Cyberflex Access 64K serves as a highly portable, secure token for enhancing the security of network access and ensuring secure electronic communications. Cyberflex Access 64K supports on-card Triple DES and 1024-bit RSA algorithms with on-card key generation. It is compliant to Java Card v2.1.1 and Open Platform v2.0.1. The Cyberflex Access 64K is part of a range of Schlumberger highly secure, Java-based smart cards for physical and logical access, e-transactions and other applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/317", "Certificate Number": "317", "Vendor Name": "Motorola Solutions, Inc.", "Module Name": "Astro Subscriber Encryption Module", "Module Type": "Hardware", "Validation Date": "05/29/200306/11/200303/30/200401/30/2017", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp317.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/317", "detail_available": true, "module_name": "Astro Subscriber Encryption Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Encryption modules used in Motorola Astro family of radios provide secure voice and data capabilities as well as APCO Over-the-Air-Rekeying (OTAR) and advanced key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/316", "Certificate Number": "316", "Vendor Name": "Certicom Corp.", "Module Name": "Security Builder® Government Solutions Edition (SBGSE)", "Module Type": "Software", "Validation Date": "05/13/200306/30/200303/06/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp316.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/316", "detail_available": true, "module_name": "Security Builder® Government Solutions Edition (SBGSE)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode - for Windows and WinCE", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Security Builder GSE is a standards-based cryptography toolkit that provides application developers with the sophisticated tools and flexibility needed to integrate encryption, digital signatures, and other security mechanisms into their applications. Security Builder provides the cryptographic core for a variety of Certicom products, including movianCrypt, movianVPN, SSL Plus, Trustpoint PKI products and toolkits and certificates, and WTLS Plus. Security Builder is also licensed to third party companies." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/315", "Certificate Number": "315", "Vendor Name": "Motorola, Inc.", "Module Name": "Motorola Gold Elite Gateway Secure Card (MGEG SC)", "Module Type": "Hardware", "Validation Date": "05/13/200311/26/200312/03/200312/24/200304/13/200407/27/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp315.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/315", "detail_available": true, "module_name": "Motorola Gold Elite Gateway Secure Card (MGEG SC)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The MGEG Secure Card is a cPCI device which performs encryption and decryption for all voice traffic through the Motorola Gold Elite Gateway (MGEG)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/314", "Certificate Number": "314", "Vendor Name": "SafeNet, Inc.", "Module Name": "Model 330J with JCCOS Applet", "Module Type": "Hardware", "Validation Date": "04/24/200302/22/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp314.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/314", "detail_available": true, "module_name": "Model 330J with JCCOS Applet", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The Model 330J is SAFENET'S multi-application smart card, designed to the JavaCard v2.1.1 and Global Platform v2.0.1 specifications. The Model 330J smart card features SAFENET'S JCCOS operating system applet (Javabased Cryptographic Card Operating System). JCCOS is an advanced cryptographic applet that, when loaded onto a multi-application JavaCard, enables FIPS 140-2 Level 2 validation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/313", "Certificate Number": "313", "Vendor Name": "Entrust, Inc.", "Module Name": "Entrust Authority Security Toolkit for Java", "Module Type": "Software", "Validation Date": "03/28/200305/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp313.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/313", "detail_available": true, "module_name": "Entrust Authority Security Toolkit for Java", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Entrust AuthorityTM Toolkits provide customers and partners with the ability to apply best-in-class security to almost any business application. These Toolkits provide a common set of services to permit developers to rapidly deploy applications that solve business problems without having to spend valuable development cycles developing these common services. Entrust Authority's standards-based, application programming interfaces (APIs) make it possible to implement a single enhanced Internet security architecture across multiple applications and platforms. By minimizing the need for separate administration modules with every deployed application, these Toolkits provide a reduction in administrative duplication and help to reduce the cost to deploy across multiple platforms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/312", "Certificate Number": "312", "Vendor Name": "Research In Motion Ltd.", "Module Name": "BlackBerry Cryptographic Kernel", "Module Type": "Firmware", "Validation Date": "03/28/200304/25/200305/02/200304/29/200408/24/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp312.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/312", "detail_available": true, "module_name": "BlackBerry Cryptographic Kernel", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-toend solution. The BlackBerryTM Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerryTM." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/311", "Certificate Number": "311", "Vendor Name": "TLC-Chamonix, LLC", "Module Name": "Cranite Wireless Access Controller", "Module Type": "Software", "Validation Date": "03/20/200307/10/200303/29/200402/03/200502/21/200602/24/200603/10/200605/20/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp311.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/311", "detail_available": true, "module_name": "Cranite Wireless Access Controller", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Cranite Wireless® Access Controller is a cryptographic software system for wireless LANs that enforces network access rights, encrypts / decrypts authorized traffic, and provides seamless, secure mobility services to users as they mo ve across subnets. The Cranite Wireless Access Controller software installs onto a standard, enterprise-class hardware platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/310", "Certificate Number": "310", "Vendor Name": "Standard Networks, Inc.", "Module Name": "MOVEit Crypto", "Module Type": "Software", "Validation Date": "03/11/200303/20/200301/30/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp310.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/310", "detail_available": true, "module_name": "MOVEit Crypto", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "MOVEit Crypto is a 32-bit compact dynamically linked library (DLL) that provides fast encryption services to applications running on Microsoft Windows operating systems. MOVEit Crypto is supported on Windows 95/98/ME/NT 4.0/2000/XP. MOVEit Crypto provides an API featuring NIST-approved AES encryption, SHA-1 hashing, and pseudo-random number generation algorithms. The easy-to-use programming interface allows applications to be written without special code for details like block size, padding mode, and so on. MOVEit Crypto is a member of the MOVEit security and file transfer product family." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/309", "Certificate Number": "309", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE Crypto-C ME Toolkit Module", "Module Type": "Software", "Validation Date": "03/07/200310/01/200401/04/200810/16/200809/07/201003/28/201101/24/201302/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp309.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/309", "detail_available": true, "module_name": "RSA BSAFE Crypto-C ME Toolkit Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Crypto-C ME Module is RSA Security, Inc.’s cryptographic library designed for securing mobile devices like wireless phones and personal digital assistants. It contains assembly-level optimizations on key wireless processors while offering great flexibility and choice by allowing developers to select only the algorithms needed in reduced code sizes. Its functionality includes a wide range of data encryption and signing algorithms, including Triple-DES, the high-performing RC5, the RSA Public Key Cryptosystem, the DSA government signature algorithm, MD5 and SHA1 message digest routines, and more." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/308", "Certificate Number": "308", "Vendor Name": "Entrust, Inc.", "Module Name": "Entrust Security Kernel Version 7.0", "Module Type": "Software", "Validation Date": "03/07/200305/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp308.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/308", "detail_available": true, "module_name": "Entrust Security Kernel Version 7.0", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Kernel is a C++ class library of cryptographic functions bound together by a common object-oriented Application Programming Interface (API). Depending on the configuration and runtime environment of the Kernel, the algorithms may be implemented in software, hardware, or a combination of both. The industry standard Cryptoki API, as described in PKCS #11, is used as the internal interface to hardware-based cryptographic tokens. Decisions are made at runtime whether to perform operations via cryptoki or in software, based on a table that records the crypto capabilities of particular hardware devices. This table is built up at runtime by querying the actual token through Cryptoki." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/307", "Certificate Number": "307", "Vendor Name": "Symbol (Columbitech)", "Module Name": "WTLS Cryptographic Module", "Module Type": "Software", "Validation Date": "03/07/200303/14/200303/20/200305/23/200303/30/200403/11/200509/12/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp307.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/307", "detail_available": true, "module_name": "WTLS Cryptographic Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Symbol Technologies Inc is using the WTLS Cryptographic Module in the AirBEAM® Safe product, a software only VPN solution built on standards, installable today, without any proprietary adjustments, and extendable for any future needs and technologies. In summary, AirBEAM® Safe benefits include strong security framework, using an advanced architecture with PKI support, true end-to-end security, authentication outside the firewall; optimized wireless performance using advanced data compression; convenience of always-on connectivity and seamless roaming between different public networks, LAN/WLAN/GPRS. Supported clients; PPC 2002, Windows 2000/XP Supported servers: Windows 2000/NT 4.0" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/306", "Certificate Number": "306", "Vendor Name": "Lucent Technologies, Inc.", "Module Name": "Brick 1000", "Module Type": "Hardware", "Validation Date": "03/07/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp306.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/306", "detail_available": true, "module_name": "Brick 1000", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Brick 1000 is a carrier-grade integrated firewall and virtual private network (VPN) gateway appliance specifically designed for web/application data center security, large-scale managed security services, and remote access VPN services. Called the Brick because of its rugged, reliable design, this is an ideal platform for service providers seeking wide scalability, ready manageability, and industryleading performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/305", "Certificate Number": "305", "Vendor Name": "Lucent Technologies, Inc.", "Module Name": "Brick 1000 with Encryption Accelerator Card", "Module Type": "Hardware", "Validation Date": "03/07/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp305.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/305", "detail_available": true, "module_name": "Brick 1000 with Encryption Accelerator Card", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Brick 1000 is a carrier-grade integrated firewall and virtual private network (VPN) gateway appliance specifically designed for web/application data center security, large-scale managed security services, and remote access VPN services. Called the Brick because of its rugged, reliable design, this is an ideal platform for service providers seeking wide scalability, ready manageability, and industryleading performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/304", "Certificate Number": "304", "Vendor Name": "Lucent Technologies, Inc.", "Module Name": "Brick 201", "Module Type": "Hardware", "Validation Date": "03/07/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp304.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/304", "detail_available": true, "module_name": "Brick 201", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Brick 201 is a carrier-grade integrated firewall and virtual private network (VPN) gateway appliance specifically designed for web/application data center security, large-scale managed security services, and remote access VPN services. Called the Brick because of its rugged, reliable design, this is an ideal platform for service providers seeking wide scalability, ready manageability, and industryleading performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/303", "Certificate Number": "303", "Vendor Name": "Lucent Technologies, Inc.", "Module Name": "Brick 201 with Encryption Accelerator Card", "Module Type": "Hardware", "Validation Date": "03/07/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp303.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/303", "detail_available": true, "module_name": "Brick 201 with Encryption Accelerator Card", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Brick 201 is a carrier-grade integrated firewall and virtual private network (VPN) gateway appliance specifically designed for web/application data center security, large-scale managed security services, and remote access VPN services. Called the Brick because of its rugged, reliable design, this is an ideal platform for service providers seeking wide scalability, ready manageability, and industryleading performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/302", "Certificate Number": "302", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nForce 150 SCSI and nForce 400 SCSI", "Module Type": "Hardware", "Validation Date": "03/07/200305/09/200301/23/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp302.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/302", "detail_available": true, "module_name": "nForce 150 SCSI and nForce 400 SCSI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nForce SSL family of secure e-commerce accelerators improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, ecommerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/301", "Certificate Number": "301", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nForce 150 PCI and nForce 300 PCI", "Module Type": "Hardware", "Validation Date": "03/07/200305/09/200301/23/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp301.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/301", "detail_available": true, "module_name": "nForce 150 PCI and nForce 300 PCI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher nForce SSL family of secure e-commerce accelerators improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, ecommerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/300", "Certificate Number": "300", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F3 SCSI, nShield F3 Ultrasign SCSI and nShield F3 Ultrasign 32 SCSI and payShield", "Module Type": "Hardware", "Validation Date": "03/07/200305/09/200301/23/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp300.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/300", "detail_available": true, "module_name": "nShield F3 SCSI, nShield F3 Ultrasign SCSI and nShield F3 Ultrasign 32 SCSI and payShield", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nShield \"SEE Ready\" range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/299", "Certificate Number": "299", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F2 SCSI, nShield F2 Ultrasign SCSI and nShield F2 Ultrasign 32 SCSI", "Module Type": "Hardware", "Validation Date": "03/07/200305/09/200301/23/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp299.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/299", "detail_available": true, "module_name": "nShield F2 SCSI, nShield F2 Ultrasign SCSI and nShield F2 Ultrasign 32 SCSI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nShield \"SEE Ready\" range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/298", "Certificate Number": "298", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F2 PCI, nShield F2 Ultrasign PCI and nShield F2 Ultrasign 32 PCI", "Module Type": "Hardware", "Validation Date": "03/07/200305/09/200301/23/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp298.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/298", "detail_available": true, "module_name": "nShield F2 PCI, nShield F2 Ultrasign PCI and nShield F2 Ultrasign 32 PCI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher nShield \"SEE Ready\" range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/297", "Certificate Number": "297", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F3 PCI, nShield F3 Ultrasign PCI and nShield F3 Ultrasign 32 PCI", "Module Type": "Hardware", "Validation Date": "03/07/200305/09/200301/23/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp297.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/297", "detail_available": true, "module_name": "nShield F3 PCI, nShield F3 Ultrasign PCI and nShield F3 Ultrasign 32 PCI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher nShield \"SEE Ready\" range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/296", "Certificate Number": "296", "Vendor Name": "Utimaco Inc.", "Module Name": "Atalla Cryptographic Engine (ACE)", "Module Type": "Hardware", "Validation Date": "03/07/200303/18/200309/19/201101/25/201612/21/201712/04/2018", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp296.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/296", "detail_available": true, "module_name": "Atalla Cryptographic Engine (ACE)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Atalla Cryptographic Engine (ACE) is a multichip module that provides state of the art, secure cryptographic processing. The ACE features secure key management and storage capabilities, and also provides high performance Triple DES processing and Public Key Infrastructure support required to support a broad range of payment and authentication applications. The ACE is used in the Atalla A10100, A9100, and A8100 Network Security Processors Series products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/295", "Certificate Number": "295", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nCipher 800 PCI and nCipher 1600 PCI", "Module Type": "Hardware", "Validation Date": "03/07/200301/23/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp295.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/295", "detail_available": true, "module_name": "nCipher 800 PCI and nCipher 1600 PCI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher nForce II secure e-Commerce SSL family of secure ecommerce accelerators are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nForce modules: nForce 800, nForce 1600 are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/294", "Certificate Number": "294", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nCipher 800 PCI and nCipher 1600 PCI", "Module Type": "Hardware", "Validation Date": "03/07/200301/23/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp294.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/294", "detail_available": true, "module_name": "nCipher 800 PCI and nCipher 1600 PCI", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher nForce II secure e-Commerce SSL family of secure ecommerce accelerators are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nForce modules: nForce 800, nForce 1600 are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/293", "Certificate Number": "293", "Vendor Name": "Aladdin Knowledge Systems, Ltd.", "Module Name": "eToken PRO 32K", "Module Type": "Hardware", "Validation Date": "02/13/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp293.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/293", "detail_available": true, "module_name": "eToken PRO 32K", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The eToken PRO is a fully portable USB device the size of an average house key offering a cost-Effective method for authenticating users when accessing a network and for securing electronic business applications. The eToken PRO can generate and store users' personal credentials, such as private keys, passwords and digital certificates, inside the protected environment of the token itself. Users' private keys never leave the token." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/292", "Certificate Number": "292", "Vendor Name": "Aladdin Knowledge Systems, Ltd.", "Module Name": "eToken PRO 32K HD", "Module Type": "Hardware", "Validation Date": "02/13/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp292.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/292", "detail_available": true, "module_name": "eToken PRO 32K HD", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The eToken PRO is a fully portable USB device the size of an average house key offering a cost-effective method for authenticating users when accessing a network and for securing electronic business applications. The eToken PRO can generate and store users' personal credentials, such as private keys, passwords and digital certificates, inside the protected environment of the token itself. Users' private keys never leave the token." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/291", "Certificate Number": "291", "Vendor Name": "Aladdin Knowledge Systems, Ltd.", "Module Name": "eToken PRO 16K", "Module Type": "Hardware", "Validation Date": "02/13/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp291.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/291", "detail_available": true, "module_name": "eToken PRO 16K", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The eToken PRO is a fully portable USB device the size of an average house key offering a cost-Effective method for authenticating users when accessing a network and for securing electronic business applications. The eToken PRO can generate and store users' personal credentials, such as private keys, passwords and digital certificates, inside the protected environment of the token itself. Users' private keys never leave the token." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/290", "Certificate Number": "290", "Vendor Name": "Aladdin Knowledge Systems, Ltd.", "Module Name": "eToken PRO 16K HD", "Module Type": "Hardware", "Validation Date": "02/13/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp290.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/290", "detail_available": true, "module_name": "eToken PRO 16K HD", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The eToken PRO is a fully portable USB device the size of an average house key offering a cost-effective method for authenticating users when accessing a network and for securing electronic business applications. The eToken PRO can generate and store users' personal credentials, such as private keys, passwords and digital certificates, inside the protected environment of the token itself. Users' private keys never leave the token." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/289", "Certificate Number": "289", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-J Toolkit Module", "Module Type": "Software", "Validation Date": "02/04/200310/01/200412/14/200412/16/200401/04/200810/16/200809/07/201003/28/201101/24/201302/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp289.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/289", "detail_available": true, "module_name": "RSA BSAFE® Crypto-J Toolkit Module", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Crypto-J Module is a Java-language software development kit that allows software and hardware developers to incorporate encryption technologies directly into their products. The tested Crypto-J Module is a Java-language API available as a Java ARchive, or JAR, file." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/288", "Certificate Number": "288", "Vendor Name": "Tumbleweed Communications Corp.", "Module Name": "ValiCert Security Module", "Module Type": "Software", "Validation Date": "02/04/200306/10/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp288.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/288", "detail_available": true, "module_name": "ValiCert Security Module", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The ValiCert VA Toolkit 4.3 is built on our FIPS 140-1 cryptographic module. The 4.3 toolkit release has several new APIs and features. The library is also used within ValiCert Desktop Validator, Server Validators, Enterprise Validation Server, Document Authority, and Secure Transport Products. New features in VA Toolkit 4.3 include New APIs for fetching CRLs; Extended APIs for Certificate-Store ; Extended support for CRLs ; JITC compliance features ; TLS ; SSL Tunneling via Proxy Servers. The 4.3 release and prior releases support OCSP, SCVP, CRL, CRLdp protocols over HTTP, and HTTPS. The VA Toolkit 4.3 supports Windows 98/ NT/2000, Solaris 5.6/5.7/5.8, HP UX 11.0, and AIX 4.3. The Toolkit works along with FIPS 140-1 Level 3 and Level 4 validated hardware devices: e.g. nCipher, Baltimore, and Chrysalis-ITS hardware signing / encryption modules. The toolkit is also tested for interoperability with various PKI vendors: AOL/Netscape, Sun/Iplanet, Entrust, Baltimore, Verisign, Computer Associates and RSA Security products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/287", "Certificate Number": "287", "Vendor Name": "Mykotronx, Inc.", "Module Name": "82A FORTEZZA Crypto Card", "Module Type": "Hardware", "Validation Date": "02/04/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp287.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/287", "detail_available": true, "module_name": "82A FORTEZZA Crypto Card", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Mykotronx 82A FORTEZZA Crypto Card provides cryptographic security and authentication methods in a PC Card hardware token for government and commercial applications. Self- contained, standardized, and easily integrated, the 82A FORTEZZA Crypto Card enables portable security, with onboard storage of user credentials, keys, and digital certificates." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/286", "Certificate Number": "286", "Vendor Name": "Novell, Inc.", "Module Name": "Novell International Cryptographic Infrastructure (NICI)", "Module Type": "Software", "Validation Date": "01/17/200301/22/200301/31/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp286.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/286", "detail_available": true, "module_name": "Novell International Cryptographic Infrastructure (NICI)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Novell International Cryptographic Infrastructure (NICI) for Solaris is a cryptographic module providing keys, algorithms, various key storage and usage mechanisms, and a large-scale key management system. Supported Novell services utilizing NICI includes eDirectory, Novell Modular Authentication Service (NMAS), Public Key Infrastructure Services, Novell SecretStore, and TLS/SSL." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/285", "Certificate Number": "285", "Vendor Name": "M/A Com, Inc.", "Module Name": "Jaguar 700P/Pi", "Module Type": "Hardware", "Validation Date": "01/17/200302/12/2003", "Status": "Revoked", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp285.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/285", "detail_available": true, "module_name": "Jaguar 700P/Pi", "standard": "FIPS 140-1", "status": "Revoked", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Portable, 64-bit Encryption, EDACS JAGUAR 700P, 800MHZ, 128 SYSTEMS/GROUPS, DATA ENABLED EDACS radio. System and Scan version, with Intrinsically Safe (IS), and Immersion options." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/284", "Certificate Number": "284", "Vendor Name": "NetScreen Technologies, Inc.", "Module Name": "NetScreen-204 and NetScreen-208", "Module Type": "Hardware", "Validation Date": "01/17/200302/21/200306/03/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp284.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/284", "detail_available": true, "module_name": "NetScreen-204 and NetScreen-208", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "NetScreen-204 and NetScreen-208 are purpose-built internet security appliances that deliver firewall, VPN, and traffic shaping optimized for the most demanding environments such as medium and large enterprise offices, e-business sites, data centers, and carrier infrastructures." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/283", "Certificate Number": "283", "Vendor Name": "Simple Access Inc.", "Module Name": "SSL-100 SDK Accelerator", "Module Type": "Hardware", "Validation Date": "01/17/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp283.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/283", "detail_available": true, "module_name": "SSL-100 SDK Accelerator", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Simple Access SSL-100 SDK is a high performance drop-in accelerator card that processes up to 4000 1024-bit RSA keys/second. A single SSL-100 SDK will allow a Web server to achieve sustained throughput of up to 1600 new SSL connections per second using 1024-bit operands. The SSL-100 SDK offloads SSL processing and the huge cryptographic computations from the server, freeing the CPU to respond immediately to transactions. This solution eliminates dropped connections, failed transactions and slow response times thereby maintaining user loyalty to transactional Web sites." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/282", "Certificate Number": "282", "Vendor Name": "Motorola, Inc.", "Module Name": "ASTRO Subscriber Universal Crypto Module", "Module Type": "Hardware", "Validation Date": "12/20/200205/30/200306/11/200311/26/200312/24/200303/30/200407/27/200401/13/200612/19/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp282.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/282", "detail_available": true, "module_name": "ASTRO Subscriber Universal Crypto Module", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Encryption modules used in Motorola ASTRO™ family of radios provides secure voice and data capabilities as well as APCO Over-the-Air-Rekeying (OTAR) and advanced key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/281", "Certificate Number": "281", "Vendor Name": "V-ONE Corporation, Inc.", "Module Name": "SmartGate®", "Module Type": "Software", "Validation Date": "12/23/200201/09/200306/18/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp281.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/281", "detail_available": true, "module_name": "SmartGate®", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "V-ONE Corporations SmartGate is leading client/server Virtual Private Network (VPN) software that provides enterprise-level security to network-based users for private information and private TCP/IP application services. SmartGate provides encryption, strong user authentication, authorization, management, accounting, key distribution, and proxy capabilities. It consists of server (SmartGate) and client (SmartPass) software." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/280", "Certificate Number": "280", "Vendor Name": "Tricipher, Inc.", "Module Name": "Secure Identity Appliance", "Module Type": "Hardware", "Validation Date": "12/12/200202/22/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp280.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/280", "detail_available": true, "module_name": "Secure Identity Appliance", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SingleSignOn.Net Secure Identity Appliance is a Public Key Infrastructure (PKI) and password authentication solution. It allows for the easy deployment of PKI scalable to large numbers of users and provides an ID/Password system that uses the underlying PKI to provide security and robustness. The Secure Identity Appliance is able to perform public key-based cryptography, including digital signatures and encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/279", "Certificate Number": "279", "Vendor Name": "McAfee, Inc.", "Module Name": "McAfee Endpoint Encryption for PCs Client (formerly SafeBoot Client)", "Module Type": "Software", "Validation Date": "11/26/200208/18/200608/29/200604/30/200706/23/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp279.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/279", "detail_available": true, "module_name": "McAfee Endpoint Encryption for PCs Client (formerly SafeBoot Client)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "McAfee Endpoint Encryption for PCs Client is a high performance software solution that provides sector-level encryption of a PC's hard drive in a manner that is totally transparent to the user. In addition, the centralized McAfee Endpoint Encryption management system provides robust recovery tools, administration, and implementation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/278", "Certificate Number": "278", "Vendor Name": "Entrust CygnaCom", "Module Name": "Entrust CygnaCom IPSec Cryptographic Module", "Module Type": "Software", "Validation Date": "11/07/200208/23/200405/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp278.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/278", "detail_available": true, "module_name": "Entrust CygnaCom IPSec Cryptographic Module", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Entrust CygnaCom IPSec Cryptographic Module is a software cryptographic module intended to provide secure IPSEC communications between client workstations/laptops and servers. The communications are secured by the use of Triple DES (TDES) running in the Triple Cipher Block Chaining (TCBC) mode of operation to encrypt and the data portion of TCP/IP packets using either the IPSEC ESP-tunneled mode or ESP-transport mode. HMAC SHA-1 is used to authenticate IPSEC message headers and protocol data units." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/277", "Certificate Number": "277", "Vendor Name": "M/A Com, Inc.", "Module Name": "Enhanced Digital Access Communications System (EDACS) Orion System/Scan (AEGIS) Mobile Two-Way FM RadiosVHF-L range: 136-153 MHzVHF-M range: 150-174 MHzUHF-L range: 403-440 MHzUHF-M range: 440-470 MHzUHF-H range: 470-512 MHz800 range: 806-870 MHz", "Module Type": "Hardware", "Validation Date": "11/07/200201/16/200303/07/200303/13/2003", "Status": "Revoked", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp277.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/277", "detail_available": true, "module_name": "Enhanced Digital Access Communications System (EDACS) Orion System/Scan (AEGIS) Mobile Two-Way FM Radios VHF-L range: 136-153 MHz VHF-M range: 150-174 MHz UHF-L range: 403-440 MHz UHF-M range: 440-470 MHz UHF-H range: 470-512 MHz 800 range: 806-870 MHz", "standard": "FIPS 140-1", "status": "Revoked", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The EDACS Orion Mobile with FIPS 140-1 security level 1 validation. Aegis digital voice, conventional and trunked; system and scan front mounting." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/276", "Certificate Number": "276", "Vendor Name": "Securit-e-Doc, Inc.", "Module Name": "Securit-e-Doc® SITT CryptoSystem", "Module Type": "Software", "Validation Date": "10/31/200206/10/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp276.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/276", "detail_available": true, "module_name": "Securit-e-Doc® SITT CryptoSystem", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Securit-e-Doc® provides secure server-based transmission and storage of files and messages using interactive, Web-enabled interfaces. All components of the Securit-e-Doc system derive their security services from the underlying SITT® CryptoSystem. SITT®, implemented within the Securit-e-Doc application software, provides real-time cryptographic services for symmetric encryption and decryption, random number generation and message digesting." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/275", "Certificate Number": "275", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-J Toolkit Module", "Module Type": "Software", "Validation Date": "10/31/200210/01/200401/04/200810/16/200809/07/201003/28/201101/24/201302/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp275.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/275", "detail_available": true, "module_name": "RSA BSAFE® Crypto-J Toolkit Module", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Crypto-J Module is a Java- language software development kit that allows software and hardware developers to incorporate encryption technologies directly into their products. The tested Crypto-J Module is a Java-language API available as a Java Archive, or JAR, file." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/274", "Certificate Number": "274", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet ATM Encryptor", "Module Type": "Hardware", "Validation Date": "10/24/200204/16/200310/19/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp274.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/274", "detail_available": true, "module_name": "SafeNet ATM Encryptor", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeNet™ SafeEnterprise™ ATM Encryptor provides data privacy and access control for connections between vulnerable public and private ATM networks. It employs FIPS approved DES or Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in T1, E1, T3, E3, OC3c and OC12c networks. The SafeNet™ SafeEnterprise™ ATM Encryptor can be centrally controlled or managed across multiple remote stations using SafeNet™ SafeEnterprise™ Security Management Center, an SNMP-based security management system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/273", "Certificate Number": "273", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet ATM Encryptor", "Module Type": "Hardware", "Validation Date": "10/24/200204/16/200310/19/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp273.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/273", "detail_available": true, "module_name": "SafeNet ATM Encryptor", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeNet™ SafeEnterprise™ ATM Encryptor provides data privacy and access control for connections between vulnerable public and private ATM networks. It employs FIPS approved DES or Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in T1, E1, T3, E3, OC3c and OC12c networks. The SafeNet™ SafeEnterprise™ ATM Encryptor can be centrally controlled or managed across multiple remote stations using SafeNet™ SafeEnterprise™ Security Management Center, an SNMP-based security management system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/272", "Certificate Number": "272", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet ATM Encryptor", "Module Type": "Hardware", "Validation Date": "10/24/200204/16/200310/19/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp272.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/272", "detail_available": true, "module_name": "SafeNet ATM Encryptor", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeNet™ SafeEnterprise™ ATM Encryptor provides data privacy and access control for connections between vulnerable public and private ATM networks. It employs FIPS approved DES or Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in T1, E1, T3, E3, OC3c and OC12c networks. The SafeNet™ SafeEnterprise™ ATM Encryptor can be centrally controlled or managed across multiple remote stations using SafeNet™ SafeEnterprise™ Security Management Center, an SNMP-based security management system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/271", "Certificate Number": "271", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet ATM Encryptor", "Module Type": "Hardware", "Validation Date": "10/24/200204/16/200310/19/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp271.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/271", "detail_available": true, "module_name": "SafeNet ATM Encryptor", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SafeNet™ SafeEnterprise™ ATM Encryptor provides data privacy and access control for connections between vulnerable public and private ATM networks. It employs FIPS approved DES or Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in T1, E1, T3, E3, OC3c and OC12c networks. The SafeNet™ SafeEnterprise™ ATM Encryptor can be centrally controlled or managed across multiple remote stations using SafeNet™ SafeEnterprise™ Security Management Center, an SNMP-based security management system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/270", "Certificate Number": "270", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® DSM", "Module Type": "Hardware", "Validation Date": "10/18/200210/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp270.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/270", "detail_available": true, "module_name": "Luna® DSM", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Chrysalis-ITS™ Luna® DSM Digital Signature Module is a hardware-based, multiple-chip standalone module in the form of a PC card “token” based on the PCMCIA standard. The LUNA DSM token is a hardware crypto engine for digital signing, identification and authentication and is used in applications that require FIPS Level II key generation, protection and storage for limited numbers of digital keys." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/269", "Certificate Number": "269", "Vendor Name": "Cryptek, Inc.", "Module Name": "DiamondVPN™", "Module Type": "Hardware", "Validation Date": "10/18/200202/25/200310/02/200304/08/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp269.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/269", "detail_available": true, "module_name": "DiamondVPN™", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "DiamondVPN™ is a rack- mounted network security appliance that can be installed at a LAN edge for a work group or department operating on your enterprise network to enforce a single security profile for traffic outbound from the LAN and access to the LAN from the outside. Unlike traditional VPNs, DiamondVPN™ also offers secure pass-through to networks in which DiamondLink™ protects some users." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/268", "Certificate Number": "268", "Vendor Name": "Cryptek, Inc.", "Module Name": "DiamondPak™ and DiamondVPN-6™", "Module Type": "Hardware", "Validation Date": "10/18/200202/25/200307/31/200310/02/200304/08/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp268.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/268", "detail_available": true, "module_name": "DiamondPak™ and DiamondVPN-6™", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "DiamondPak\" is a rack- mounted network appliance for protecting multiple servers with each server protected by a dedicated self-protecting DiamondTEK\" security computer enforcing a single security profile. DiamondPak\"'s advanced access-control system for protecting critical backend systems is available in configurations to protect 2, 4, or 6 systems. DiamondVPN-6 is a network security appliance for protecting a group of servers or users within an organization with each group protected by a dedicated self-protecting DiamondTEK security computer enforcing a single security profile. DiamondVPN s advanced access control system for protecting critical backend groups is available in a configuration to protect 6 individual groups." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/267", "Certificate Number": "267", "Vendor Name": "Cryptek, Inc.", "Module Name": "DiamondLink™", "Module Type": "Hardware", "Validation Date": "10/18/200202/25/200310/02/200304/08/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp267.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/267", "detail_available": true, "module_name": "DiamondLink™", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "DiamondLink™ is an external, drop- in network appliance for individual users that features a built- in security computer and authentication card reader in a single device. With its plug-and-play flexibility, DiamondLink™ can be easily extended to other network devices such as printers, fax machines, and networked manufacturing devices." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/266", "Certificate Number": "266", "Vendor Name": "F-Secure Corporation", "Module Name": "F-Secure Pocket PC Cryptographic Library (Compact Version)", "Module Type": "Software", "Validation Date": "10/18/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp266.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/266", "detail_available": true, "module_name": "F-Secure Pocket PC Cryptographic Library (Compact Version)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The F-Secure Pocket PC Cryptographic Library is a software module, implemented as a 32-bit Windows CE compatible DLL for Pocket PC and Pocket PC 2002 platforms. It provides an assortment of cryptographic services to any client process that attaches an instance of the module DLL. The services are accessible for the client through a C-language Application Program Interface. The cryptographic services are also available in the form of a static library and as source code." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/265", "Certificate Number": "265", "Vendor Name": "F-Secure Corporation", "Module Name": "F-Secure Pocket PC Cryptographic Library (Full Version)", "Module Type": "Software", "Validation Date": "10/18/200207/31/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp265.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/265", "detail_available": true, "module_name": "F-Secure Pocket PC Cryptographic Library (Full Version)", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The F-Secure Pocket PC Cryptographic Library is a software module, implemented as a 32-bit Windows CE compatible DLL for Pocket PC and Pocket PC 2002 platforms. It provides an assortment of cryptographic services to any client process that attaches an instance of the module DLL. The services are accessible for the client through a C-language Application Program Interface. The cryptographic services are also available in the form of a static library and as source code." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/264", "Certificate Number": "264", "Vendor Name": "Lucent Technologies, Inc.", "Module Name": "Access Point 600 with 10/100 Ethernet, HSSI, ATM DS3, ATM OC3/STM-1 MMF, ATM OC3/STM-1 SMF-IR, 4-Port T1/E1, ATM OC3/STM-1 SMF-LR, MSSI, Frame-Based DS3, ISDN S/T, and ISDN U", "Module Type": "Hardware", "Validation Date": "10/11/200211/18/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp264.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/264", "detail_available": true, "module_name": "Access Point 600 with 10/100 Ethernet, HSSI, ATM DS3, ATM OC3/STM-1 MMF, ATM OC3/STM-1 SMF-IR, 4-Port T1/E1, ATM OC3/STM-1 SMF-LR, MSSI, Frame-Based DS3, ISDN S/T, and ISDN U", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Access Point 600 is a next-generation, high performance IP services router optimized for service providers wishing to quickly introduce man-aged IP services at mid-size branch and regional enterprise customer premises locations. Access Point 600 is purpose-built to deliver IP services with multi-access routing, Quality of Service (QoS) with Class-Based Queuing (CBQ), secure Virtual Private Networks (VPN), firewall security, and policy management. And the service provider has the advantages of easy deployment to multi-size customer premises locations, and the implementation of flexible management facilities that can be both customer and/or service provider managed.", "algorithms": [ "DES", "DSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/263", "Certificate Number": "263", "Vendor Name": "Communication Devices, Inc.", "Module Name": "UniGuard-V90", "Module Type": "Hardware", "Validation Date": "10/11/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp263.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/263", "detail_available": true, "module_name": "UniGuard-V90", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Single port Triple DES encryption modem." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/262", "Certificate Number": "262", "Vendor Name": "Communication Devices, Inc.", "Module Name": "UniGuard-V34", "Module Type": "Hardware", "Validation Date": "10/11/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp262.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/262", "detail_available": true, "module_name": "UniGuard-V34", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Single port Triple DES encryption modem." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/261", "Certificate Number": "261", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Compliant Meter Postal Security Device", "Module Type": "Hardware", "Validation Date": "10/11/200210/21/200202/20/200303/07/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp261.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/261", "detail_available": true, "module_name": "Compliant Meter Postal Security Device", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Pitney Bowes Compliant Meter Postal Security Device (PSD) has been designed in compliance with the United States Postal Service (USPS), Information-Based Indicia Program (IBIP). It employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes IBIP Metering products. The PSD has been designed to support international postal markets and their rapidly evolving requirements for digital indicia." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/260", "Certificate Number": "260", "Vendor Name": "Motorola, Inc.", "Module Name": "Encryption Services Module", "Module Type": "Software", "Validation Date": "10/08/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp260.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/260", "detail_available": true, "module_name": "Encryption Services Module", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip embedded", "description": "The Encryption Services Module is incorporated into the operating platform software of the Accompli 009 -- the first wireless communications device to incorporate tri-band GSM and GPRS protocols, telephone functionality, Internet access, e- mail, Triple-DES encryption, WAP browser and short message service (SMS) with a full QWERTY keyboard and 256-color screen." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/259", "Certificate Number": "259", "Vendor Name": "Motorola, Inc.", "Module Name": "Encryption DLL Module", "Module Type": "Software", "Validation Date": "10/08/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp259.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/259", "detail_available": true, "module_name": "Encryption DLL Module", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Encryption DLL Module is incorporated into the Motorola Messaging Server, an enterprise system for managing data between a corporate e- mail or data base system and a wireless device, and the Motorola MyMail Desktop Plus, a personal application to manage e- mail between the desktop and a wireless device." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/258", "Certificate Number": "258", "Vendor Name": "Tumbleweed Communications Corp.", "Module Name": "Tumbleweed Secure Mail™ Security Kernel", "Module Type": "Software", "Validation Date": "10/08/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp258.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/258", "detail_available": true, "module_name": "Tumbleweed Secure Mail™ Security Kernel", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Tumbleweed Secure MailTM Application is a software products designed to allow organizations to apply content filtering and secure messaging policies on email. The Secure MailTM Application uses a shared set of cryptographic functionality called the Secure MailTM Security Kernel. The Secure MailTM Security Kernel exposes cryptographic application programming interface (API) calls to the other portions of Secure MailTM." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/257", "Certificate Number": "257", "Vendor Name": "ActivCard, Inc.", "Module Name": "ActivCard Applet suite on SchlumbergerSema Cyberflex Access 32K", "Module Type": "Hardware", "Validation Date": "09/30/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp257.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/257", "detail_available": true, "module_name": "ActivCard Applet suite on SchlumbergerSema Cyberflex Access 32K", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The ActivCard Applet suite is based on the SchlumbergerSema Cyberflex Access 32K smart card platform, which is Java Card V2.1.1 and Global Platform V2.0.1 compliant. The applet suite relies on the security offered by Global Platform services to allow secure post-issuance operations, such as applet instantiation, key management and security policy configuration. The external interface provided by the applet suite is compliant with the smart card interoperability specification defined by the GSA." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/256", "Certificate Number": "256", "Vendor Name": "Neopost Technologies", "Module Name": "N90i Secure Metering Moddule (SMM)", "Module Type": "Hardware", "Validation Date": "09/26/200210/25/200210/03/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp256.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/256", "detail_available": true, "module_name": "N90i Secure Metering Moddule (SMM)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The module provides services to an office and post room based mailing system. The systems features include hand or auto feed mail processing speeds in excess of 5000 envelopes per hour using Ink jet technology, a moistening option, scale interface, internal modem for remote recrediting and memory card for slogan and rate loading, external printer for reports." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/255", "Certificate Number": "255", "Vendor Name": "Altarus Corporation", "Module Name": "Altarus Cryptographic Module", "Module Type": "Software", "Validation Date": "09/20/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp255.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/255", "detail_available": true, "module_name": "Altarus Cryptographic Module", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Altarus offering provides a premier platform and rapid development tools for creating, extending, and deploying secure enterprise applications to the desktop, mobile devices, or handheld devices" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/254", "Certificate Number": "254", "Vendor Name": "ITT", "Module Name": "NEXCOM MDR/MDT Interface Security Card (MMISC)", "Module Type": "Hardware", "Validation Date": "09/20/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp254.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/254", "detail_available": true, "module_name": "NEXCOM MDR/MDT Interface Security Card (MMISC)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Software hosted on a Single Board Computer that acts as a public key, RSA/SHA-1 - based authentication agent within the FAA's NEXCOM Multi-Mode Digital Radio." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/253", "Certificate Number": "253", "Vendor Name": "SafeNet, Inc.", "Module Name": "HighAssurance™ 2000 Gateway (HA2000)", "Module Type": "Hardware", "Validation Date": "09/20/200207/03/200310/19/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp253.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/253", "detail_available": true, "module_name": "HighAssurance™ 2000 Gateway (HA2000)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The HA2000 is a multi-chip standalone hardware-based, Virtual Private Network (VPN) box that provides authenticated, encrypted network communications. Secure, remote management is provided using the IPSec and SNMPv2 protocols. Custom hardware allows for speed and reliability along with high security and low cost." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/252", "Certificate Number": "252", "Vendor Name": "Novell, Inc.", "Module Name": "Novell International Cryptographic Infrastructure (NICI)", "Module Type": "Software", "Validation Date": "09/20/200201/22/200301/31/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp252.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/252", "detail_available": true, "module_name": "Novell International Cryptographic Infrastructure (NICI)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Novell International Cryptographic Infrastructure for Windows" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/251", "Certificate Number": "251", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeEnterprise™ Link Encryptor-T1 (SLE-T1) and SafeEnterprise™ Link Encryptor-E1 120ohms (SLE-E1-120)", "Module Type": "Hardware", "Validation Date": "09/19/200207/03/200310/19/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp251.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/251", "detail_available": true, "module_name": "SafeEnterprise™ Link Encryptor-T1 (SLE-T1) and SafeEnterprise™ Link Encryptor-E1 120ohms (SLE-E1-120)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "SLEs secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 4 Mbps over public and private data networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/250", "Certificate Number": "250", "Vendor Name": "Lucent Technologies, Inc.", "Module Name": "Access Point 300-ST, 300-M-ST, 300-2M-ST, 300-2T1E1-ST, 300-M-U, and 300-2T1E1-U", "Module Type": "Hardware", "Validation Date": "09/19/200211/05/200203/17/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp250.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/250", "detail_available": true, "module_name": "Access Point 300-ST, 300-M-ST, 300-2M-ST, 300-2T1E1-ST, 300-M-U, and 300-2T1E1-U", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Access Point 300 is a next-generation, high performance IP Services router optimized for service providers wishing to quickly introduce high demand managed IP services at small to medium-sized enterprise customer premises locations.", "algorithms": [ "DES", "DSA", "HMAC", "RSA", "SHA" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/249", "Certificate Number": "249", "Vendor Name": "Motorola, Inc.", "Module Name": "ASTRO Subscriber Encryption Module", "Module Type": "Hardware", "Validation Date": "09/18/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp249.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/249", "detail_available": true, "module_name": "ASTRO Subscriber Encryption Module", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Encryption modules used in Motorola Astro™ family of radios. Provides secure voice and data capabilities as well as APCO Over-the-Air- Rekeying and dvanced key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/248", "Certificate Number": "248", "Vendor Name": "Sun Microsystems, Inc.", "Module Name": "Network Security Services", "Module Type": "Software", "Validation Date": "09/04/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp248.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/248", "detail_available": true, "module_name": "Network Security Services", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled applications. The Sun Microsystems, Inc., Network Security Services (NSS) module is a library that provides a series of cryptographic services to client programs. It provides support for a FIPS 140-1 compatible subset of SSL and TLS." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/247", "Certificate Number": "247", "Vendor Name": "Sun Microsystems, Inc.", "Module Name": "Network Security Services", "Module Type": "Software", "Validation Date": "08/30/200202/04/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp247.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/247", "detail_available": true, "module_name": "Network Security Services", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled applications. The Sun Microsystems, Inc., Network Security Services (NSS) module is a library that provides a series of cryptographic services to client programs. It provides support for a FIPS 140-1 compatible subset of SSL and TLS." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/246", "Certificate Number": "246", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeEnterprise™ Link Encryptor NRZ-H (SLE NRZ-H) and SafeEnterprise™ Link Encryptor NRZ-L (SLE NRZ-L)", "Module Type": "Hardware", "Validation Date": "08/30/200207/03/200310/19/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp246.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/246", "detail_available": true, "module_name": "SafeEnterprise™ Link Encryptor NRZ-H (SLE NRZ-H) and SafeEnterprise™ Link Encryptor NRZ-L (SLE NRZ-L)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "SLEs secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 4 Mbps over public and private data networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/245", "Certificate Number": "245", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeEnterprise™ Link Encryptor RS-232 (SLE RS-232) and SafeEnterprise™ Link Encryptor-E1 75ohms (SLE-E1-75)", "Module Type": "Hardware", "Validation Date": "08/30/200207/03/200310/19/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp245.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/245", "detail_available": true, "module_name": "SafeEnterprise™ Link Encryptor RS-232 (SLE RS-232) and SafeEnterprise™ Link Encryptor-E1 75ohms (SLE-E1-75)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "SLEs secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 4 Mbps over public and private data networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/244", "Certificate Number": "244", "Vendor Name": "3S Group Incorporated", "Module Name": "Type 2 Cryptographic Support Server (T2CSS)", "Module Type": "Hardware", "Validation Date": "08/13/200201/17/200305/01/200707/28/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp244.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/244", "detail_available": true, "module_name": "Type 2 Cryptographic Support Server (T2CSS)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "T2CSS is a multiple cryptoprocessor PCI board and cryptographic server. Provides high assurance security services; secure session/virtual token management; scalable server performance (multiple boards); Government and commercial algorithms; FORTEZZA CI, PKCS #11, other APIs; and Windows NT/2000, Solaris and Linux support." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/243", "Certificate Number": "243", "Vendor Name": "Entrust, Inc.", "Module Name": "Entrust GUTS Security Kernel 6.1", "Module Type": "Software", "Validation Date": "08/15/200205/27/200305/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp243.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/243", "detail_available": true, "module_name": "Entrust GUTS Security Kernel 6.1", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Kernel is a C++ class library of cryptographic functions bound together by a common object-oriented Application Programming Interface (API). Depending on the configuration and runtime environment of the Kernel, the algorithms may be implemented in software, hardware, or a combination of both. The industry standard Cryptoki API, as described in PKCS #11, is used as the internal interface to hardware-based cryptographic tokens. Decisions are made at runtime whether to perform operations via cryptoki or in software, based on a table that records the crypto capabilities of particular hardware devices. This table is built up at runtime by querying the actual token through Cryptoki." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/242", "Certificate Number": "242", "Vendor Name": "Axalto Inc.", "Module Name": "Cryptoflex e-Gate 32K Smart Card", "Module Type": "Hardware", "Validation Date": "08/01/200208/28/200209/21/200405/16/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp242.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/242", "detail_available": true, "module_name": "Cryptoflex e-Gate 32K Smart Card", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The Cryptoflex e-Gate card is a credit-card sized computer with a crypto-processor dedicated to security. Cryptoflex e-Gate card implements security industry functions based on public key cryptography directly onto the card, therefore eliminating the risk of sending secret data across a network. Keys and certificates for a variety of applications are stored in a single secure location, isolated from computer disks, which can fail or damaged and are susceptible to security breaches ad theft. The card provides maximum security and flexibility of system integration thanks to administrative functions such as secure key loading, on-card key generation and ciphering of imported/exported data. The Cryptoflex e- gate card incorporates, apart from the conventional ISO 7816-3 interface, also the USB interface normally resident in the smart card reader. Thus, it bridges the gulf between the public terminal infrastructure (ISO 7816-3) and the PC world (USB)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/241", "Certificate Number": "241", "Vendor Name": "Microsoft Corporation", "Module Name": "Kernel Mode Cryptographic Module for Windows XP", "Module Type": "Software", "Validation Date": "08/01/200210/15/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp241.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/241", "detail_available": true, "module_name": "Kernel Mode Cryptographic Module for Windows XP", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "For services provided by the FIPS-Approved algorithms listed on the reverse", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Microsoft Kernel Mode Cryptographic Module (FIPS.SYS) is a FIPS 140-1 Level 1 compliant, general-purpose, software-based, cryptographic module residing at the Kernel Mode level of the Windows Operating System. It runs as a kernel mode export driver (a kernel-mode DLL) and encapsulates several different cryptographic algorithms in an easy-touse cryptographic module accessible by other kernel mode drivers. It can be linked into other kernel mode services to permit the use of FIPS 140-1 Level 1 compliant cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/240", "Certificate Number": "240", "Vendor Name": "Microsoft Corporation", "Module Name": "DSS/Diffie-Hellman Enhanced Cryptographic Provider for Windows XP", "Module Type": "Software", "Validation Date": "08/01/200202/25/200510/15/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp240.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/240", "detail_available": true, "module_name": "DSS/Diffie-Hellman Enhanced Cryptographic Provider for Windows XP", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "For services provided by the FIPS-Approved algorithms listed on the reverse", "module_type": "Software", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/239", "Certificate Number": "239", "Vendor Name": "Nortel Networks", "Module Name": "Contivity Extranet Switch 600", "Module Type": "Hardware", "Validation Date": "07/24/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp239.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/239", "detail_available": true, "module_name": "Contivity Extranet Switch 600", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Contivity 600 Extranet Switch provides up to 30 branch office or end user IPSEC tunnels with a flexible easy to manage and cost effective package. The Switch provides an optional PCI expansion slot and dual 10/100 LAN ports." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/238", "Certificate Number": "238", "Vendor Name": "Microsoft Corporation", "Module Name": "Microsoft Enhanced Cryptographic Provider", "Module Type": "Software", "Validation Date": "07/11/200211/18/200202/25/200510/15/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp238.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/238", "detail_available": true, "module_name": "Microsoft Enhanced Cryptographic Provider", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Microsoft Enhanced Cryptographic Provider (RSAENH) is a FIPS 140-1 Level 1 compliant, general-purpose, software-based, cryptographic module. Like other cryptographic providers that ship with Microsoft Windows XP, RSAENH encapsulates several different cryptographic algorithms (including SHA-1, DES, 3DES, AES, RSA, SHA-1-based HMAC) in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. It can be dynamically linked into applications by software developers to permit the use of general-purpose FIPS 140-1 Level 1 compliant cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/237", "Certificate Number": "237", "Vendor Name": "F-Secure Corporation", "Module Name": "F-Secure Kernel Mode Cryptographic Driver", "Module Type": "Software", "Validation Date": "07/15/200207/31/200302/09/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp237.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/237", "detail_available": true, "module_name": "F-Secure Kernel Mode Cryptographic Driver", "standard": "FIPS 140-2", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The F-Secure Kernel Mode Cryptographic Driver is a FIPS 140-2 Level 1 validated software module, implemented as a 32-bit Windows NT/2000/XP compatible export driver. When loaded into computing system memory, it resides at the kernel mode level of the Windows OS and provides an assortment of cryptographic services that are accessible by other kernel mode drivers through a C-language Application Program Interface. The cryptographic services are also available in the form of a static library and as source code." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/236", "Certificate Number": "236", "Vendor Name": "Motorola, Inc.", "Module Name": "Digital Interface Unit Crypto Module", "Module Type": "Hardware", "Validation Date": "07/11/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp236.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/236", "detail_available": true, "module_name": "Digital Interface Unit Crypto Module", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The DIU CM provides secure voice and Over-the-Air-Rekeying (OTAR) advanced key management for Motorola’s Digital Interface Unit (DIU). The DIU and DIU CM combine to provide these cryptographic services for Motorola’s APCO-25 compliant Astro ™ family of console and base station radio infrastructure equipment." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/235", "Certificate Number": "235", "Vendor Name": "AEP Networks", "Module Name": "Advanced Configurable Crypto Environment (ACCE)", "Module Type": "Hardware", "Validation Date": "07/11/200207/22/200210/04/200206/05/200304/21/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp235.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/235", "detail_available": true, "module_name": "Advanced Configurable Crypto Environment (ACCE)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 4, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The AEP Networks Advanced Configurable Crypto Environment (ACCE) provides highly-secure cryptographic services and key storage. It is used in a range of AEP Networks and OEM products including the SureWare Keyper family." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/234", "Certificate Number": "234", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "VPN-1 Gateway NG FP 1", "Module Type": "Software", "Validation Date": "06/19/200206/28/200202/09/200405/19/200411/17/200501/06/200605/02/200805/28/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp234.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/234", "detail_available": true, "module_name": "VPN-1 Gateway NG FP 1", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Check Point VPN-1 Gateway Next Generation (NG) is a tightly integrated software solution combining the FireWall-1® security suite with sophisticated VPN technologies. With Check Point’s Secure Virtual Network architecture, VPN-1 Gateway NG meets the demanding requirements of Internet, intranet, and extranet VPNs by providing secure connectivity to corporate networks, remote and mobile users, satellite offices, and key partners." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/233", "Certificate Number": "233", "Vendor Name": "Entrust, Inc.", "Module Name": "Entrust TruePass Applet Cryptographic Module", "Module Type": "Software", "Validation Date": "06/19/200206/28/200207/18/200205/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp233.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/233", "detail_available": true, "module_name": "Entrust TruePass Applet Cryptographic Module", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with FIPS validated browser services operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The module performs low level cryptographic operations – encryption, decryption and hashes – implemented in software using the high-level Java programming language. Currently, the module is imbedded into an applet as part of the TruePass product suite that allows integration of cryptographic security into web applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/232", "Certificate Number": "232", "Vendor Name": "Proofpoint Inc.", "Module Name": "Sigaba Gateway", "Module Type": "Software", "Validation Date": "06/19/200207/18/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp232.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/232", "detail_available": true, "module_name": "Sigaba Gateway", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Sigaba Gateway ensures the confidentiality, integrity and authenticity of all email sent over the Internet. Sigaba Gateway resides between an organization's email server and firewall. It encrypts outbound messages and decrypts inbound messages based on organization-defined policies. It uses a key server to retrieve a unique key to individually encrypt each outgoing message and decrypt each incoming message. The Sigaba Gateway works with any authentication mechanism." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/231", "Certificate Number": "231", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "AirFortress Wireless Security Gateway Cryptographic Module", "Module Type": "Software", "Validation Date": "06/19/200207/26/200203/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp231.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/231", "detail_available": true, "module_name": "AirFortress Wireless Security Gateway Cryptographic Module", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The AirFortress™ Wireless Security Gateway is an electronic encryption module that enforces network access rights and encrypts and decrypts communication across a WLAN. Installed by the vendor onto a production-quality hardware platform and deployable on any LAN or WAN, the AF Gateway provides encryption, data integrity checking, authentication, access control, and data compression." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/230", "Certificate Number": "230", "Vendor Name": "Motorola, Inc.", "Module Name": "KVL 3000 Plus", "Module Type": "Hardware", "Validation Date": "06/19/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp230.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/230", "detail_available": true, "module_name": "KVL 3000 Plus", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The KVL 3000 Plus is a portable key distribution device. Encryption keys can be loaded into the KVL manually through its keypad interface or transferred from a Key Management Facility through its serial interface. These keys can then be distributed to various secure communications equipment such as mobile and portable radios, base stations, zone controllers, data controllers, and other fixed network devices. The KVL also includes a PCMCIA interface for software upgrades. This version of the product supports AES in addition to other FIPS approved algorithms." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/229", "Certificate Number": "229", "Vendor Name": "Motorola, Inc.", "Module Name": "KVL 3000 Plus", "Module Type": "Hardware", "Validation Date": "06/19/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp229.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/229", "detail_available": true, "module_name": "KVL 3000 Plus", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The KVL 3000 Plus is a portable key distribution device. Encryption keys can be loaded into the KVL manually through its keypad interface or transferred from a Key Management Facility through its serial interface. These keys can then be distributed to various secure communications equipment such as mobile and portable radios, base stations, zone controllers, data controllers, and other fixed network devices. The KVL also includes a PCMCIA interface for software upgrades." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/228", "Certificate Number": "228", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nForce 400 SCSI and nForce 150 SCSI", "Module Type": "Hardware", "Validation Date": "06/05/200207/22/200201/23/200403/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp228.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/228", "detail_available": true, "module_name": "nForce 400 SCSI and nForce 150 SCSI", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nForce SSL family of secure e-commerce accelerators improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/227", "Certificate Number": "227", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nForce 300 PCI and nForce 150 PCI", "Module Type": "Hardware", "Validation Date": "06/05/200207/22/200201/23/200403/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp227.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/227", "detail_available": true, "module_name": "nForce 300 PCI and nForce 150 PCI", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nForce SSL family of secure e-commerce accelerators improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/226", "Certificate Number": "226", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nForce 300 SCSI, nForce 150 SCSI and nForce 75 SCSI", "Module Type": "Hardware", "Validation Date": "06/05/200207/22/200203/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp226.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/226", "detail_available": true, "module_name": "nForce 300 SCSI, nForce 150 SCSI and nForce 75 SCSI", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nForce SSL family of secure e-commerce accelerators improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/225", "Certificate Number": "225", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield 300 SCSI, nShield 150 SCSI and nShield 75 SCSI", "Module Type": "Hardware", "Validation Date": "06/05/200207/22/200203/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp225.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/225", "detail_available": true, "module_name": "nShield 300 SCSI, nShield 150 SCSI and nShield 75 SCSI", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nShield range of tamper resistant Hardware Security Modules improves the security of cryptographic keys and increases server throughput for digital signature and encryption applications. Supporting many commercial public key infrastructure (PKI) products such as certificate authorities and on-line validation servers, the nShield family of HSMs is also used for building custom security applications requiring secure and flexible key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/224", "Certificate Number": "224", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F2 PCI and nShield F2 Ultrasign PCI", "Module Type": "Hardware", "Validation Date": "06/05/200207/22/200201/23/200403/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp224.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/224", "detail_available": true, "module_name": "nShield F2 PCI and nShield F2 Ultrasign PCI", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/223", "Certificate Number": "223", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F2 SCSI and nShield F2 Ultrasign SCSI", "Module Type": "Hardware", "Validation Date": "06/05/200207/22/200201/23/200403/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp223.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/223", "detail_available": true, "module_name": "nShield F2 SCSI and nShield F2 Ultrasign SCSI", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/222", "Certificate Number": "222", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F3 PCI and nShield F3 Ultrasign PCI", "Module Type": "Hardware", "Validation Date": "06/05/200207/22/200201/23/200403/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp222.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/222", "detail_available": true, "module_name": "nShield F3 PCI and nShield F3 Ultrasign PCI", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nShield \"SEE Ready\" range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/221", "Certificate Number": "221", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F3 SCSI, nShield F3 Ultrasign SCSI and payShield", "Module Type": "Hardware", "Validation Date": "06/05/200207/22/200210/04/200201/23/200403/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp221.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/221", "detail_available": true, "module_name": "nShield F3 SCSI, nShield F3 Ultrasign SCSI and payShield", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nShield \"SEE Ready\" range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions. payShield meets the stringent security requirements of the online payments industry and speeds up cryptographic processing through its secure, tamper resistant hardware and dedicated cryptographic processors. In addition to generic cryptographic functions, payShield supports a number of payments specific protocols and functions which provide support for 3-D Secure, EMV and PIN processing." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/220", "Certificate Number": "220", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® XPplus", "Module Type": "Hardware", "Validation Date": "05/28/200210/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp220.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/220", "detail_available": true, "module_name": "Luna® XPplus", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Luna XPplus, Luna XL/XLR and XL/XLR Premium are cryptographic modules based on a board that is equivalent to two Luna CA3 tokens with hardware cryptographic acceleration support. The XL/XLR is configured as a Level 2 stand-alone module. The XPplus and XL/XLR Premium operate as subordinate devices in conjunction with a Luna CA3 token. Each module can support all cryptographic algorithms listed in Appendix A of the Luna XPplus, XL/XLR and XL/XLR Premium Security Policy." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/219", "Certificate Number": "219", "Vendor Name": "Oberthur Card Systems", "Module Name": "CosmopollC V4 Smart Card with ActivCard Applets", "Module Type": "Hardware", "Validation Date": "05/28/200212/12/200212/20/200202/27/200403/30/200409/23/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp219.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/219", "detail_available": true, "module_name": "CosmopollC V4 Smart Card with ActivCard Applets", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "Certificate 219a supersedes and replaces Certificate 219", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The Oberthur Card Systems CosmopolIC product is a highly secure and powerful multi-application Java Card platform for smart card. With a better management of memory (ROM and EEPROM), it offers more space for the development of e-commerce, m-commerce, payment (Debit/ Credit), network access, pay-TV, loyalty and many other applications including WAP." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/218", "Certificate Number": "218", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® XLR Premium", "Module Type": "Hardware", "Validation Date": "04/30/200210/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp218.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/218", "detail_available": true, "module_name": "Luna® XLR Premium", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Luna® XLR Premium provides high-performance hardware-based key management and cryptographic acceleration for secure web servers, e-commerce servers and Internet-based financial systems in a 1U Rack-mount form factor. Combining the Luna® XLR with the proven Luna® CA3 cryptographic token, the Luna® XLR Premium offers the ultimate security solution for SSL transaction processing, based on the key management strength of the Luna® cryptographic engine and, at the same time, offers easily scalable improvement in system performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/217", "Certificate Number": "217", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® XLR", "Module Type": "Hardware", "Validation Date": "04/30/200210/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp217.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/217", "detail_available": true, "module_name": "Luna® XLR", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Luna® XLR provides high-performance hardware-based key management and cryptographic acceleration for secure web servers, e-commerce servers and Internet-based financial systems in a 1U Rack-mount form factor. Luna® XLR offers a highly secure solution for SSL transaction processing, based on the key management strength of the Luna® cryptographic engine and, at the same time, offers easily scalable improvement in system performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/216", "Certificate Number": "216", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® XL Premium", "Module Type": "Hardware", "Validation Date": "04/30/200210/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp216.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/216", "detail_available": true, "module_name": "Luna® XL Premium", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Luna® XL Premium provides high-performance hardware-based key management and cryptographic acceleration for secure web servers, e-commerce servers and Internet-based financial systems in a desktop form factor. Combining the Luna® XL with the proven Luna® CA3 cryptographic token, the Luna® XL Premium offers the ultimate security solution for SSL transaction processing, based on the key management strength of the Luna® cryptographic engine and, at the same time, offers easily scalable improvement in system performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/215", "Certificate Number": "215", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® XL", "Module Type": "Hardware", "Validation Date": "04/30/200210/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp215.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/215", "detail_available": true, "module_name": "Luna® XL", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Luna® XL provides high-performance hardware-based key management and cryptographic acceleration for secure web servers, e-commerce servers and Internet-based financial systems. Luna® XL offers a highly secure solution for SSL transaction processing, based on the key management strength of the Luna® cryptographic engine and, at the same time, improves system performance." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/214", "Certificate Number": "214", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® CA³", "Module Type": "Hardware", "Validation Date": "04/30/200204/05/200410/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp214.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/214", "detail_available": true, "module_name": "Luna® CA³", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Luna® CA³ token securely stores data and keying material inside its cryptographic boundary. It also performs cryptographic operations on data provided by external applications using the keying material stored in the token. These abilities are defined as key management, object management, and cryptographic capability." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/213", "Certificate Number": "213", "Vendor Name": "Cryptek, Inc.", "Module Name": "DiamondPak", "Module Type": "Hardware", "Validation Date": "04/16/200204/16/200208/08/200202/25/200304/08/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp213.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/213", "detail_available": true, "module_name": "DiamondPak", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "DiamondPak™ is a rack-mounted network appliance for protecting multiple servers with each server protected by a dedicated self-protecting DiamondTEK™ security computer enforcing a single security profile." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/212", "Certificate Number": "212", "Vendor Name": "Gemplus Corp. and ActivCard Inc.", "Module Name": "Gemplus GemXpresso Pro E64 PK - FIPS ICC with ActivCard Applet Suite", "Module Type": "Hardware", "Validation Date": "04/10/200207/26/200207/15/200310/30/200301/19/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp212.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/212", "detail_available": true, "module_name": "Gemplus GemXpresso Pro E64 PK - FIPS ICC with ActivCard Applet Suite", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The “GemXpresso Pro E64 PK – FIPS ICC with ActivCard Applet Suite” is based on a Gemplus Open OS Smart Card with 64K of EEPROM, and on platform-independent cryptographic applets developed by ActivCard. The card and applets provide authentication and digital signature cryptographic services to end-users." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/211", "Certificate Number": "211", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "VPN 3002-8E and VPN 3002 Hardware Client", "Module Type": "Hardware", "Validation Date": "03/26/200204/05/200206/10/200201/10/200305/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp211.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/211", "detail_available": true, "module_name": "VPN 3002-8E and VPN 3002 Hardware Client", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco VPN 3002-8E Hardware Client is a small hardware appliance that operates as a client in Virtual Private Networking (VPN) environments. It combines the best features of a software client, including scalability and easy deployment, with the stability and independence of a hardware platform." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/210", "Certificate Number": "210", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "VPN 3000 Concentrator Series", "Module Type": "Hardware", "Validation Date": "03/26/200201/10/200305/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp210.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/210", "detail_available": true, "module_name": "VPN 3000 Concentrator Series", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco VPN 3000 Concentrator Series is a family of purpose-built, remote access Virtual Private Network (VPN) platforms and client software that incorporates high availability, high performance and scalability with the most advanced encryption and authentication techniques available today." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/209", "Certificate Number": "209", "Vendor Name": "WinMagic Incorporated", "Module Name": "SecureDoc® Cryptographic Engine", "Module Type": "Software", "Validation Date": "03/26/200204/04/200205/08/200207/02/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp209.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/209", "detail_available": true, "module_name": "SecureDoc® Cryptographic Engine", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "SecureDoc® Cryptographic kernel used in all of WinMagic’s SecureDoc® cryptographic products including the Disk Encryption application and the Central Database administration facility." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/208", "Certificate Number": "208", "Vendor Name": "Check Point Software Technologies Ltd.", "Module Name": "Pointsec 4.1", "Module Type": "Software", "Validation Date": "03/21/200203/28/200206/18/200304/29/200805/28/2009", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp208.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/208", "detail_available": true, "module_name": "Pointsec 4.1", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Pointsec version 4.1 employs hard disk encryption to guarantee that no users can access or manipulate information on an encrypted device, either from available files, erased files, or temporary files. Pointsec version 4.1 safeguards the operating system and the important system files (which often contain clues to passwords for Windows), shared devices, and the network." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/207", "Certificate Number": "207", "Vendor Name": "Motorola, Inc.", "Module Name": "Key Management Facility Crypto Card (KMF CC)", "Module Type": "Hardware", "Validation Date": "03/01/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp207.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/207", "detail_available": true, "module_name": "Key Management Facility Crypto Card (KMF CC)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The KMF CC provides encryption and decryption services for secure key management and Over-the-Air-Rekeying (OTAR) for Motorola’s Key Management Facility (KMF). The KMF and KMF CC combine to provide these cryptographic services for Motorola’s APCO-25 compliant Astro ™ radio systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/206", "Certificate Number": "206", "Vendor Name": "Axalto Inc.", "Module Name": "Cryptoflex 8K Smart Card", "Module Type": "Hardware", "Validation Date": "02/27/200209/21/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp206.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/206", "detail_available": true, "module_name": "Cryptoflex 8K Smart Card", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Cryptoflex is a credit-card sized computer with a crypto-processor dedicated to security. Cryptoflex implements security industry functions based on public key cryptography directly onto the card, therefore eliminating the risk of sending secret data across a network. Keys and certificates for a variety of applications are stored in a single secure location, isolated from computer disks, which can fail or damaged and are susceptible to security breaches ad theft." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/205", "Certificate Number": "205", "Vendor Name": "SafeNet, Inc.", "Module Name": "Cylink ATM Encryptor", "Module Type": "Hardware", "Validation Date": "01/31/200202/01/200206/17/200212/04/200310/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp205.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/205", "detail_available": true, "module_name": "Cylink ATM Encryptor", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cylink ATM Encryptor provides data privacy and access control for connections between vulnerable public and private ATM networks. It employs FIPS approved DES or Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in T1, E1, T3, E3, OC3c and OC12c networks. The Cylink ATM Encryptor can be centrally controlled or managed across multiple remote stations using Cylink's PrivaCy Manager®, an SNMP-based security management system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/204", "Certificate Number": "204", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeEnterprise™ Frame Encryptor II (SFE II)", "Module Type": "Hardware", "Validation Date": "01/31/200204/11/200207/18/200212/17/200212/27/200207/03/200310/19/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp204.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/204", "detail_available": true, "module_name": "SafeEnterprise™ Frame Encryptor II (SFE II)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SFE protects information flowing between nodes or sites of a frame relay network. It can be con-figured to either allow or disallow information flow between two frame relay nodes. Furthermore, the information flow can be either protected through encryption or passed without encryption. The SFE II supports Full-Duplex throughput of up to 4 Mbps and 1022 active secure connections." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/203", "Certificate Number": "203", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeEnterprise™ Frame Encryptor-L (SFE-L) and SafeEnterprise™ Frame Encryptor-H (SFE-H)", "Module Type": "Hardware", "Validation Date": "01/31/200204/11/200207/18/200207/03/200310/19/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp203.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/203", "detail_available": true, "module_name": "SafeEnterprise™ Frame Encryptor-L (SFE-L) and SafeEnterprise™ Frame Encryptor-H (SFE-H)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SFE protects information flowing between nodes or sites of a frame relay network. It can be configured to either allow or disallow information flow between two frame relay nodes. Furthermore, the information flow can be either protected through encryption or passed without encryption. The SFE-L supports Full-Duplex throughput of 256 Kbps traffic and 32 active secure connections.The SFE-H supports Full-Duplex throughput of 8 Mbps and 1022 active secure connections." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/202", "Certificate Number": "202", "Vendor Name": "PrivyLink Pte Ltd.", "Module Name": "TrustField™ Cryptographic Key Server, CKS Model 2000-J", "Module Type": "Hardware", "Validation Date": "01/25/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp202.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/202", "detail_available": true, "module_name": "TrustField™ Cryptographic Key Server, CKS Model 2000-J", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "TrustField™ Cryptographic Key Server (CKS) is a hardware security solution that offers a tamper-resistant environment for highly sensitive e-commerce transaction processing. It adds hardware-based security functionality to Internet, Intranet, Extranet, and enterprise applications such as Banking, e-Banking, Public Key Management for e-Commerce, and Secure e-Transaction." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/201", "Certificate Number": "201", "Vendor Name": "Neopost Online, Inc.", "Module Name": "PROmail II(Simply Postage III)", "Module Type": "Hardware", "Validation Date": "01/25/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp201.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/201", "detail_available": true, "module_name": "PROmail II (Simply Postage III)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Promail II is an electronic device developed by Neopost Online that stores revenue and dispenses it to a host computer, such as a PC compatible, under control and direction of a Neopost Online customer. The Promail II attaches to and communicates with the host computer via either a serial or USB interface. The revenue is dispensed from the Promail II in the form of a digitally signed indicium, a unique bit pattern that can be determined to have originated from a particular device at a particular point in time." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/200", "Certificate Number": "200", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeEnterprise™ Frame Encryptor-High Speed Serial Interface (SFE HSSI)", "Module Type": "Hardware", "Validation Date": "12/18/200104/11/200205/15/200207/18/200207/03/200310/19/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp200.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/200", "detail_available": true, "module_name": "SafeEnterprise™ Frame Encryptor-High Speed Serial Interface (SFE HSSI)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SFE-HSSI protects information flowing between nodes or sites of a frame relay network. It can be con-figured to either allow or disallow information flow between two frame relay nodes. Furthermore, the information flow can be either protected through encryption or passed without encryption. The SFE-HSSI support full-duplex traffic throughput of between 56-256 kbps for 32-1022 secure connections. The SFE will achieve this throughput for the smaller frames as well (64 byte frames is a target)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/199", "Certificate Number": "199", "Vendor Name": "F-Secure Corporation", "Module Name": "F-Secure Cryptographic Service Provider DLL", "Module Type": "Software", "Validation Date": "12/18/200107/31/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp199.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/199", "detail_available": true, "module_name": "F-Secure Cryptographic Service Provider DLL", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode and using FIPS Approved algorithms and processes as listed", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The F-Secure Cryptographic Service Provider is a FIPS 140-1 Level 1 compliant software module, implemented as a 32-bit Windows™ NT compatible DLL, which provides a variety of cryptographic services and can be dynamically linked into applications by software developers to get access to general-purpose cryptographic functionality." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/198", "Certificate Number": "198", "Vendor Name": "Mailroom Technology, Inc.", "Module Name": "SAFE CV 411, SAFE CV 412 and SAFE CV 413", "Module Type": "Hardware", "Validation Date": "12/14/200106/21/200209/01/200604/26/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp198.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/198", "detail_available": true, "module_name": "SAFE CV 411, SAFE CV 412 and SAFE CV 413", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "SAFE CV provides the physical and logical resources necessary to function as a United States Postal Service (USPS), Information-Based Indicia Program (IBIP), Postal Security Device (PSD). It is used for securely managing and dispensing money via encryption and digital signature techniques and protects the interests of user, service provider and recipient. The device is ideally suited to both embedded and PC based applications requiring high-speed cryptographic functions. Additionally, this device has been approved for export for use in markets throughout the world." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/197", "Certificate Number": "197", "Vendor Name": "CTAM, Inc.", "Module Name": "CypherCell ATM Encryptor", "Module Type": "Hardware", "Validation Date": "12/14/2001", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp197.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/197", "detail_available": true, "module_name": "CypherCell ATM Encryptor", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "CypherCell is a hardware encryption product for Asynchronous Transfer Mode (ATM) networks. It supports multiple speeds with AC or DC Power" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/196", "Certificate Number": "196", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "2621 Modular Access Router with Crypto Accelerator Card2651 Modular Access Router with Crypto Accelerator Card", "Module Type": "Hardware", "Validation Date": "12/12/200101/10/200305/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp196.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/196", "detail_available": true, "module_name": "2621 Modular Access Router with Crypto Accelerator Card 2651 Modular Access Router with Crypto Accelerator Card", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Modular Access Router is a router that provides data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/195", "Certificate Number": "195", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeEnterprise™ Link Encryptor-T3 (SLE-T3)", "Module Type": "Hardware", "Validation Date": "12/12/200105/23/200207/18/200207/03/200310/19/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp195.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/195", "detail_available": true, "module_name": "SafeEnterprise™ Link Encryptor-T3 (SLE-T3)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SLE-T3 secures public and private DS3/T3 data links at 44.7 MHz, encrypting data at the full data rate, and meeting the T3 industry standard. Both C-Bit and M13 framing are supported." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/194", "Certificate Number": "194", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "2621 Modular Access Router2651 Modular Access Router", "Module Type": "Hardware", "Validation Date": "12/12/200101/10/200305/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp194.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/194", "detail_available": true, "module_name": "2621 Modular Access Router 2651 Modular Access Router", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Modular Access Router is a router that provides data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/193", "Certificate Number": "193", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "7206 VXR Router with ISA Accelerator Card", "Module Type": "Hardware", "Validation Date": "12/12/200101/10/200305/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp193.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/193", "detail_available": true, "module_name": "7206 VXR Router with ISA Accelerator Card", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Secure Integrated VPN is a router that provides data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/192", "Certificate Number": "192", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "7206 VXR Router", "Module Type": "Hardware", "Validation Date": "12/12/200101/10/200305/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp192.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/192", "detail_available": true, "module_name": "7206 VXR Router", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Secure Integrated VPN is a router that provides data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/191", "Certificate Number": "191", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "7140 VPN Router with ISM Accelerator Card7140 VPN Router with Dual ISA and ISM Accelerator Cards", "Module Type": "Hardware", "Validation Date": "12/12/200102/25/200201/10/200305/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp191.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/191", "detail_available": true, "module_name": "7140 VPN Router with ISM Accelerator Card 7140 VPN Router with Dual ISA and ISM Accelerator Cards", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Secure Integrated VPN is a router that provides data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/190", "Certificate Number": "190", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "7140 VPN Router", "Module Type": "Hardware", "Validation Date": "12/12/200101/10/200305/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp190.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/190", "detail_available": true, "module_name": "7140 VPN Router", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Secure Integrated VPN is a router that provides data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/189", "Certificate Number": "189", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "3640 VPN Router with Crypto Accelerator Card3660 VPN Router with Crypto Accelerator Card", "Module Type": "Hardware", "Validation Date": "12/12/200101/10/200305/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp189.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/189", "detail_available": true, "module_name": "3640 VPN Router with Crypto Accelerator Card 3660 VPN Router with Crypto Accelerator Card", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Secure Integrated VPN is a router that provides data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/188", "Certificate Number": "188", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "3640 Modular Access Router3660 Modular Access Router", "Module Type": "Hardware", "Validation Date": "12/12/200101/10/200305/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp188.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/188", "detail_available": true, "module_name": "3640 Modular Access Router 3660 Modular Access Router", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco Modular Access Router is a router that provides data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/187", "Certificate Number": "187", "Vendor Name": "Cryptek, Inc.", "Module Name": "DiamondLINK 10/100", "Module Type": "Hardware", "Validation Date": "11/27/200112/12/200102/15/200204/16/200208/08/200202/25/200304/08/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp187.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/187", "detail_available": true, "module_name": "DiamondLINK 10/100", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "DiamondLink provides a cost-effective and flexible end-to-end network security solution for the LAN, WAN, or Internet. It not only provides a high level of trust and data separation through the established end-to-end sessions, it additionally provides added levels of security by bringing firewall filtering functionality to the desktop. This module provides strong I&A with user selectable/dynamically downloaded security policies to the desktop." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/186", "Certificate Number": "186", "Vendor Name": "Corsec Security, Inc.", "Module Name": "CryptoFramework", "Module Type": "Software", "Validation Date": "11/27/200106/10/200209/06/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp186.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/186", "detail_available": true, "module_name": "CryptoFramework", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/185", "Certificate Number": "185", "Vendor Name": "Nortel Networks", "Module Name": "Contivity Extranet Switch 4600", "Module Type": "Hardware", "Validation Date": "11/27/200112/06/2001", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp185.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/185", "detail_available": true, "module_name": "Contivity Extranet Switch 4600", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Contivity 4600 Extranet Switch provides up to 5000 branch office or end user IPSEC tunnels with a flexible easy to manage and cost effective package. The Switch provides 5 PCI expansion slots and dual 10/100 LAN ports, dual redundant power supplies and storage." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/184", "Certificate Number": "184", "Vendor Name": "Algorithmic Research Ltd.", "Module Name": "PrivateServer 3.0 and PrivateServer 3.1", "Module Type": "Hardware", "Validation Date": "11/27/200112/13/200202/10/200307/15/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp184.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/184", "detail_available": true, "module_name": "PrivateServer 3.0 and PrivateServer 3.1", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The PrivateServer is a high-performance cryptographic service provider. Contained within a secure, tamper-responsive steel case, the PrivateServer performs high-speed cryptographic operations while protecting sensitive data. Its features include strong cryptography using DES, triple-DES, and SHA-1, public key database and certificate support, authenticated and encrypted communication with the module, secure storage of secret/private keys, software key medium and smartcard support, tamper-responsive enclosure, high level API requiring no cryptographic expertise, in-depth logging and auditing, and secure backup capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/183", "Certificate Number": "183", "Vendor Name": "Motorola, Inc.", "Module Name": "ASTRO Subscriber Universal Crypto Module", "Module Type": "Hardware", "Validation Date": "11/19/200102/07/200210/04/200210/21/200201/06/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp183.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/183", "detail_available": true, "module_name": "ASTRO Subscriber Universal Crypto Module", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Encryption modules used in Motorola Astro™ family of radios. Provides secure voice and data capabilities as well as APCO Over-the-Air-Rekeying and advanced key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/182", "Certificate Number": "182", "Vendor Name": "Hasler, Inc.", "Module Name": "SAFE CV 401", "Module Type": "Hardware", "Validation Date": "11/09/200106/21/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp182.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/182", "detail_available": true, "module_name": "SAFE CV 401", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "SAFE CV provides the physical and logical resources necessary to function as a United States Postal Service (USPS), Information-Based Indicia Program (IBIP), Postal Security Device (PSD). It is used for securely managing and dispensing money via encryption and digital signature techniques and protects the interests of user, service provider and recipient. The device is ideally suited to both embedded and PC based applications requiring high-speed cryptographic functions. Additionally, this device has been approved for export for use in markets throughout the world." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/181", "Certificate Number": "181", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nForce 150 PCI and nForce 300 PCI", "Module Type": "Hardware", "Validation Date": "11/09/200101/23/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp181.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/181", "detail_available": true, "module_name": "nForce 150 PCI and nForce 300 PCI", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher nForce SSL family of secure e-commerce accelerators improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging including X.400/EDI." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/180", "Certificate Number": "180", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F3 SCSI and nShield F3 Ultrasign SCSI", "Module Type": "Hardware", "Validation Date": "11/09/200101/23/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp180.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/180", "detail_available": true, "module_name": "nShield F3 SCSI and nShield F3 Ultrasign SCSI", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nShield \"SEE Ready\" range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/179", "Certificate Number": "179", "Vendor Name": "Nortel Networks", "Module Name": "Contivity Extranet Switch 2600", "Module Type": "Hardware", "Validation Date": "10/30/200112/06/2001", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp179.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/179", "detail_available": true, "module_name": "Contivity Extranet Switch 2600", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Contivity 2600 Extranet Switch provides up to 1000 branch office or end user IPSEC tunnels with a flexible easy to manage and cost effective package. The Switch provides 3 PCI expansion slots and dual 10/100 LAN ports." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/178", "Certificate Number": "178", "Vendor Name": "Nortel Networks", "Module Name": "Contivity Extranet Switch 1600", "Module Type": "Hardware", "Validation Date": "10/30/200112/06/2001", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp178.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/178", "detail_available": true, "module_name": "Contivity Extranet Switch 1600", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Contivity 1600 Extranet Switch provides up to 200 branch office or end user IPSEC tunnels with a flexible easy to manage and cost effective package. The Switch provides a PCI expansion slot and dual 10/100 LAN ports." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/177", "Certificate Number": "177", "Vendor Name": "Entrust, Inc.", "Module Name": "Entrust TruePass Applet Cryptographic Module", "Module Type": "Software", "Validation Date": "10/30/200111/15/200106/28/200207/18/200205/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp177.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/177", "detail_available": true, "module_name": "Entrust TruePass Applet Cryptographic Module", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode with FIPS validated browser services operating in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The module performs low level cryptographic operations – encryption, decryption and hashes – implemented in software using the high-level Java programming language. Currently, the module is imbedded into an applet as part of the TruePass product suite that allows integration of cryptographic security into web applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/176", "Certificate Number": "176", "Vendor Name": "Entrust, Inc.", "Module Name": "Entrust Cryptographic Kernel v6.0", "Module Type": "Software", "Validation Date": "10/30/200105/09/200207/18/200205/27/200305/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp176.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/176", "detail_available": true, "module_name": "Entrust Cryptographic Kernel v6.0", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This module is used in the Entrust® family of products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/175", "Certificate Number": "175", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F2 PCI and nShield F2 Ultrasign PCI", "Module Type": "Hardware", "Validation Date": "10/11/200101/23/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp175.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/175", "detail_available": true, "module_name": "nShield F2 PCI and nShield F2 Ultrasign PCI", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/174", "Certificate Number": "174", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F3 PCI and nShield F3 Ultrasign PCI", "Module Type": "Hardware", "Validation Date": "10/11/200101/23/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp174.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/174", "detail_available": true, "module_name": "nShield F3 PCI and nShield F3 Ultrasign PCI", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The nCipher nShield \"SEE Ready\" range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/173", "Certificate Number": "173", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna® XP plus", "Module Type": "Hardware", "Validation Date": "10/11/200110/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp173.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/173", "detail_available": true, "module_name": "Luna® XP plus", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Luna® XPplus offers hardware-accelerated signing, secure key management, and signature validation for high volume transaction applications such as transaction coordinators and OCSP (Online Certificate Status Protocol) responders. Luna® XPplus is a scalable, hardware security module for high-performance digital signing of e-business transactions in a FIPS 140-1 level 3-validated solution. The product operates in conjunction with Luna® CA³ root key protection systems leveraging ultimate private key integrity for high-volume digital signing applications. Luna® XPplus signing devices allow you to add signature processing throughput as needed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/172", "Certificate Number": "172", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F2 SCSI and nShield F2 Ultrasign SCSI", "Module Type": "Hardware", "Validation Date": "10/15/200101/23/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp172.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/172", "detail_available": true, "module_name": "nShield F2 SCSI and nShield F2 Ultrasign SCSI", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/171", "Certificate Number": "171", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nForce 150 SCSI and nForce 400 SCSI", "Module Type": "Hardware", "Validation Date": "10/15/200101/23/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp171.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/171", "detail_available": true, "module_name": "nForce 150 SCSI and nForce 400 SCSI", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nForce SSL family of secure e-commerce accelerators improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging including X.400/EDI." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/170", "Certificate Number": "170", "Vendor Name": "NetScreen Technologies, Inc.", "Module Name": "NetScreen 5XP", "Module Type": "Hardware", "Validation Date": "09/27/200102/13/200306/03/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp170.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/170", "detail_available": true, "module_name": "NetScreen 5XP", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The NetScreen-5XP is a purpose-built Internet security appliance that delivers firewall, VPN and traffic shaping that offers a complete security solution for telecommuters, small-sized companies and branch offices. Featuring two 10Base-T Ethernet ports (trust and untrust), the NetScreen-5XP performs at near wire-speed, protecting the LAN from attack and providing IPSEC based VPN capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/169", "Certificate Number": "169", "Vendor Name": "NetScreen Technologies, Inc.", "Module Name": "NetScreen 500", "Module Type": "Hardware", "Validation Date": "09/27/200102/13/200306/03/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp169.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/169", "detail_available": true, "module_name": "NetScreen 500", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The NetScreen-500 is a purpose-built security system integrating stateful inspection firewall, VPN, and traffic management together in a compact system that only requires 2U of rack space. Designed for high performance, redundancy, manageability, and multiple security domains, the NetScreen-500 implements a modular design, it offers many of the compelling functionality of an appliance. In addition, there are redundant dedicated high availability ports, dedicated management port, 4 traffic module bays, and a programmable LCD." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/168", "Certificate Number": "168", "Vendor Name": "SafeNet, Inc.", "Module Name": "LUNA® RA Secure Key Issuance HSM token", "Module Type": "Hardware", "Validation Date": "09/25/200110/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp168.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/168", "detail_available": true, "module_name": "LUNA® RA Secure Key Issuance HSM token", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Chrysalis-ITS® LUNA RA Secure Issuance HSM token is a hardware-based, multiple-chip standalone module which is a delta production of the Chrysalis-ITS® LUNA 2 token (certificate #56, dated 08/08/1999). Like the LUNA 2, the LUNA RA is in the form of a PC card “token” based on the PCMCIA standard. The LUNA RA token offers secure key distribution, fast key generation and secure key backup functionality to increase security and reduce operational overhead. The Luna RA token is integral to the secure issuance of keys to smart cards, cable modems, mobile phones and other PKI-enabled devices." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/167", "Certificate Number": "167", "Vendor Name": "SPYRUS, Inc.", "Module Name": "Rosetta Smart Card", "Module Type": "Hardware", "Validation Date": "09/25/200101/01/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp167.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/167", "detail_available": true, "module_name": "Rosetta Smart Card", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and using FIPS Approved algorithms and processes as listed", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SPYRUS Rosetta Smart Card is an ISO 7816 compliant public key smart card based upon the SPYCOS card operating system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/166", "Certificate Number": "166", "Vendor Name": "SPYRUS, Inc.", "Module Name": "Rosetta USB", "Module Type": "Hardware", "Validation Date": "09/10/200101/01/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp166.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/166", "detail_available": true, "module_name": "Rosetta USB", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode and using FIPS Approved algorithms and processes as listed", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Rosetta USB is a low cost cryptographic token ideal for public key operations, key generation, and certificate storage. USB compatibility means simple “plug and play” ease of use. Rosetta USB provides user authentication, digital signatures, and data privacy all in a familiar key-shaped token. With both commercial and government cryptographic algorithms, Rosetta USB supports messaging and authentication requirements at a lower cost of deployment than smart cards or PC cards. Combined with the Rosetta Executive Suite software, Rosetta USB seamlessly plugs into e-mail, browsing, and data security applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/165", "Certificate Number": "165", "Vendor Name": "Axalto Inc.", "Module Name": "SchlumbergerSema Cyberflex Access 32K with ActivCard Applets", "Module Type": "Hardware", "Validation Date": "09/10/200111/02/200102/25/200205/09/200309/21/200405/25/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp165.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/165", "detail_available": true, "module_name": "SchlumbergerSema Cyberflex Access 32K with ActivCard Applets", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Cyberflex Access 32K with Applets, which incorporates PKI (public key infrastructure) and digital signature technology, serve as highly portable, secure tokens for enhancing the security of network access and ensuring secure electronic communications. Cyberflex Access 32K with Applets has on board Triple DES and RSA algorithms and can provide on board key generation. It is compliant to Java Card V2.1.1 and Open Platform V2.0.1. The Cyberflex Access 32K with Applets smart card is part of a range of highly secure, Java-based smart cards for physical and logical access, e-transactions and other applications. The ActivCard applets add to the smart card platform the following services: cardholder authentication, digital signature, and secure data storage. The external interface provided by the applets is compliant with the smart card interoperability specification defined by the GSA." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/164", "Certificate Number": "164", "Vendor Name": "Kasten Chase Applied Research, Ltd.", "Module Name": "RASP Secure Modem", "Module Type": "Hardware", "Validation Date": "08/23/200108/01/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp164.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/164", "detail_available": true, "module_name": "RASP Secure Modem", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/163", "Certificate Number": "163", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "RSA BSAFE® Crypto-C", "Module Type": "Software", "Validation Date": "08/15/200108/27/200101/04/200810/16/200809/07/201003/28/201101/24/201302/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp163.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/163", "detail_available": true, "module_name": "RSA BSAFE® Crypto-C", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The RSA BSAFE® Crypto-C Module version 5.2.1 is a software development kit that allows software and hardware developers to incorporate encryption technologies directly into their products. It provides a variety of cryptographic services to calling applications that are documented in RSA’s RSA BSAFE® Crypto-C Security Components for C Library Reference Manual. RSA BSAFE® Crypto-C is a C-language API available as a static library, a dynamic library and as source code." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/162", "Certificate Number": "162", "Vendor Name": "SafeNet, Inc.", "Module Name": "CryptoSwift HSM", "Module Type": "Hardware", "Validation Date": "08/15/200108/27/200111/19/200210/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp162.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/162", "detail_available": true, "module_name": "CryptoSwift HSM", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The CryptoSwift HSM is for high-assurance applications requiring a high degree of physical security as well as optimal cryptographic processing performance. With its tamper active design, the evasive measures of the CryptoSwift HSM defeat physical attacks through detection and response to ensure the integrity and confidentiality of keying information. The key management features allow operators to backup or clone keys securely and easily. In addition, strong two-factor authentication is provided for Security Officers and Operators with the CryptoSwift HSM's trusted channel, a USB port with Rainbow Technologies iKey authentication solution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/161", "Certificate Number": "161", "Vendor Name": "SafeNet, Inc.", "Module Name": "iKey 2032", "Module Type": "Hardware", "Validation Date": "08/03/200109/21/200410/18/200401/11/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp161.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/161", "detail_available": true, "module_name": "iKey 2032", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The iKey 2032 is a powerful and portable two-factor authentication USB device suited for applications demanding high security. The iKey 2032 specifically supports Public Key Infrastructure (PKI) needs by providing on-board cryptographic key generation; secure storage of key pairs and X.509 digital certificates; and performing digital signature signing operations on-board." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/160", "Certificate Number": "160", "Vendor Name": "Eracom Technologies Group, Eracom Technologies Australia, Pty. Ltd.", "Module Name": "CSA8000 Cryptographic Adapter", "Module Type": "Hardware", "Validation Date": "07/27/200110/18/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp160.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/160", "detail_available": true, "module_name": "CSA8000 Cryptographic Adapter", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Eracom CSA8000 Cryptographic Adapter is an intelligent PCI adapter card that provides a wide range of cryptographic functions with dedicated DES/3DES and RSA hardware accelerators. The module implements the PKCS#11 cryptographic API and provides a comprehensive compliance to the PKCS#11 standard as well as vendor specific extensions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/159", "Certificate Number": "159", "Vendor Name": "Avaya, Inc.", "Module Name": "VSU-5000 and VSU-7500", "Module Type": "Hardware", "Validation Date": "07/27/200108/02/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp159.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/159", "detail_available": true, "module_name": "VSU-5000 and VSU-7500", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The VSU™ series of VPN gateways provide high performance ICSA certified IPSec VPN and firewall services for networks of all sizes and complexity. All VSU models are tamper evident network security appliances that cost effectively provide secure authenticated communications over public IP networks, and protect private enterprise networks from attack or intrusion." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/158", "Certificate Number": "158", "Vendor Name": "Avaya, Inc.", "Module Name": "VSU-100/VSU-100R and VSU-2000", "Module Type": "Hardware", "Validation Date": "07/27/200108/02/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp158.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/158", "detail_available": true, "module_name": "VSU-100/VSU-100R and VSU-2000", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The VSU™ series of VPN gateways provide high performance ICSA certified IPSec VPN and firewall services for networks of all sizes and complexity. All VSU models are tamper evident network security appliances that cost effectively provide secure authenticated communications over public IP networks, and protect private enterprise networks from attack or intrusion." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/157", "Certificate Number": "157", "Vendor Name": "SPYRUS, Inc.", "Module Name": "Rosetta USB", "Module Type": "Hardware", "Validation Date": "07/17/200101/01/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp157.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/157", "detail_available": true, "module_name": "Rosetta USB", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and using FIPS Approved algorithms and processes as listed", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Rosetta USB is a low cost cryptographic token ideal for public key operations, key generation, and certificate storage. USB compatibility means simple \"plug and play\" ease of use. Rosetta USB provides user authentication, digital signatures, and data privacy all in a familiar key-shaped token. With both commercial and government cryptographic algorithms, Rosetta USB supports messaging and authentication requirements at a lower cost of deployment than smart cards or PC cards. Combined with the Rosetta Executive Suite software, Rosetta USB seamlessly plugs into e-mail, browsing, and data security applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/156", "Certificate Number": "156", "Vendor Name": "Hasler, Inc.", "Module Name": "SAFE CV Lite", "Module Type": "Hardware", "Validation Date": "07/12/200106/21/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp156.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/156", "detail_available": true, "module_name": "SAFE CV Lite", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The SAFE device is dsigned as a single electronic circuit board. The primary objective of the SAFE device is to protect funds and to apply respective access rules." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/155", "Certificate Number": "155", "Vendor Name": "AEP Networks", "Module Name": "Advanced Configurable Crypto Environment (ACCE) - L3 SV and BE", "Module Type": "Hardware", "Validation Date": "07/05/200107/18/200107/22/200210/04/200204/21/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp155.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/155", "detail_available": true, "module_name": "Advanced Configurable Crypto Environment (ACCE) - L3 SV and BE", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The ACCE provides highly-secure cryptographic services and key storage. It is used in a range of AEP Networks and OEM products including the SureWare Keyper family." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/154", "Certificate Number": "154", "Vendor Name": "Blue Ridge Networks", "Module Name": "BorderGuard 3000", "Module Type": "Hardware", "Validation Date": "06/21/2001", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp154.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/154", "detail_available": true, "module_name": "BorderGuard 3000", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "A network security appliance for the construction of secure Virtual Private Networks between Internet sites, and between Internet sites and individual remote users." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/153", "Certificate Number": "153", "Vendor Name": "NetScreen Technologies, Inc.", "Module Name": "NetScreen-100", "Module Type": "Hardware", "Validation Date": "06/15/200102/13/200306/03/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp153.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/153", "detail_available": true, "module_name": "NetScreen-100", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The NetScreen-100 is a purpose-built Internet security appliance that delivers firewall, VPN and traffic shaping that is optimized for the most demanding environments such as high traffic sites." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/152", "Certificate Number": "152", "Vendor Name": "Tumbleweed Communications Corp.", "Module Name": "MMS Security Kernel", "Module Type": "Software", "Validation Date": "06/13/2001", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp152.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/152", "detail_available": true, "module_name": "MMS Security Kernel", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Tumbleweed Messaging Management System (MMS) is a suite of software products designed to allow organizations to apply content filtering and secure messaging policies on e-mail and Web traffic. All portions of the MMS use a shared set of cryptographic functionality called the MMS Security Kernel. The MMS Security Kernel exposes cryptographic application programming interface (API) calls to the other portions of the MMS." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/151", "Certificate Number": "151", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeEnterprise™ Link Encryptor-High Speed Serial Interface (SLE-HSSI)", "Module Type": "Hardware", "Validation Date": "06/04/200107/18/200207/03/200310/19/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp151.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/151", "detail_available": true, "module_name": "SafeEnterprise™ Link Encryptor-High Speed Serial Interface (SLE-HSSI)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SLE-HSSI secures data over high speed synchronous data links up to 52MHz, encrypting data at the full data rate, and meeting the HSSI industry standard. It contains the cryptographic module, which is the case containing all electronics, excluding the battery & its holder." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/150", "Certificate Number": "150", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F3 SCSI and nShield F3 Ultrasign SCSI", "Module Type": "Hardware", "Validation Date": "05/23/200101/23/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp150.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/150", "detail_available": true, "module_name": "nShield F3 SCSI and nShield F3 Ultrasign SCSI", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nShield \"SEE Ready\" range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/149", "Certificate Number": "149", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nForce 150 PCI and nForce 300 PCI", "Module Type": "Hardware", "Validation Date": "05/23/2001", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp149.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/149", "detail_available": true, "module_name": "nForce 150 PCI and nForce 300 PCI", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nForce SSL family of secure e-commerce accelerators improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging including X.400/EDI" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/148", "Certificate Number": "148", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield F2 SCSI and nShield F2 Ultrasign SCSI", "Module Type": "Hardware", "Validation Date": "05/23/200109/14/200101/23/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp148.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/148", "detail_available": true, "module_name": "nShield F2 SCSI and nShield F2 Ultrasign SCSI", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/147", "Certificate Number": "147", "Vendor Name": "Attachmate Corporation", "Module Name": "CryptoConnect ES", "Module Type": "Software", "Validation Date": "05/14/2001", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp147.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/147", "detail_available": true, "module_name": "CryptoConnect ES", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "For services provided by the FIPS-Approved algorithms listed.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "CryptoConnect ES is an encryption option that provides encryption of all TCP data between sessions in Attachmate's Extra! Personal Client (TN3270, TN5250 or Telnet) and their respective host systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/146", "Certificate Number": "146", "Vendor Name": "AEP Networks", "Module Name": "Advanced Configurable Crypto Environment (ACCE) SV and BE", "Module Type": "Hardware", "Validation Date": "04/23/200107/18/200107/22/200210/04/200204/21/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp146.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/146", "detail_available": true, "module_name": "Advanced Configurable Crypto Environment (ACCE) SV and BE", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 4, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The ACCE provides highly-secure cryptographic services and key storage. It is used in a range of AEP Networks and OEM products including the SureWare Keyper family." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/145", "Certificate Number": "145", "Vendor Name": "SafeNet, Inc.", "Module Name": "NetHawk VPN", "Module Type": "Hardware", "Validation Date": "04/23/200107/18/200210/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp145.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/145", "detail_available": true, "module_name": "NetHawk VPN", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cylink NetHawk is a hardware-based, multiple-chip standalone Virtual Private Network (VPN) device that provides authenticated, encrypted network communications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/144", "Certificate Number": "144", "Vendor Name": "SPYRUS, Inc.", "Module Name": "Rosetta USB", "Module Type": "Hardware", "Validation Date": "04/16/200107/03/200101/01/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp144.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/144", "detail_available": true, "module_name": "Rosetta USB", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and using FIPS Approved algorithms and processes as listed", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Rosetta USB is a low cost cryptographic token ideal for public key operations, key generation, and certificate storage. USB compatibility means simple \"plug and play\" ease of use. Rosetta USB provides user authentication, digital signatures, and data privacy all in a familiar key-shaped token. With both commercial and government cryptographic algorithms, Rosetta USB supports messaging and authentication requirements at a lower cost of deployment than smart cards or PC cards. Combined with the Rosetta Executive Suite software, Rosetta USB seamlessly plugs into e-mail, browsing, and data security applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/143", "Certificate Number": "143", "Vendor Name": "Algorithmic Research Ltd.", "Module Name": "PrivateWire Client", "Module Type": "Software", "Validation Date": "04/16/2001", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp143.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/143", "detail_available": true, "module_name": "PrivateWire Client", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "PrivateWire is a software product that enables secure communication between organizations and private users." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/142", "Certificate Number": "142", "Vendor Name": "Algorithmic Research Ltd.", "Module Name": "PrivateWire Security Gateway", "Module Type": "Software", "Validation Date": "04/16/200107/15/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp142.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/142", "detail_available": true, "module_name": "PrivateWire Security Gateway", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "PrivateWire is a software product that enables secure communication between organizations and private users." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/141", "Certificate Number": "141", "Vendor Name": "V-ONE Corporation, Inc.", "Module Name": "SmartPass FIPS Token", "Module Type": "Software", "Validation Date": "04/02/200109/14/200110/09/200106/18/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp141.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/141", "detail_available": true, "module_name": "SmartPass FIPS Token", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "V-ONE’s SmartPass (client) contains the same software-based cryptographic algorithms (3DES) utilized in all V-ONE products including its SmartGate and SmartGuard family of servers.\" \"Citrix Systems, Inc. makes SmartPass available under a private label licensing agreement as their Citrix Extranet Client" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/140", "Certificate Number": "140", "Vendor Name": "Ensuredmail, Inc.", "Module Name": "Ensuredmail, v1.0", "Module Type": "Software", "Validation Date": "03/29/200105/20/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp140.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/140", "detail_available": true, "module_name": "Ensuredmail, v1.0", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "The KEK is limited to keys derived from a hash of a six-character password.", "module_type": "Software", "embodiment": "Multi-chip embedded", "description": "Turnkey, enterprise software that enables two-way secure e-mail communication, even with attachments, without requiring the recipients to install any software." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/139", "Certificate Number": "139", "Vendor Name": "SafeNet, Inc.", "Module Name": "Cylink Frame Encryptor II", "Module Type": "Hardware", "Validation Date": "03/14/200105/09/200107/18/200212/04/200310/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp139.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/139", "detail_available": true, "module_name": "Cylink Frame Encryptor II", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cylink Frame Encryptors secure sensitive data transmitted over high-speed, Frame Relay communication links." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/138", "Certificate Number": "138", "Vendor Name": "Novell, Inc.", "Module Name": "Novell International Cryptographic Infrastructure (NICI)Controlled Cryptographic Service (CCS) Client, v2.0", "Module Type": "Software", "Validation Date": "03/14/200101/31/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp138.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/138", "detail_available": true, "module_name": "Novell International Cryptographic Infrastructure (NICI) Controlled Cryptographic Service (CCS) Client, v2.0", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "For services provided by the listed FIPS-Approved algorithms", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "NICI is Novell's software-based cryptographic infrastructure for Novell products.", "algorithms": [ "DES", "HMAC", "RSA", "SHA", "TLS" ] }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/137", "Certificate Number": "137", "Vendor Name": "Research In Motion Ltd.", "Module Name": "BlackBerry 850/857and BlackBerry 950/957Cryptographic Kernel", "Module Type": "Firmware", "Validation Date": "03/01/200106/03/200208/24/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp137.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/137", "detail_available": true, "module_name": "BlackBerry 850/857 and BlackBerry 950/957 Cryptographic Kernel", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "The BlackBerry crypto firmware v2.1, common to both the BlackBerry 850/857 and the BlackBerry 950/957, securely compresses and encrypts messages with Triple-DES. Following this procedure, the ciphertext is transmitted over the Internet to the recipient mail server. Upon receiving the message, the mail server decrypts and decompresses the ciphertext back to the original plaintext. The BlackBerry crypto firmware is messaging-system independent." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/136", "Certificate Number": "136", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "NetFortress® 10 / MAIP", "Module Type": "Hardware", "Validation Date": "01/18/200103/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp136.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/136", "detail_available": true, "module_name": "NetFortress® 10 / MAIP", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When factory configured in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The NetFortress® 10 / MAIP is a tamper-resistant network communications security solution that establishes private communications between corporate divisions, branch offices, and mobile users. It integrates seamlessly and economically into any LAN and WAN environment for optimum flexibility and scalability. NetFortress 10’s security feature set includes encryption, data integrity checking, authentication, access control, data compression and firewall capabilities. It is compliant with IPSec." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/135", "Certificate Number": "135", "Vendor Name": "Neopost Technologies", "Module Name": "IJ25 Secure Metering Module (SMM)", "Module Type": "Hardware", "Validation Date": "01/18/200110/03/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp135.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/135", "detail_available": true, "module_name": "IJ25 Secure Metering Module (SMM)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The module provides services to a tabletop mailing system designed primarily for the small office/home office environment. Features include manually inserted/removed mail; indicium printed at maximum of 1200 envelopes per hour; internal modem for remote re-crediting; scale interface; Memory Card interface to load slogans, scale rates and class indication; capacity for 10 slogans or advert images; ink jet technology." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/134", "Certificate Number": "134", "Vendor Name": "PSI Systems, Inc.", "Module Name": "Postal Cryptographic Coprocessor", "Module Type": "Hardware", "Validation Date": "01/18/2001", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp134.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/134", "detail_available": true, "module_name": "Postal Cryptographic Coprocessor", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "This module provides the services to support high-speed, secure micro-transactions, including the production and verification of United States Postal Service Information-Based Indicia." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/133", "Certificate Number": "133", "Vendor Name": "Neopost Technologies", "Module Name": "N18D Postage Meter", "Module Type": "Hardware", "Validation Date": "01/16/200110/03/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp133.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/133", "detail_available": true, "module_name": "N18D Postage Meter", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The N18D module is a postage meter supporting accounting and cryptographic functions for secure electronic transactions. Associated to a document transport system and an inkjet print-head, the module is capable of producing up to 180 envelopes per minute." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/132", "Certificate Number": "132", "Vendor Name": "Neopost Online, Inc.", "Module Name": "Secure Metering Device / Series II (SMD-II)", "Module Type": "Hardware", "Validation Date": "01/16/2001", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp132.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/132", "detail_available": true, "module_name": "Secure Metering Device / Series II (SMD-II)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Secure Metering Device / Series 2 (SMD-II) is an electronic device developed by Neopost Online that securely loads, stores, and dispenses revenue. The SMD-II is designed to meet the applicable USPS IBIP specifications for postage meters. The SMD-II attaches to and communicates with the host computer via a serial interface. The revenue is dispensed from the SMD-II to the host computer in the form of a digitally signed indicium, a unique bit pattern that can be determined to have originated from a particular SMD-II at a particular point in time." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/131", "Certificate Number": "131", "Vendor Name": "SafeNet, Inc.", "Module Name": "Cylink Link Encryptor NRZ E1-120ohms and Link Encryptor NRZ T1", "Module Type": "Hardware", "Validation Date": "01/10/200109/14/200105/15/200207/18/200212/04/200310/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp131.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/131", "detail_available": true, "module_name": "Cylink Link Encryptor NRZ E1-120ohms and Link Encryptor NRZ T1", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cylink Link Encryptors secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 2 Mbps over public and private data networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/130", "Certificate Number": "130", "Vendor Name": "Entrust, Inc.", "Module Name": "Entrust Cryptographic Kernel, v5.1", "Module Type": "Software", "Validation Date": "12/20/200007/18/200205/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp130.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/130", "detail_available": true, "module_name": "Entrust Cryptographic Kernel, v5.1", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This module is used in the Entrust® family of products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/129", "Certificate Number": "129", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield SCSI Ultrasignand nShield SCSICryptographic Accelerators", "Module Type": "Hardware", "Validation Date": "12/20/200009/14/200103/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp129.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/129", "detail_available": true, "module_name": "nShield SCSI Ultrasign and nShield SCSI Cryptographic Accelerators", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nShield range of tamper resistent Hardware Security Modules improves the security of cryptographic keys and increases server throughput for digital signature and encryption applications. Supporting many commercial public key infrastructure (PKI) products such as certificate authorities and on-line validation servers, the nShield family of HSMs is also used for building custom security applications requiring secure and flexible key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/128", "Certificate Number": "128", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield 300, nShield 150and nShield 75Cryptographic Accelerators", "Module Type": "Hardware", "Validation Date": "12/20/200009/14/200103/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp128.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/128", "detail_available": true, "module_name": "nShield 300, nShield 150 and nShield 75 Cryptographic Accelerators", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nShield range of tamper resistent Hardware Security Modules improves the security of cryptographic keys and increases server throughput for digital signature and encryption applications. Supporting many commercial public key infrastructure (PKI) products such as certificate authorities and on-line validation servers, the nShield family of HSMs is also used for building custom security applications requiring secure and flexible key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/127", "Certificate Number": "127", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nForce SCSI 400and nForce SCSI 150Cryptographic Accelerators", "Module Type": "Hardware", "Validation Date": "12/20/200009/14/200103/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp127.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/127", "detail_available": true, "module_name": "nForce SCSI 400 and nForce SCSI 150 Cryptographic Accelerators", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nForce family of secure e-commerce accelerators improves data security and increases server transaction throughput in applications using the Secure Socket Layer (SSL) protocol such as secure web servers, or application servers that process secure transactions. nForce provides hardware key storage in addition to off-loading the SSL cryptographic processing from the host CPU." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/126", "Certificate Number": "126", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nForce 300, nForce 150and nForce 75Cryptographic Accelerators", "Module Type": "Hardware", "Validation Date": "12/20/200009/14/200103/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp126.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/126", "detail_available": true, "module_name": "nForce 300, nForce 150 and nForce 75 Cryptographic Accelerators", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nForce family of secure e-commerce accelerators improves data security and increases server transaction throughput in applications using the Secure Socket Layer (SSL) protocol such as secure web servers, or application servers that process secure transactions. nForce provides hardware key storage in addition to off-loading the SSL cryptographic processing from the host CPU." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/125", "Certificate Number": "125", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nForce 300, nForce 150and nForce 75Cryptographic Accelerators", "Module Type": "Hardware", "Validation Date": "12/20/200003/01/200103/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp125.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/125", "detail_available": true, "module_name": "nForce 300, nForce 150 and nForce 75 Cryptographic Accelerators", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The nCipher nFast/nForce/nShield range of hardware cryptographic accelerators increases server throughput in data security and electronic commerce applications such as: secure Web sites, financial transactions over the Internet, authenticated access to intranets and extranets, certification authorities and digital signatures, secure messaging including X.400/EDI." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/124", "Certificate Number": "124", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Datacryptor® 2000 (DC2K) X.25 / IP / ATM", "Module Type": "Hardware", "Validation Date": "12/07/200001/08/200305/19/200310/13/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp124.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/124", "detail_available": true, "module_name": "Datacryptor® 2000 (DC2K) X.25 / IP / ATM", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When key zeroization is enabled", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Datacryptor 2000 is a stand-alone multi-chip cryptographic module that secures communications using signed Diffie-Hellman key exchange and Triple-DES encryption. The unit also provides integrated secure unit management capability employing the same techniques used for traffic encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/123", "Certificate Number": "123", "Vendor Name": "AEP Networks", "Module Name": "Advanced Configurable Crypto Environment - Security Processor (ACCE SP and ACCE SP2)", "Module Type": "Hardware", "Validation Date": "12/07/200011/05/200111/09/200112/04/200107/22/200210/04/200204/21/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp123.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/123", "detail_available": true, "module_name": "Advanced Configurable Crypto Environment - Security Processor (ACCE SP and ACCE SP2)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 4, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The ACCE SP & SP2 provide highly-secure cryptographic services and key storage. They are used in a range of AEP Networks and OEM products along with an application (the single user of the module) to provide custom functionality. Example uses are the Europay NSP (ACCE SP) and Europay ESP (ACCE SP2) which were developed for Europay, a major European financial institution." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/122", "Certificate Number": "122", "Vendor Name": "IBM® Corporation", "Module Name": "IBM 4758-013 PCI Cryptographic Coprocessor with CP/Q++\n(Layer 2)", "Module Type": "Hardware", "Validation Date": "11/15/2000", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp122.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/122", "detail_available": true, "module_name": "IBM 4758-013 PCI Cryptographic Coprocessor with CP/Q++ (Layer 2)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When configured for DSS Authentication and using the listed FIPS-Approved algorithms", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The 4758 secure coprocessor is a state-of-the-art, tamper-sensing and responding, programmable PCI card. Its specialized cryptographic electronics, along with a microprocessor, memory, and random number generator are housed within a tamper-responding environment to provide a highly secure subsystem in which data processing and cryptography can be performed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/121", "Certificate Number": "121", "Vendor Name": "IBM® Corporation", "Module Name": "IBM 4758-001 PCI Cryptographic Coprocessor with CP/Q++\n(Layer 2)", "Module Type": "Hardware", "Validation Date": "11/15/2000", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp121.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/121", "detail_available": true, "module_name": "IBM 4758-001 PCI Cryptographic Coprocessor with CP/Q++ (Layer 2)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When configured for DSS Authentication and using the listed FIPS-Approved algorithms", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The 4758 secure coprocessor is a state-of-the-art, tamper-sensing and responding, programmable PCI card. Its specialized cryptographic electronics, along with a microprocessor, memory, and random number generator are housed within a tamper-responding environment to provide a highly secure subsystem in which data processing and cryptography can be performed." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/120", "Certificate Number": "120", "Vendor Name": "Alcatel", "Module Name": "TimeStep PERMIT/Gate™ 7520 series 20 and 30 / Alcatel 7137", "Module Type": "Hardware", "Validation Date": "10/12/2000", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp120.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/120", "detail_available": true, "module_name": "TimeStep PERMIT/Gate™ 7520 series 20 and 30 / Alcatel 7137", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS-compliant \"Secure\" and \"Minimum\" modes", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The TimeStep PERMIT/Gate™ line of products (also referred to as the Alcatel Secure VPN Gateway) is a network appliance that provides IPSec compliant VPN services. It is a tamper-resistant gateway that secures data communications for Intranets, Extranets, and Internet remote access." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/119", "Certificate Number": "119", "Vendor Name": "Alcatel", "Module Name": "TimeStep PERMIT/Gate™ 1520 series 50 / Alcatel 7132;TimeStep PERMIT/Gate™ 2520 series 40 and 50 / Alcatel 7133;TimeStep PERMIT/Gate™ 4520 series 40 and 50; andTimeStep PERMIT/Gate™ 4620 series 40 and 50 / Alcatel 7134", "Module Type": "Hardware", "Validation Date": "10/12/2000", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp119.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/119", "detail_available": true, "module_name": "TimeStep PERMIT/Gate™ 1520 series 50 / Alcatel 7132; TimeStep PERMIT/Gate™ 2520 series 40 and 50 / Alcatel 7133; TimeStep PERMIT/Gate™ 4520 series 40 and 50; and TimeStep PERMIT/Gate™ 4620 series 40 and 50 / Alcatel 7134", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS-compliant \"Secure\" and \"Minimum\" modes", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The TimeStep PERMIT/Gate™ line of products (also referred to as the Alcatel Secure VPN Gateway) is a network appliance that provides IPSec compliant VPN services. It is a tamper-resistant gateway that secures data communications for Intranets, Extranets, and Internet remote access." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/118", "Certificate Number": "118", "Vendor Name": "IBM® Corporation", "Module Name": "IBM eServer zSeries 900 CMOS Cryptographic Coprocessor", "Module Type": "Hardware", "Validation Date": "09/26/2000", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp118.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/118", "detail_available": true, "module_name": "IBM eServer zSeries 900 CMOS Cryptographic Coprocessor", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 4, "caveat": "When configured for External Key Entry", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Technology remap encryption module for the IBM eServer zSeries 900 system that provides improved throughput performance over the previous part numbers of the IBM S/390 CMOS Cryptographic Coprocessor (FIPS 140-1 cert. #40)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/117", "Certificate Number": "117", "Vendor Name": "IBM® Corporation", "Module Name": "IBM 4758-023 PCI Cryptographic Coprocessor\n(Miniboot Layers 0 and 1)", "Module Type": "Hardware", "Validation Date": "09/18/200008/08/200209/23/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp117.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/117", "detail_available": true, "module_name": "IBM 4758-023 PCI Cryptographic Coprocessor (Miniboot Layers 0 and 1)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When configured for DSS Authentication", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The 4758 is a tamper-responding, programmable, cryptographic PCI card, containing CPU, encryption hardware, RAM, EEPROM, hardware random number generator, time of day clock, firmware, and software. The Coprocessor is available for use in typical PC servers and as features in IBM eServer iSeries, pSeries, and zSeries servers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/116", "Certificate Number": "116", "Vendor Name": "IBM® Corporation", "Module Name": "IBM 4758-002 PCI Cryptographic Coprocessor\n(Miniboot Layers 0 and 1)", "Module Type": "Hardware", "Validation Date": "09/18/200008/08/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp116.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/116", "detail_available": true, "module_name": "IBM 4758-002 PCI Cryptographic Coprocessor (Miniboot Layers 0 and 1)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 4, "caveat": "When configured for DSS Authentication", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The 4758 is a tamper-responding, programmable, cryptographic PCI card, containing CPU, encryption hardware, RAM, EEPROM, hardware random number generator, time of day clock, firmware, and software. The Coprocessor is available for use in typical PC servers and as and as features in IBM eServer iSeries, pSeries, and zSeries servers." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/115", "Certificate Number": "115", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Secure Generic Sub-System (SGSS)", "Module Type": "Hardware", "Validation Date": "09/13/200001/08/200305/09/200305/19/200303/21/200504/05/200510/13/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp115.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/115", "detail_available": true, "module_name": "Secure Generic Sub-System (SGSS)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 4, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The Secure Generic Sub-System (SGSS) is a multi-chip embedded module used to provide secure system initialization for a cryptographic device, such as the Datacryptor 2000, WebSentry and HSM products. The module contains a secure bootstrap and authenticates application-loading using the Digital Signature Algorithm (DSA)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/114", "Certificate Number": "114", "Vendor Name": "Technical Communications Corporation", "Module Name": "CipherX 7200", "Module Type": "Hardware", "Validation Date": "09/13/2000", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp114.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/114", "detail_available": true, "module_name": "CipherX 7200", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The CipherX 7200 offers centrally managed end-to-end security that can seamlessly integrate into Internet Protocol (IP) Wide Area Networks (WANs) and Local Area Networks (LANs) providing secure Virtual Private Network (VPN) solutions. The Cipher X 7200 supports encryption, authentication, firewall and secure community capabilities to enable flexible transparent end-to-end network security." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/113", "Certificate Number": "113", "Vendor Name": "SafeNet, Inc.", "Module Name": "Cylink ATM Encryptor", "Module Type": "Hardware", "Validation Date": "09/13/200006/17/200212/04/200310/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp113.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/113", "detail_available": true, "module_name": "Cylink ATM Encryptor", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cylink ATM Encryptors secure sensitive data transmitted over high-speed ATM networks. The system supports full wirespeed encryption at data rates from 1.5Mbps to 622 Mbps over public and private networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/112", "Certificate Number": "112", "Vendor Name": "AEP Networks", "Module Name": "Advanced Configurable Crypto Environment (ACCE)", "Module Type": "Hardware", "Validation Date": "09/08/200007/18/200107/22/200210/04/200204/21/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp112.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/112", "detail_available": true, "module_name": "Advanced Configurable Crypto Environment (ACCE)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 4, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The ACCE provides highly-secure cryptographic services and key storage. It is used in a range of AEP Networks and OEM products including the SureWare Keyper family. There are two versions available: Version 1.3G1 will power-down and zeroize the SMK if the module's temperature exceeds the specified operational temperature range. Version 1.3G2 will power-down and zeroize the SMK when the specified operational temperature is exceeded, and zeroize the IMK when the storage temperature is exceeded." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/111", "Certificate Number": "111", "Vendor Name": "Dallas Semiconductor, Inc.", "Module Name": "DS1955B Java™-powered Cryptographic iButton™", "Module Type": "Hardware", "Validation Date": "08/30/2000", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp111.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/111", "detail_available": true, "module_name": "DS1955B Java™-powered Cryptographic iButton™", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When using vendor-configured with the FIPS 140-1 Applet", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Dallas Semiconductor 1955 Java-Powered Cryptographic iButton, when operated in FIPS mode, provides SHA-1 hashing, identity-based challenge-response authentication, statistical random number generator tests, and a SHA-1 known answer test. When not operated in FIPS mode, the device provides more cryptographic services such as a high-speed math accelerator for 1024-bit public key cryptography. The module's single silicon chip is encased in a stainless steel button which is rugged enough to withstand harsh outdoor environments." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/110", "Certificate Number": "110", "Vendor Name": "Microsoft Corporation", "Module Name": "Outlook Cryptographic Provider (EXCHCSP)", "Module Type": "Software", "Validation Date": "08/15/200010/15/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp110.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/110", "detail_available": true, "module_name": "Outlook Cryptographic Provider (EXCHCSP)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The Microsoft Outlook Cryptographic Provider (EXCHCSP) is a FIPS 140-1 Level 1 compliant general-purpose software-based cryptographic module. EXCHCSP encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. It can be dynamically linked into applications by software developers to permit the use of general-purpose FIPS 140-1 Level 1 compliant cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/109", "Certificate Number": "109", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Secure Integrated VPN", "Module Type": "Hardware", "Validation Date": "08/01/200001/10/200305/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp109.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/109", "detail_available": true, "module_name": "Secure Integrated VPN", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When configured in a FIPS mode of operation", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 3640, 7140, and 7206 Secure Integrated VPNs are routers that provide data protection on a network providing packet encryption. The modules perform all of the functions of a typical router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules, providing a secure connection at the packet level." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/108", "Certificate Number": "108", "Vendor Name": "L-3 Communication Systems", "Module Name": "Privatel™ Model 960v", "Module Type": "Hardware", "Validation Date": "08/01/200009/18/200004/21/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp108.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/108", "detail_available": true, "module_name": "Privatel™ Model 960v", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Privatel™ Model 960v provides security for voice telephony applications. The Privatel™ product is an applique to an existing office telephone that provides voice coding, traffic encryption, key management, and modem functions. The module uses the strongest commercially-available cryptography, which provides end-to-end secure communications that protect telephone conversations from eavesdropping and unauthorized monitoring and recording, displaying a unique Key Fingerprint during every secure session." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/107", "Certificate Number": "107", "Vendor Name": "SafeNet, Inc.", "Module Name": "Cylink Frame Encryptor CFE-H and Frame Encryptor CFE-L", "Module Type": "Hardware", "Validation Date": "07/31/200003/12/200107/18/200212/04/200310/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp107.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/107", "detail_available": true, "module_name": "Cylink Frame Encryptor CFE-H and Frame Encryptor CFE-L", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cylink Frame Encryptors secure sensitive data transmitted over high-speed, Frame Relay communication links." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/106", "Certificate Number": "106", "Vendor Name": "Microsoft Corporation", "Module Name": "Kernel Mode Cryptographic Module (FIPS.SYS)", "Module Type": "Software", "Validation Date": "07/31/200010/15/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp106.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/106", "detail_available": true, "module_name": "Kernel Mode Cryptographic Module (FIPS.SYS)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Microsoft's Kernel Mode Cryptographic Module (FIPS.SYS) is a general-purpose, software-based cryptographic module residing at the Kernel Mode level of the Windows Operating System. It runs as a kernel mode export driver (kernel-mode DLL) and encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible by other kernel mode drivers. It can be linked into other kernel mode services to permit the use of FIPS 140-1 Level 1 compliant cryptography." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/105", "Certificate Number": "105", "Vendor Name": "SafeNet, Inc.", "Module Name": "Cylink Link Encryptor NRZ E1-75ohms and Link Encryptor RS-232", "Module Type": "Hardware", "Validation Date": "07/31/200009/14/200105/15/200207/18/200212/04/200310/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp105.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/105", "detail_available": true, "module_name": "Cylink Link Encryptor NRZ E1-75ohms and Link Encryptor RS-232", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cylink Link Encryptors secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 2 Mbps over public and private data networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/104", "Certificate Number": "104", "Vendor Name": "SafeNet, Inc.", "Module Name": "Cylink Link Encryptor NRZ-H and Link Encryptor NRZ-L", "Module Type": "Hardware", "Validation Date": "07/31/200009/14/200105/15/200207/18/200212/04/200310/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp104.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/104", "detail_available": true, "module_name": "Cylink Link Encryptor NRZ-H and Link Encryptor NRZ-L", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cylink Link Encryptors secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 2 Mbps over public and private data networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/103", "Certificate Number": "103", "Vendor Name": "Microsoft Corporation", "Module Name": "Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider", "Module Type": "Software", "Validation Date": "07/10/200012/14/200107/31/200210/15/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp103.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/103", "detail_available": true, "module_name": "Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "For services provided by the listed FIPS-Approved algorithms", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "These are general-purpose software-based cryptomodules. They provide services that enable application developers to utilize several different cryptographic algorithms and functions via the Microsoft CryptoAPI without knowing the underlying implementation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/102", "Certificate Number": "102", "Vendor Name": "Cryptek, Inc.", "Module Name": "DiamondNIC and DiamondLINK", "Module Type": "Hardware", "Validation Date": "07/10/200011/20/200002/15/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp102.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/102", "detail_available": true, "module_name": "DiamondNIC and DiamondLINK", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "DiamondNIC and DiamondLINK provide a cost-effective and flexible end-to-end network security solution for the LAN, WAN, or Internet. They not only provide a high level of trust and data separation through the established end-to-end session, they additionally provide added levels of security by bringing firewall filtering functionality to the desktop. These modules provide strong I&A and user selectable/dynamically downloaded security policies to the desktop." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/101", "Certificate Number": "101", "Vendor Name": "Dallas Semiconductor, Inc.", "Module Name": "DS1954B-007 Cryptographic iButton™", "Module Type": "Hardware", "Validation Date": "06/22/2000", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp101.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/101", "detail_available": true, "module_name": "DS1954B-007 Cryptographic iButton™", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When using vendor-initialized SHA-1 in transaction group 1", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Inside the steel perimeter, the secure accounting and cryptographic services are performed to meet the requirements of the United States Postal Service Information Based Indicia Program. See Cert. #41." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/100", "Certificate Number": "100", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "NetFortress® 10", "Module Type": "Hardware", "Validation Date": "06/22/200003/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp100.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/100", "detail_available": true, "module_name": "NetFortress® 10", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When factory configured in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The NetFortress® 10 is a tamper-resistant network communications security solution that establishes private communications between corporate divisions, branch offices, and mobile users. It integrates seamlessly and economically into any LAN and WAN environment for optimum flexibility and scalability. NetFortress 10’s security feature set includes encryption, data integrity checking, authentication, access control, data compression and firewall capabilities. It is compliant with IPSec." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/99", "Certificate Number": "99", "Vendor Name": "Cisco Systems, Inc.", "Module Name": "Cisco Secure Integrated VPN", "Module Type": "Hardware", "Validation Date": "06/13/200006/22/200001/10/200305/24/200505/28/201002/23/2012", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp99.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/99", "detail_available": true, "module_name": "Cisco Secure Integrated VPN", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When configured in a FIPS mode of operation", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Cisco 2621 Modular Access Router supports the full IOS feature set including advanced security features such as Virtual Private Network (VPN) Access and integrated Firewall protection. The Cisco 2621 supports multiple encrypted tunnels using Cisco IOS IPSec and DES/3DES encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/98", "Certificate Number": "98", "Vendor Name": "Nortel Networks", "Module Name": "Contivity Extranet Switch", "Module Type": "Hardware", "Validation Date": "05/23/200009/20/200112/06/2001", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp98.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/98", "detail_available": true, "module_name": "Contivity Extranet Switch", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in the 'FIPS-enabled' mode using FIPS-Approved algorithms", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Contivity 4500 Extranet Switch provides up to 5000 branch office or end user IPSEC tunnels with a flexible easy to manage and cost effective package. 5 PCI expansion slots, dual 10/100 LAN ports, dual redundant power supplies and storage, unlimited IPSEC client licenses." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/97", "Certificate Number": "97", "Vendor Name": "Stamps.com", "Module Name": "Postage Server Cryptomodule", "Module Type": "Hardware", "Validation Date": "05/18/2000", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp97.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/97", "detail_available": true, "module_name": "Postage Server Cryptomodule", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The module provides the services to support high-speed, highly secure E-commerce transactions, including the production and verification of United States Postal Service Information-Based Indicia." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/96", "Certificate Number": "96", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "ClickStamp™ Online Client Cryptographic Module (CCM)", "Module Type": "Software", "Validation Date": "05/18/2000", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp96.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/96", "detail_available": true, "module_name": "ClickStamp™ Online Client Cryptographic Module (CCM)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The module provides security services to support the secure accounting and cryptographic functions necessary for value evidencing of electronic transactions, such as the United States Postal Service Information-Based Indicium Program (USPS IBIP)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/95", "Certificate Number": "95", "Vendor Name": "SPYRUS, Inc.", "Module Name": "Rosetta Smart Card", "Module Type": "Hardware", "Validation Date": "05/08/200001/01/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp95.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/95", "detail_available": true, "module_name": "Rosetta Smart Card", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "For services provided by the listed FIPS-Approved algorithms", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The SPYRUS Rosetta Smart Card is an ISO 7816 compliant public key smart card based upon the SPYCOS card operating system." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/94", "Certificate Number": "94", "Vendor Name": "SafeNet, Inc.", "Module Name": "SignaSURE Model 330 Smart Card", "Module Type": "Hardware", "Validation Date": "05/08/200002/22/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp94.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/94", "detail_available": true, "module_name": "SignaSURE Model 330 Smart Card", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When using the 'FIPS-mode Configuration File'", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The SignaSURE Model 330 Smart Card is a complete public key cryptographic module that is ISO 7816 compliant. This module supports PKI with a highly efficient cryptographic co-processor and the DKCCOS v2.0 smart card OS. The OS is extensible and allows new algorithms to be added." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/93", "Certificate Number": "93", "Vendor Name": "Entrust, Inc.", "Module Name": "Entrust Cryptographic Kernel, v5.0 and v5.0a", "Module Type": "Software", "Validation Date": "04/20/200007/18/200205/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp93.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/93", "detail_available": true, "module_name": "Entrust Cryptographic Kernel, v5.0 and v5.0a", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This module is used in the Entrust® family of products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/92", "Certificate Number": "92", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet CGX (Crypto Graphic eXtensions) Library", "Module Type": "Software", "Validation Date": "04/07/200011/20/200007/02/200210/19/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp92.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/92", "detail_available": true, "module_name": "SafeNet CGX (Crypto Graphic eXtensions) Library", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "For services provided by the FIPS-Approved algorithms listed [in the description column]", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The SafeNet CGX (Crypto Graphic eXtensions) cryptographic module is used in the SafeNet product line including S/Speed, S/Smart, S/Soft, PCI Card as well as the ADSP 2141 Safenet/DSP." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/91", "Certificate Number": "91", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet CGX (Crypto Graphic eXtensions) Library", "Module Type": "Software", "Validation Date": "04/07/200011/20/200007/02/200210/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp91.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/91", "detail_available": true, "module_name": "SafeNet CGX (Crypto Graphic eXtensions) Library", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "For services provided by the FIPS-Approved algorithms listed [in the description column]", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The SafeNet CGX (Crypto Graphic eXtensions) cryptographic module is used in the SafeNet product line including S/Speed, S/Smart, S/Soft, PCI Card as well as the ADSP 2141 Safenet/DSP." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/90", "Certificate Number": "90", "Vendor Name": "Oracle Corporation", "Module Name": "Oracle® Advanced Security", "Module Type": "Software", "Validation Date": "03/21/200004/04/200207/07/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp90.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/90", "detail_available": true, "module_name": "Oracle® Advanced Security", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode using the FIPS Approved algorithms [listed in the description column]", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Oracle® Advanced Security is a comprehensive suite of security features for distributed environments. It provides a single source of integration with network encryption, authentication, and single sign-on services, delivers PKI solutions and integrates with LDAP directories. Oracle® Advanced Security is an option available with Oracle8i™ Enterprise Edition." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/89", "Certificate Number": "89", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "BSAFE Crypto-C Toolkit, Version 4.31", "Module Type": "Software", "Validation Date": "03/21/200001/04/200810/16/200809/07/201003/28/201101/24/201302/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp89.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/89", "detail_available": true, "module_name": "BSAFE Crypto-C Toolkit, Version 4.31", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "For services provided by the listed FIPS-Approved algorithms listed [in the description column]", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Cryptographic Toolkit provides cryptographic services to calling applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/88", "Certificate Number": "88", "Vendor Name": "Motorola, Inc.", "Module Name": "Key Management Facility / Radio Network Controller (KMF/RNC) Encryption Module Controller (EMC)", "Module Type": "Hardware", "Validation Date": "02/23/2000", "Status": "Revoked", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp88.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/88", "detail_available": true, "module_name": "Key Management Facility / Radio Network Controller (KMF/RNC) Encryption Module Controller (EMC)", "standard": "FIPS 140-1", "status": "Revoked", "overall_level": 1, "caveat": "When operated in FIPS mode by selection of the DES algorithm", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The RNC 3000 provides data communications between mobile data and host applications in an ASTRO integrated voice and data system. The RNC Encryption Module Controller provides data encryption services for the RNC 3000." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/87", "Certificate Number": "87", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nShield 300, nShield 150and nShield 75Cryptographic Accelerators", "Module Type": "Hardware", "Validation Date": "01/18/200003/01/200103/09/200603/15/2006", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp87.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/87", "detail_available": true, "module_name": "nShield 300, nShield 150 and nShield 75 Cryptographic Accelerators", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/86", "Certificate Number": "86", "Vendor Name": "Motorola, Inc.", "Module Name": "ASTRO-TAC Digital Interface Unit (DIU) Encryption Module Controller (EMC)", "Module Type": "Hardware", "Validation Date": "01/05/2000", "Status": "Revoked", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp86.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/86", "detail_available": true, "module_name": "ASTRO-TAC Digital Interface Unit (DIU) Encryption Module Controller (EMC)", "standard": "FIPS 140-1", "status": "Revoked", "overall_level": 1, "caveat": "When operated in FIPS mode by selection of the DES algorithm", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The ASTRO DIU provides an interface between an analog console and an ASTRO base station or ASTRO-TAC comparator for ASTRO clear and analog two-way radio communications. The DIU EMC is available as an option with ASTRO DIUs to provide encryption capability. The DIU will then support ASTRO encrypted two-way radio communications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/85", "Certificate Number": "85", "Vendor Name": "Entrust, Inc.", "Module Name": "Entrust Cryptographic Kernel, v5.0", "Module Type": "Software", "Validation Date": "01/07/200007/18/200205/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp85.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/85", "detail_available": true, "module_name": "Entrust Cryptographic Kernel, v5.0", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This module is used in the Entrust family of products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/84", "Certificate Number": "84", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "ClickStamp™ Online CCV", "Module Type": "Hardware", "Validation Date": "12/22/199908/21/2001", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp84.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/84", "detail_available": true, "module_name": "ClickStamp™ Online CCV", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The module provides security services to support the secure accounting and cryptographic functions necessary for value evidencing of electronic transactions, such as the United States Postal Service Information-Based Indicium Program (USPS IBIP)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/83", "Certificate Number": "83", "Vendor Name": "SafeNet, Inc.", "Module Name": "Cylink Link Encryptor NRZ E1-75ohms and Link Encryptor RS-232", "Module Type": "Hardware", "Validation Date": "12/22/199912/04/200310/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp83.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/83", "detail_available": true, "module_name": "Cylink Link Encryptor NRZ E1-75ohms and Link Encryptor RS-232", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cylink Link Encryptors secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 2 Mbps over public and private data networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/82", "Certificate Number": "82", "Vendor Name": "Motorola, Inc.", "Module Name": "ASTRO Subscriber Encryption Module", "Module Type": "Hardware", "Validation Date": "12/22/199903/30/200108/17/200110/04/200105/15/200209/10/2002", "Status": "Revoked", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp82.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/82", "detail_available": true, "module_name": "ASTRO Subscriber Encryption Module", "standard": "FIPS 140-1", "status": "Revoked", "overall_level": 1, "caveat": "When operated in FIPS mode by selection of the DES algorithm Universal Crypto Module (UCM), (v3.44)", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Encryption modules used in Motorola Astro™ Saber, Astro™ Spectra, Astro™ Consolette, and XTS3000 radios. Provides secure voice and data capabilities as well as APCO Over-the-Air-Rekeying and advanced key management." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/81", "Certificate Number": "81", "Vendor Name": "IBM® Corporation", "Module Name": "IBM 4758 PCI Cryptographic Coprocessor\n(Miniboot Layers 0 and 1)", "Module Type": "Hardware", "Validation Date": "11/29/1999", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp81.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/81", "detail_available": true, "module_name": "IBM 4758 PCI Cryptographic Coprocessor (Miniboot Layers 0 and 1)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The 4758 is a tamper-responding, programmable, cryptographic PCI card, containing CPU, encryption hardware, RAM, EEPROM, hardware random number generator, time of day clock, firmware, and software." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/80", "Certificate Number": "80", "Vendor Name": "Dallas Semiconductor, Inc.", "Module Name": "DS1954B-006 Cryptographic iButton™", "Module Type": "Hardware", "Validation Date": "11/29/1999", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp80.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/80", "detail_available": true, "module_name": "DS1954B-006 Cryptographic iButton™", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When using vendor-initialized SHA-1 in transaction group 1) (Note: This validation supersedes validation certificate #63", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Inside the steel perimeter, the secure accounting and cryptographic services are performed to meet the requirements of the United States Postal Service Information Based Indicia Program. See Cert. #41." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/79", "Certificate Number": "79", "Vendor Name": "Motorola, Inc.", "Module Name": "KVL 3000", "Module Type": "Hardware", "Validation Date": "11/29/1999", "Status": "Revoked", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp79.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/79", "detail_available": true, "module_name": "KVL 3000", "standard": "FIPS 140-1", "status": "Revoked", "overall_level": 1, "caveat": "When operated in FIPS mode by selection of the DES algorithm", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The KVL3000 Key Variable Loader is a battery-powered portable unit used to create, store, and transfer encryption keys used by Motorola's secure communications products. The KVL3000 supports the following Motorola encryption protocols: SECURENET™, Advanced SECURENET™, ASTRO™, and ASTRO™25 systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/78", "Certificate Number": "78", "Vendor Name": "SPYRUS, Inc.", "Module Name": "LYNKS Privacy Card", "Module Type": "Hardware", "Validation Date": "11/29/1999", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp78.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/78", "detail_available": true, "module_name": "LYNKS Privacy Card", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "For services provided by the listed FIPS-Approved algorithms", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The SPYRUS family of LYNKS Privacy Card tokens provides high performance, high assurance cryptographic processing in a personal, portable PC card form factor. The LYNKS Privacy Card product enables security- critical capabilities such as user authentication, message privacy and integrity, authentication, and secure storage in rugged, tamper-evident hardware." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/77", "Certificate Number": "77", "Vendor Name": "Attachmate Corporation", "Module Name": "CryptoConnect ETS", "Module Type": "Software", "Validation Date": "11/29/1999", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp77.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/77", "detail_available": true, "module_name": "CryptoConnect ETS", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "For services provided by the listed FIPS-Approved algorithms", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "CryptoConnect ETS is an INFOConnect transport system that provides encryption of all data between Attachmate's PEP/UTS client and Unisys 2200/ClearPath/IX Systems." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/76", "Certificate Number": "76", "Vendor Name": "Microsoft Corporation", "Module Name": "Base DSS Cryptographic Provider,\nBase Cryptographic Provider, DSS/Diffie-Hellman Enchanced Cryptographic Provider, and Enhanced Cryptographic Provider", "Module Type": "Software", "Validation Date": "11/09/199910/15/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp76.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/76", "detail_available": true, "module_name": "Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enchanced Cryptographic Provider, and Enhanced Cryptographic Provider", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "For services provided by the listed FIPS-Approved algorithms", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "These are general-purpose software-based cryptomodules. They provide services that enable application developers to utilize several different cryptographic algorithms and functions via the Microsoft CryptoAPI without knowing the underlying implementation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/75", "Certificate Number": "75", "Vendor Name": "Microsoft Corporation", "Module Name": "Base DSS Cryptographic Provider,\nBase Cryptographic Provider, DSS/Diffie-Hellman Enchanced Cryptographic Provider, and Enhanced Cryptographic Provider", "Module Type": "Software", "Validation Date": "11/09/199910/15/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp75.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/75", "detail_available": true, "module_name": "Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enchanced Cryptographic Provider, and Enhanced Cryptographic Provider", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "For services provided by the listed FIPS-Approved algorithms", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "These are general-purpose software-based cryptomodules. They provide services that enable application developers to utilize several different cryptographic algorithms and functions via the Microsoft CryptoAPI without knowing the underlying implementation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/74", "Certificate Number": "74", "Vendor Name": "RedCreek Communications", "Module Name": "Personal Ravlin", "Module Type": "Hardware", "Validation Date": "11/04/1999", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp74.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/74", "detail_available": true, "module_name": "Personal Ravlin", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "For services provided by the listed FIPS-Approved algorithms", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Personal Ravlin is a cost-effective network security solution. It addresses the needs of individual remote users who access corporations via cable, xDSL, and ISDN modems. It is also an ideal solution for network administrators who seek to establish private communications within a corporate intranet by providing security at the desktop level." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/73", "Certificate Number": "73", "Vendor Name": "SafeNet, Inc.", "Module Name": "Cylink Link Encryptor NRZ-L", "Module Type": "Hardware", "Validation Date": "10/25/199912/04/200310/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp73.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/73", "detail_available": true, "module_name": "Cylink Link Encryptor NRZ-L", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cylink Link Encryptors secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 2 Mbps over public and private data networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/72", "Certificate Number": "72", "Vendor Name": "SafeNet, Inc.", "Module Name": "Cylink Link Encryptor NRZ-H", "Module Type": "Hardware", "Validation Date": "10/25/199912/04/200310/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp72.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/72", "detail_available": true, "module_name": "Cylink Link Encryptor NRZ-H", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cylink Link Encryptors secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 2 Mbps over public and private data networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/71", "Certificate Number": "71", "Vendor Name": "SafeNet, Inc.", "Module Name": "Cylink Frame Encryptor CFE-L", "Module Type": "Hardware", "Validation Date": "09/13/199912/04/200310/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp71.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/71", "detail_available": true, "module_name": "Cylink Frame Encryptor CFE-L", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cylink Frame Encryptors secure sensitive data transmitted over high-speed, Frame Relay communication links." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/70", "Certificate Number": "70", "Vendor Name": "SafeNet, Inc.", "Module Name": "Cylink Frame Encryptor CFE-H", "Module Type": "Hardware", "Validation Date": "09/13/199907/18/200212/04/200310/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp70.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/70", "detail_available": true, "module_name": "Cylink Frame Encryptor CFE-H", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cylink Frame Encryptors secure sensitive data transmitted over high-speed, Frame Relay communication links." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/69", "Certificate Number": "69", "Vendor Name": "Mykotronx, Inc.", "Module Name": "FORTEZZA Crypto Card", "Module Type": "Hardware", "Validation Date": "09/13/1999", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp69.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/69", "detail_available": true, "module_name": "FORTEZZA Crypto Card", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Mykotronx FORTEZZA card is a PC Card hardware token for advanced cryptography and authorization methods. The card incorporates the National Security Agency-certified CAPSTONE RISC-based cryptographic processor." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/68", "Certificate Number": "68", "Vendor Name": "Microsoft Corporation", "Module Name": "Base Cryptographic Provider, Enhanced Cryptographic Provider, Base DSS Cryptographic Provider, and DSS/Diffie-Hellman Enchanced Cryptographic Provider", "Module Type": "Software", "Validation Date": "09/13/199910/15/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp68.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/68", "detail_available": true, "module_name": "Base Cryptographic Provider, Enhanced Cryptographic Provider, Base DSS Cryptographic Provider, and DSS/Diffie-Hellman Enchanced Cryptographic Provider", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "For services provided by the listed FIPS-Approved algorithms and using Triple DES", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "These are general-purpose software-based cryptomodules. They provide services that enable application developers to utilize several different cryptographic algorithms and functions via the Microsoft CryptoAPI without knowing the underlying implementation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/67", "Certificate Number": "67", "Vendor Name": "Admiral Secure Products, Ltd.", "Module Name": "CERTIFAX Fax Encryptor CF3102", "Module Type": "Firmware", "Validation Date": "09/13/199910/24/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp67.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/67", "detail_available": true, "module_name": "CERTIFAX Fax Encryptor CF3102", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode using the listed FIPS-approved algorithms, and Triple DES not valid for FS1000 interoperability", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "CERTIFAX 3000 secures sensitive facsimile communications from inadvertent or intentional disclosure. CERTIFAX ensures faxes get to the intended recipient every time, that the contents are never disclosed to unauthorized parties, that the sender is who it claims to be, and that the message is always kept private and unaltered. CERTIFAX provides two-way authentication using Certicom's Elliptic Curve Cryptography, and strong encryption using Triple DES. CERTIFAX's secure mailbox memory provides storage and retrieval for incoming faxes, and CERTIFAX can support up to 99 secure Virtual Private Fax Networks. The CF3102 also implements a non-FIPS mode for communications with Certicom's Legacy Fax Secret 1000 fax encryptor." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/66", "Certificate Number": "66", "Vendor Name": "Thales e-Security Inc.", "Module Name": "Datacryptor® 2000 (DC2K) Link / Channelized / Frame Relay", "Module Type": "Hardware", "Validation Date": "09/08/199901/08/200305/19/200310/13/2005", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp66.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/66", "detail_available": true, "module_name": "Datacryptor® 2000 (DC2K) Link / Channelized / Frame Relay", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When key zeroization is enabled", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Datacryptor 2000 is a stand-alone multi-chip cryptographic module that secures communications using signed Diffie-Hellman key exchange and Triple-DES encryption. The unit also provides integrated secure unit management capability employing the same techniques used for traffic encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/65", "Certificate Number": "65", "Vendor Name": "RedCreek Communications", "Module Name": "Ravlin 10", "Module Type": "Hardware", "Validation Date": "09/08/1999", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp65.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/65", "detail_available": true, "module_name": "Ravlin 10", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "For services provided by the listed FIPS-Approved algorithms and using Triple DES", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The Ravlin 10/5100 is a network security solution that performs encryption and decryption with a throughput of the theoretical maximum of Ethernet (or wire speed). Network administrators use it to establish private communications within secure intranets (between corporate divisions, workgroups, branch offices, and individuals) or within secure extranets (between customers, suppliers, and strategic partners). This may be done over private or public IP networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/64", "Certificate Number": "64", "Vendor Name": "PGP Corporation", "Module Name": "PGP Cryptographic SDK", "Module Type": "Software", "Validation Date": "08/26/199902/20/200303/07/200807/28/2008", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp64.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/64", "detail_available": true, "module_name": "PGP Cryptographic SDK", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode using the listed FIPS-approved algorithms and using Triple DES", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "The PGP SDK provides all cryptographic and key management functionality for the PGP suite of products, including PGP Desktop Security, PGPnet VPN Client, PGPdisk and the PGP Certificate Server. This is a high-level toolkit for use with C/C++ applications on Windows. It also supports PGP/MIME, TLS, Certificate Server management, LDAP, and Blakely-Shamir Key Splitting, as well as many user interface components for simple integration into other applications. PGP SDK implements only strong cryptography, and the source code is published in book form for peer review." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/63", "Certificate Number": "63", "Vendor Name": "Dallas Semiconductor, Inc.", "Module Name": "DS1954B Cryptographic iButton™", "Module Type": "Hardware", "Validation Date": "08/26/1999", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp63.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/63", "detail_available": true, "module_name": "DS1954B Cryptographic iButton™", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When using vendor-initialized SHA-1 in transaction group 1) (Note: This validation is superseded by validation certificate #80", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Inside the steel perimeter, the secure accounting and cryptographic services are performed to meet the requirements of the United States Postal Service Information Based Indicia Program. See Cert. #41." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/62", "Certificate Number": "62", "Vendor Name": "Francotyp-Postalia GmbH", "Module Name": "Francotyp-Postalia Security Module (FPSM)", "Module Type": "Hardware", "Validation Date": "08/17/1999", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp62.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/62", "detail_available": true, "module_name": "Francotyp-Postalia Security Module (FPSM)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode using using Triple DES", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The FPSM is a multi-chip embedded cryptomodule. The FPSM is embedded in Postage Meters and provides security services to support the secure accounting and cryptographic functions necessary to implement a value evidencing apparatus." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/61", "Certificate Number": "61", "Vendor Name": "Kasten Chase Applied Research, Ltd.", "Module Name": "Palladium Secure Modem / FORTEZZA CryptoCard", "Module Type": "Hardware", "Validation Date": "08/11/1999", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp61.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/61", "detail_available": true, "module_name": "Palladium Secure Modem / FORTEZZA CryptoCard", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/60", "Certificate Number": "60", "Vendor Name": "Microsoft Corporation", "Module Name": "DSS/Diffie-Hellman Enhanced Cryptographic Provider", "Module Type": "Software", "Validation Date": "08/05/199910/15/2007", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp60.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/60", "detail_available": true, "module_name": "DSS/Diffie-Hellman Enhanced Cryptographic Provider", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "For services provided by the listed FIPS-Approved algorithms and using Triple DES", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Microsoft's DSSENH is a general-purpose software-based cryptographic module. It provides services that enable application developers to utilize several different cryptographic algorithms and functions via the Microsoft CryptoAPI without knowing the underlying implementation." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/59", "Certificate Number": "59", "Vendor Name": "Admiral Secure Products, Ltd.", "Module Name": "CERTIFAX Fax Encryptor CF3002 and CF3003", "Module Type": "Firmware", "Validation Date": "08/05/199910/24/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp59.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/59", "detail_available": true, "module_name": "CERTIFAX Fax Encryptor CF3002 and CF3003", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Firmware", "embodiment": "Multi-chip standalone", "description": "CERTIFAX 3000 secures sensitive facsimile communications from inadvertent or intentional disclosure. CERTIFAX ensures faxes get to the intended recipient every time, that the contents are never disclosed to unauthorized parties, that the sender is who it claims to be, and that the message is always kept private and unaltered. CERTIFAX provides two-way authentication using Certicom's Elliptic Curve Cryptography, and strong encryption using Triple DES. CERTIFAX's secure mailbox memory provides storage and retrieval for incoming faxes, and CERTIFAX can support up to 99 secure Virtual Private Fax Networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/58", "Certificate Number": "58", "Vendor Name": "SafeNet, Inc.", "Module Name": "LunaCA³", "Module Type": "Hardware", "Validation Date": "08/05/199909/14/200110/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp58.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/58", "detail_available": true, "module_name": "LunaCA³", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "For services provided by the listed FIPS-Approved algorithms and using Triple DES", "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/57", "Certificate Number": "57", "Vendor Name": "SafeNet, Inc.", "Module Name": "LunaCA", "Module Type": "Hardware", "Validation Date": "08/05/199910/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp57.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/57", "detail_available": true, "module_name": "LunaCA", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "For services provided by the listed FIPS-Approved algorithms and using Triple DES", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "LunaCA is a hardware crypto engine for identification and authentication (I&A) and digital signing; supports encryption/decryption and random number generation. Its target is certification authority systems that require a secure key generation and signing capability. LunCA is a token based on the PCMCIA standard - now known as PC Card." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/56", "Certificate Number": "56", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna2", "Module Type": "Hardware", "Validation Date": "08/08/199909/14/200110/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp56.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/56", "detail_available": true, "module_name": "Luna2", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "For services provided by the listed FIPS-Approved algorithms and using Triple DES", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Luna2 is a hardware crypto engine for identification and authentication (I&A) and digital signing; supports encryption/decryption and random number generation. Its target is certification authority systems that require a secure key generation and signing capability. Luna2 is a token based on the PCMCIA standard - now known as PC Card." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/55", "Certificate Number": "55", "Vendor Name": "Admiral Secure Products, Ltd.", "Module Name": "Elliptic Curve Security Module (CLv)", "Module Type": "Hardware", "Validation Date": "06/21/199910/24/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp55.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/55", "detail_available": true, "module_name": "Elliptic Curve Security Module (CLv)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/54", "Certificate Number": "54", "Vendor Name": "TimeStep Corporation", "Module Name": "PERMIT/Gate 2520™ Cryptographic Module", "Module Type": "Hardware", "Validation Date": "06/15/1999", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp54.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/54", "detail_available": true, "module_name": "PERMIT/Gate 2520™ Cryptographic Module", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "PERMIT/Gate 2520™ is a high-speed VPN component of the PERMIT™ Enterprise product suite. It is a tamper-resistant gateway that secures data communications for Intranets, Extranets, and Internet remote access. The 2520 has 4Mbps throughput." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/53", "Certificate Number": "53", "Vendor Name": "TimeStep Corporation", "Module Name": "PERMIT/Gate 4520™ Cryptographic Module", "Module Type": "Hardware", "Validation Date": "06/15/1999", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp53.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/53", "detail_available": true, "module_name": "PERMIT/Gate 4520™ Cryptographic Module", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "PERMIT/Gate 4520™ is a high-speed VPN component of the PERMIT™ Enterprise product suite. It is a tamper-resistant gateway that secures data communications for Intranets, Extranets, and Internet remote access. The 4520 has 10Mbps throughput. The 4520 is the same as the 2520, except that the 4520 has a faster CPU, running at a higher bus frequency." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/52", "Certificate Number": "52", "Vendor Name": "Admiral Secure Products, Ltd.", "Module Name": "CERTIFAX Fax Encryptor CF3001", "Module Type": "Hardware", "Validation Date": "06/15/199910/24/2002", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp52.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/52", "detail_available": true, "module_name": "CERTIFAX Fax Encryptor CF3001", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "CERTIFAX 3000 secures sensitive facsimile communications from inadvertent or intentional disclosure. CERTIFAX provides two-way authentication using Certicom's Elliptic Curve Cryptography, and strong encryption using Triple DES. CERTIFAX can support up to 99 secure Virtual Private Fax Networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/51", "Certificate Number": "51", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "Clickstamp", "Module Type": "Hardware", "Validation Date": "05/10/1999", "Status": "Revoked", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp51.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/51", "detail_available": true, "module_name": "Clickstamp", "standard": "FIPS 140-1", "status": "Revoked", "overall_level": 3, "caveat": "Validated only for the DES MAC authenticated services: Credit, Put IBIP Data, and Zeroize Keys", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The module provides security services to support the secure accounting and cryptographic functions necessary for value evidencing of electronic transactions, such as the United States Postal Service Information-Based Indicium Program (USPS IBIP)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/50", "Certificate Number": "50", "Vendor Name": "RSA, The Security Division of EMC", "Module Name": "BSAFE Crypto-C Toolkit, Version 4.11", "Module Type": "Software", "Validation Date": "04/29/199901/04/200810/16/200809/07/201003/28/201101/24/201302/12/2016", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp50.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/50", "detail_available": true, "module_name": "BSAFE Crypto-C Toolkit, Version 4.11", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "For services provided by the listed FIPS-Approved algorithms and using Triple DES", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Cryptographic Toolkit provides cryptographic services to calling applications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/49", "Certificate Number": "49", "Vendor Name": "Intel Network Systems, Inc.", "Module Name": "LAN Rover VPN Gateway (LRVG) V6.59", "Module Type": "Hardware", "Validation Date": "04/28/1999", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp49.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/49", "detail_available": true, "module_name": "LAN Rover VPN Gateway (LRVG) V6.59", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The LRVG is a network packet encryption device which incorporates firewall and tunneling functionality compatible with a variety of protocols over Ethernet, V.35, and RS-232." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/48", "Certificate Number": "48", "Vendor Name": "SPYRUS, Inc.", "Module Name": "FORTEZZA Crypto Card", "Module Type": "Hardware", "Validation Date": "04/23/199905/14/200106/18/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp48.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/48", "detail_available": true, "module_name": "FORTEZZA Crypto Card", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "SPYRUS's FORTEZZA is a PC Card that is used to provide cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/47", "Certificate Number": "47", "Vendor Name": "Netscape Communications Corporation", "Module Name": "Netscape Security Module 1.01", "Module Type": "Software", "Validation Date": "03/17/1999", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp47.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/47", "detail_available": true, "module_name": "Netscape Security Module 1.01", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode and when correctly implementing the tamper evident mechanism specified in the security policy.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Security module used in various Netscape products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/46", "Certificate Number": "46", "Vendor Name": "SPYRUS, Inc.", "Module Name": "LYNKS Metering Device (LMD)", "Module Type": "Hardware", "Validation Date": "03/17/1999", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp46.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/46", "detail_available": true, "module_name": "LYNKS Metering Device (LMD)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/45", "Certificate Number": "45", "Vendor Name": "Netscape Communications Corporation", "Module Name": "Netscape Security Module 1.01", "Module Type": "Software", "Validation Date": "03/17/1999", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp45.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/45", "detail_available": true, "module_name": "Netscape Security Module 1.01", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Security module used in various Netscape products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/44", "Certificate Number": "44", "Vendor Name": "M/A Com, Inc.", "Module Name": "Aegis MR-K I and II\nSystem/Scan RadiosVHF range: 136-174 MHzUHF range: 378-500 MHz800 range: 806-870 MHz", "Module Type": "Hardware", "Validation Date": "03/04/199911/16/200112/06/200104/05/200203/07/200303/13/2003", "Status": "Revoked", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp44.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/44", "detail_available": true, "module_name": "Aegis MR-K I and II System/Scan Radios VHF range: 136-174 MHz UHF range: 378-500 MHz 800 range: 806-870 MHz", "standard": "FIPS 140-1", "status": "Revoked", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The M-RK II System/Scan (AEGIS) and M-RK I handheld personal portable two-way FM radio is a high-quality, high performance FM radio. The radio is synthesized and operates in both trunked (EDACS™) and conventional communications systems. The trunked mode allows selection of either a communications group or an individual radio within a system. Both the selected group and the individual radio are secured through AEGIS digital signaling and DES encryption." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/43", "Certificate Number": "43", "Vendor Name": "SafeNet, Inc.", "Module Name": "Turbo Crypto Card (TCC), v09, 14.04", "Module Type": "Hardware", "Validation Date": "02/17/199912/04/200310/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp43.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/43", "detail_available": true, "module_name": "Turbo Crypto Card (TCC), v09, 14.04", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Turbo Crypto Card is used in a variety of Cylink's host encryption products, including the Secure Frame Unit (SFU) and the Secure Domain Unit (SDU)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/42", "Certificate Number": "42", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "Segmented NetFortress™ GVPN-S", "Module Type": "Hardware", "Validation Date": "01/27/199903/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp42.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/42", "detail_available": true, "module_name": "Segmented NetFortress™ GVPN-S", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When factory configured in FIPS mode and using Triple-DES", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "VPN Encryptor." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/41", "Certificate Number": "41", "Vendor Name": "Dallas Semiconductor, Inc.", "Module Name": "DS1954B Cryptographic iButton™", "Module Type": "Hardware", "Validation Date": "01/26/1999", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp41.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/41", "detail_available": true, "module_name": "DS1954B Cryptographic iButton™", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When using vendor-initialized SHA-1 in transaction group 1", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Provides hardware cryptographic services (e.g., secure private key storage, high-speed math accelerator for 1024-bit public key crypto, hashing). Services are provided using a single silicon chip packaged in a 16mm stainless steel case. Can be worn or attached to an object for info at point of use. Can withstand harsh outdoor environments and is durable for everyday wear." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/40", "Certificate Number": "40", "Vendor Name": "IBM® Corporation", "Module Name": "IBM S/390 CMOS Cryptographic Coprocessor", "Module Type": "Hardware", "Validation Date": "01/07/1999", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp40.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/40", "detail_available": true, "module_name": "IBM S/390 CMOS Cryptographic Coprocessor", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 4, "caveat": "When configured for External Key Entry", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Encryption module for S/390 CMOS Enterprise Server family." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/39", "Certificate Number": "39", "Vendor Name": "Chrysalis-ITS, Incorporated", "Module Name": "Luna2", "Module Type": "Hardware", "Validation Date": "12/08/1998", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp39.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/39", "detail_available": true, "module_name": "Luna2", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "For services provided by the listed FIPS-Approved algorithms and using Triple-DES", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Luna2 is a hardware crypto engine for identification and authentication (I&A) and digital signing; supports encryption/decryption and random number generation. Its target is certification authority systems that require a secure key generation and signing capability. Luna2 is a token based on the PCMCIA standard - now known as PC Card." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/38", "Certificate Number": "38", "Vendor Name": "SafeNet, Inc.", "Module Name": "LunaCA", "Module Type": "Hardware", "Validation Date": "12/08/199810/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp38.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/38", "detail_available": true, "module_name": "LunaCA", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "For services provided by the listed FIPS-Approved algorithms and using Triple DES", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "LunaCA is a hardware crypto engine for identification and authentication (I&A) and digital signing; supports encryption/decryption and random number generation. Its target is certification authority systems that require a secure key generation and signing capability. LunCA is a token based on the PCMCIA standard - now known as PC Card." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/37", "Certificate Number": "37", "Vendor Name": "Motorola, Inc.", "Module Name": "KVL 3000", "Module Type": "Hardware", "Validation Date": "11/25/1998", "Status": "Revoked", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp37.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/37", "detail_available": true, "module_name": "KVL 3000", "standard": "FIPS 140-1", "status": "Revoked", "overall_level": 1, "caveat": "When operated in FIPS mode by selection of the DES algorithm", "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/36", "Certificate Number": "36", "Vendor Name": "Litronic, Inc.", "Module Name": "Argus/300 Security Adapter", "Module Type": "Hardware", "Validation Date": "11/25/199805/14/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp36.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/36", "detail_available": true, "module_name": "Argus/300 Security Adapter", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Cryptographic Module and Smart Card Reader." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/35", "Certificate Number": "35", "Vendor Name": "IBM® Corporation", "Module Name": "IBM 4758 PCI Cryptographic Coprocessor\n(Miniboot Layers 0 and 1)", "Module Type": "Hardware", "Validation Date": "11/25/1998", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp35.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/35", "detail_available": true, "module_name": "IBM 4758 PCI Cryptographic Coprocessor (Miniboot Layers 0 and 1)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 4, "caveat": "When configured for DSS Authentication", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "The 4758 is a tamper-responding, programmable, cryptographic PCI card, containing CPU, encryption hardware, RAM, EEPROM, hardware random number generator, time of day clock, firmware, and software." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/34", "Certificate Number": "34", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nFast\nnF75KM 1C, nF150KM 1C, and nF300KM 1C\nCryptographic Accelerators", "Module Type": "Hardware", "Validation Date": "11/18/1998", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp34.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/34", "detail_available": true, "module_name": "nFast nF75KM 1C, nF150KM 1C, and nF300KM 1C Cryptographic Accelerators", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The firmware is used in the nFast series of devices and has been validated on the nFast nF75KM 1C, nF150KM 1C, and nF300KM 1C Cryptographic Accelerators." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/33", "Certificate Number": "33", "Vendor Name": "Fortress™ Technologies, Inc.", "Module Name": "NetFortress™ GVPN", "Module Type": "Hardware", "Validation Date": "11/18/199803/26/201005/17/2013", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp33.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/33", "detail_available": true, "module_name": "NetFortress™ GVPN", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When factory configured in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "VPN Encryptor." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/32", "Certificate Number": "32", "Vendor Name": "Dallas Semiconductor, Inc.", "Module Name": "DS1954B Cryptographic iButton™", "Module Type": "Hardware", "Validation Date": "10/28/1998", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp32.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/32", "detail_available": true, "module_name": "DS1954B Cryptographic iButton™", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When using vendor-initialized SHA-1 in transaction group 1) (Note: This validation has been superseded by validation certificate #41, which meets an Overall Level 3", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Provides hardware cryptographic services (e.g., secure private key storage, high-speed math accelerator for 1024-bit public key crypto, hashing). Services are provided using a single silicon chip packaged in a 16mm stainless steel case. Can be worn or attached to an object for info at point of use. Can withstand harsh outdoor environments and is durable for everyday wear." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/31", "Certificate Number": "31", "Vendor Name": "Neopost Ltd.", "Module Name": "PostagePlus™ Client Communication Module", "Module Type": "Software", "Validation Date": "10/28/1998", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp31.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/31", "detail_available": true, "module_name": "PostagePlus™ Client Communication Module", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This module is part of the PostagePlus™ system that provides security services to support the secure accounting and cryptographic functions required to implement the United States Postal Service's Information-Based Indicia Program." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/30", "Certificate Number": "30", "Vendor Name": "Pitney Bowes, Inc.", "Module Name": "PC Meter Cryptographic Module", "Module Type": "Hardware", "Validation Date": "10/02/1998", "Status": "Revoked", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp30.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/30", "detail_available": true, "module_name": "PC Meter Cryptographic Module", "standard": "FIPS 140-1", "status": "Revoked", "overall_level": 3, "caveat": "Validated only for the DES MAC authenticated services: Credit, Put IBIP Data, and Zeroize Keys", "module_type": "Hardware", "embodiment": "Single-chip", "description": "The module provides security services to support the secure accounting and cryptographic functions necessary for value evidencing of electronic transactions, such as the United States Postal Service Information-Based Indicium Program (USPS IBIP)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/29", "Certificate Number": "29", "Vendor Name": "SafeNet, Inc.", "Module Name": "LunaCA³", "Module Type": "Hardware", "Validation Date": "10/02/199810/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp29.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/29", "detail_available": true, "module_name": "LunaCA³", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "For services provided by the listed FIPS-Approved algorithms and using Triple DES", "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/28", "Certificate Number": "28", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nFast\nnF75CA 00, nF150CA 00, and nF300CA 00 Cryptographic Accelerators", "Module Type": "Hardware", "Validation Date": "09/22/1998", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp28.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/28", "detail_available": true, "module_name": "nFast nF75CA 00, nF150CA 00, and nF300CA 00 Cryptographic Accelerators", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The firmware is used in the nFast series of devices and has been validated on the nFast nF75CA 00, nF150CA 00, and nF300CA 00 Cryptographic Accelerators." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/27", "Certificate Number": "27", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nFast\nnF75CA 1C, nF150CA 1C, and nF300CA 1C\nCryptographic Accelerators", "Module Type": "Hardware", "Validation Date": "09/22/1998", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp27.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/27", "detail_available": true, "module_name": "nFast nF75CA 1C, nF150CA 1C, and nF300CA 1C Cryptographic Accelerators", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The firmware is used in the nFast series of devices and has been validated on the nFast nF75CA 1C, nF150CA 1C, and nF300CA 1C Cryptographic Accelerators.." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/26", "Certificate Number": "26", "Vendor Name": "SafeNet, Inc.", "Module Name": "Cylink Link Encryptor NRZ-L", "Module Type": "Hardware", "Validation Date": "09/11/199812/04/200310/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp26.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/26", "detail_available": true, "module_name": "Cylink Link Encryptor NRZ-L", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cylink Link Encryptors secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 2 Mbps over public and private data networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/25", "Certificate Number": "25", "Vendor Name": "SafeNet, Inc.", "Module Name": "Cylink Link Encryptor NRZ-H", "Module Type": "Hardware", "Validation Date": "09/11/199812/04/200310/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp25.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/25", "detail_available": true, "module_name": "Cylink Link Encryptor NRZ-H", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Cylink Link Encryptors secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 2 Mbps over public and private data networks." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/24", "Certificate Number": "24", "Vendor Name": "V-ONE Corporation, Inc.", "Module Name": "SmartPass Virtual Cryptographic Authentication Token (VCAT)", "Module Type": "Software", "Validation Date": "09/11/199806/18/2003", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp24.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/24", "detail_available": true, "module_name": "SmartPass Virtual Cryptographic Authentication Token (VCAT)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Software", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/23", "Certificate Number": "23", "Vendor Name": "GTE Internetworking", "Module Name": "SafeKeyper™ Signer", "Module Type": "Hardware", "Validation Date": "09/11/1998", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp23.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/23", "detail_available": true, "module_name": "SafeKeyper™ Signer", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When initialized to DSA", "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/22", "Certificate Number": "22", "Vendor Name": "SPYRUS, Inc.", "Module Name": "LYNKS Metering Device (LMD)", "Module Type": "Hardware", "Validation Date": "08/13/1998", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp22.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/22", "detail_available": true, "module_name": "LYNKS Metering Device (LMD)", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/21", "Certificate Number": "21", "Vendor Name": "nCipher Corporation Ltd.", "Module Name": "nFast\nnF75KM 00, nF150KM 00, and nF300KM 00 Cryptographic Accelerators", "Module Type": "Hardware", "Validation Date": "08/13/1998", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp21.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/21", "detail_available": true, "module_name": "nFast nF75KM 00, nF150KM 00, and nF300KM 00 Cryptographic Accelerators", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The firmware is used in the nFast series of devices and has been validated on the nFast nF75KM 00, nF150KM 00, and nF300KM 00 Cryptographic Accelerators." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/20", "Certificate Number": "20", "Vendor Name": "Entrust, Inc.", "Module Name": "Entrust Cryptographic Kernel, v4.0", "Module Type": "Software", "Validation Date": "07/30/199807/18/200205/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp20.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/20", "detail_available": true, "module_name": "Entrust Cryptographic Kernel, v4.0", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This module is used in the Entrust family of products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/19", "Certificate Number": "19", "Vendor Name": "Dallas Semiconductor, Inc.", "Module Name": "DS1954 Cryptographic iButton™", "Module Type": "Hardware", "Validation Date": "06/29/1998", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp19.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/19", "detail_available": true, "module_name": "DS1954 Cryptographic iButton™", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When using vendor-initialized SHA-1 in transaction group 1) (Note: This validation has been superseded by validation certificate #41, which meets an Overall Level 3", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Provides hardware cryptographic services (e.g., secure private key storage, high-speed math accelerator for 1024-bit public key crypto, hashing). Services are provided using a single silicon chip packaged in a 16mm stainless steel case. Can be worn or attached to an object for info at point of use. Can withstand harsh outdoor environments and is durable for everyday wear." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/18", "Certificate Number": "18", "Vendor Name": "Entrust, Inc.", "Module Name": "Entrust Cryptographic Kernel, v3.1", "Module Type": "Software", "Validation Date": "05/11/199807/18/200205/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp18.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/18", "detail_available": true, "module_name": "Entrust Cryptographic Kernel, v3.1", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This module is used in the Entrust family of products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/17", "Certificate Number": "17", "Vendor Name": "GTE Internetworking", "Module Name": "SafeKeyper™ Signer", "Module Type": "Hardware", "Validation Date": "05/11/1998", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp17.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/17", "detail_available": true, "module_name": "SafeKeyper™ Signer", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 3, "caveat": "When initialized to DSA.) (Note: This module has been superseded by Certificate #23", "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/16", "Certificate Number": "16", "Vendor Name": "Transcrypt International", "Module Name": "SC20-DES", "Module Type": "Hardware", "Validation Date": "04/15/1998", "Status": "Revoked", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp16.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/16", "detail_available": true, "module_name": "SC20-DES", "standard": "FIPS 140-1", "status": "Revoked", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Single-chip", "description": "Encryption module for land mobile radios." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/15", "Certificate Number": "15", "Vendor Name": "Motorola, Inc.", "Module Name": "ASTRO XTS 3000 Subscriber Encryption Module", "Module Type": "Hardware", "Validation Date": "01/30/1998", "Status": "Revoked", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp15.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/15", "detail_available": true, "module_name": "ASTRO XTS 3000 Subscriber Encryption Module", "standard": "FIPS 140-1", "status": "Revoked", "overall_level": 1, "caveat": "When operated in FIPS mode by selecting the DES algorithm and setting OTAR to inhibited", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The ASTRO XTS 3000 radio provides portable analog and digital two-radio communications in trunked and conventional radio systems. It is capable of supporting 12.5 kHz digital channels as well as 25 kHz and 30 kHz analog channels. The ASTRO XTS 3000 Subscriber Encryption Module Controller is available as an option for the ASTRO XTS 3000 radios to provide secure communication capabilities." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/14", "Certificate Number": "14", "Vendor Name": "Motorola, Inc.", "Module Name": "ASTRO Subscriber Encryption Module", "Module Type": "Hardware", "Validation Date": "01/30/1998", "Status": "Revoked", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp14.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/14", "detail_available": true, "module_name": "ASTRO Subscriber Encryption Module", "standard": "FIPS 140-1", "status": "Revoked", "overall_level": 1, "caveat": "When operated in FIPS mode by selecting the DES algorithm and setting OTAR to inhibited", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The ASTRO Saber radio provides portable analog and digital two-radio communications in trunked and conventional radio systems. The ASTRO Spectra radio provides analog and digital two-radio communications in trunked and conventional mobile radio systems. They are each capable of supporting 12.5 kHz digital channels as well as 25 kHz and 30 kHz analog channels." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/13", "Certificate Number": "13", "Vendor Name": "Motorola, Inc.", "Module Name": "ASTRO-TAC Digital Interface Unit (DIU) Encryption Module Controller (EMC)", "Module Type": "Hardware", "Validation Date": "01/30/1998", "Status": "Revoked", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp13.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/13", "detail_available": true, "module_name": "ASTRO-TAC Digital Interface Unit (DIU) Encryption Module Controller (EMC)", "standard": "FIPS 140-1", "status": "Revoked", "overall_level": 1, "caveat": "When operated in FIPS mode by selection of the DES algorithm", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The ASTRO DIU provides an interface between an analog console and an ASTRO base station or ASTRO-TAC comparator for ASTRO clear and analog two-way radio communications. The DIU EMC is available as an option with ASTRO DIUs to provide encryption capability. The DIU will then support ASTRO encrypted two-way radio communications." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/12", "Certificate Number": "12", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet/Dial Secure Modem", "Module Type": "Hardware", "Validation Date": "12/08/199710/18/2004", "Status": "Revoked", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp12.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/12", "detail_available": true, "module_name": "SafeNet/Dial Secure Modem", "standard": "FIPS 140-1", "status": "Revoked", "overall_level": 2, "caveat": "When operated in 'user with authentication' mode", "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/11", "Certificate Number": "11", "Vendor Name": "Motorola, Inc.", "Module Name": "Radio Network Controller Encryption Module Controller (RNC EMC)", "Module Type": "Hardware", "Validation Date": "11/12/1997", "Status": "Revoked", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp11.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/11", "detail_available": true, "module_name": "Radio Network Controller Encryption Module Controller (RNC EMC)", "standard": "FIPS 140-1", "status": "Revoked", "overall_level": 1, "caveat": "When operated in FIPS mode by selection of the DES algorithm", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "The RNC 3000 provides data communications between mobile data and host applications in an ASTRO integrated voice and data system. The RNC Encryption Module Controller provides data encryption services for the RNC 3000." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/10", "Certificate Number": "10", "Vendor Name": "SafeNet, Inc.", "Module Name": "Turbo Crypto Card (TCC), v09", "Module Type": "Hardware", "Validation Date": "11/12/199710/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp10.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/10", "detail_available": true, "module_name": "Turbo Crypto Card (TCC), v09", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "Turbo Crypto Card is used in a variety of Cylink's host encryption products, including the Secure Frame Unit (SFU) and the Secure Domain Unit (SDU)." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/9", "Certificate Number": "9", "Vendor Name": "SafeNet, Inc.", "Module Name": "SafeNet/LAN VPN Encryptor", "Module Type": "Hardware", "Validation Date": "11/12/199710/18/2004", "Status": "Revoked", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp9.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/9", "detail_available": true, "module_name": "SafeNet/LAN VPN Encryptor", "standard": "FIPS 140-1", "status": "Revoked", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/8", "Certificate Number": "8", "Vendor Name": "SafeNet, Inc.", "Module Name": "Luna 1 PCMCIA Token", "Module Type": "Hardware", "Validation Date": "10/29/199710/18/2004", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp8.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/8", "detail_available": true, "module_name": "Luna 1 PCMCIA Token", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode for encryption, decryption, and random number generation", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "Chrysalis' Luna 1 is a PC Card that is used to provide generation and storage of symmetric and asymmetric keys, storage of Certificates, and random number generation. It can support up to 15 different users." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/7", "Certificate Number": "7", "Vendor Name": "Netscape Communications Corporation", "Module Name": "Netscape Security Module 1", "Module Type": "Software", "Validation Date": "08/29/1997", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp7.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/7", "detail_available": true, "module_name": "Netscape Security Module 1", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "When operated in FIPS mode for secure e-mail, certificate management, password management and met when correctly implementing the tamper evident mechanism specified in the security policy.", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "Security module used in various Netscape products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/6", "Certificate Number": "6", "Vendor Name": "Mykotronx, Inc.", "Module Name": "Palladium Fortezza Crypto Card", "Module Type": "Hardware", "Validation Date": "06/11/1997", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp6.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/6", "detail_available": true, "module_name": "Palladium Fortezza Crypto Card", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/5", "Certificate Number": "5", "Vendor Name": "SPYRUS, Inc.", "Module Name": "FORTEZZA Crypto Card, v0.2", "Module Type": "Hardware", "Validation Date": "02/07/1997", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp5.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/5", "detail_available": true, "module_name": "FORTEZZA Crypto Card, v0.2", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone", "description": "SPYRUS's FORTEZZA is a PC Card that is used to provide cryptographic services." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4", "Certificate Number": "4", "Vendor Name": "National Semiconductor Corporation", "Module Name": "Fortezza PCMCIA Encryption Module", "Module Type": "Hardware", "Validation Date": "10/24/1996", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4", "detail_available": true, "module_name": "Fortezza PCMCIA Encryption Module", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 2, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip standalone" }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3", "Certificate Number": "3", "Vendor Name": "Entrust, Inc.", "Module Name": "Entrust Cryptographic Kernel, V2.4", "Module Type": "Software", "Validation Date": "09/17/199607/18/200205/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3", "detail_available": true, "module_name": "Entrust Cryptographic Kernel, V2.4", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "When operated in FIPS mode. For use with PCs", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This module is used in the Entrust family of products." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2", "Certificate Number": "2", "Vendor Name": "Motorola, Inc.", "Module Name": "ASTRO Subscriber Encryption Module", "Module Type": "Hardware", "Validation Date": "01/19/1996", "Status": "Revoked", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2", "detail_available": true, "module_name": "ASTRO Subscriber Encryption Module", "standard": "FIPS 140-1", "status": "Revoked", "overall_level": 1, "caveat": "None", "module_type": "Hardware", "embodiment": "Multi-chip embedded", "description": "This module is used in the ASTRO Radio Product Family." }, { "Certificate Number_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1", "Certificate Number": "1", "Vendor Name": "Entrust, Inc.", "Module Name": "Entrust Cryptographic Kernel, V1.9", "Module Type": "Software", "Validation Date": "10/12/199507/18/200205/28/2014", "Status": "Historical", "security_policy_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1.pdf", "certificate_detail_url": "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1", "detail_available": true, "module_name": "Entrust Cryptographic Kernel, V1.9", "standard": "FIPS 140-1", "status": "Historical", "overall_level": 1, "caveat": "For use with PCs", "module_type": "Software", "embodiment": "Multi-chip standalone", "description": "This module is used in the Entrust family of products." } ] }